routerlogin.mobi Open in urlscan Pro
2606:4700:3037::ac43:cd0f Public Scan

Go To Rescan
Add Verdict Report

URL:
https://routerlogin.mobi/
Submission: On February 05 via automatic, source certstream-suspicious (February 5th 2022, 6:51:24 am UTC) — Scanned from DE

Summary HTTP 128 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 46 IPs in 6 countries across 59 domains to perform 128 HTTP transactions. The main IP is 2606:4700:3037::ac43:cd0f, located in United States and belongs to CLOUDFLARENET, US. The main domain is routerlogin.mobi.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 11th 2021. Valid for: a year.

This is the only time routerlogin.mobi was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
30	2606:4700:303... 2606:4700:3037::ac43:cd0f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3031::6815:496e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:2250:e000:2:cb38:840:93a1	16509 (AMAZON-02) (AMAZON-02)
3	94.31.29.32 94.31.29.32	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
9	63.32.247.12 63.32.247.12	16509 (AMAZON-02) (AMAZON-02)
4 5	185.33.221.89 185.33.221.89	29990 (ASN-APPNEX) (ASN-APPNEX)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
1	185.255.84.151 185.255.84.151	200271 (IGUANE-) (IGUANE-)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	151.101.193.108 151.101.193.108	54113 (FASTLY) (FASTLY)
1	2620:1ec:46::45 2620:1ec:46::45	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 17	34.248.122.81 34.248.122.81	16509 (AMAZON-02) (AMAZON-02)
2	67.202.105.21 67.202.105.21	() ()
2	185.86.139.94 185.86.139.94	() ()
2 6	2.21.141.232 2.21.141.232	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	216.52.2.39 216.52.2.39	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
7 7	213.19.147.44 213.19.147.44	3356 (LEVEL3) (LEVEL3)
9 10	35.71.131.137 35.71.131.137	() ()
3 3	213.19.147.45 213.19.147.45	() ()
6	185.86.139.113 185.86.139.113	() ()
1	34.226.144.114 34.226.144.114	() ()
1 1	193.0.160.128 193.0.160.128	() ()
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	147.75.61.140 147.75.61.140	() ()
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
6 8	142.250.181.226 142.250.181.226	() ()
1 2	52.46.154.242 52.46.154.242	() ()
1	72.251.241.206 72.251.241.206	() ()
2 2	35.156.135.60 35.156.135.60	() ()
2 2	135.125.160.77 135.125.160.77	() ()
1	141.226.228.48 141.226.228.48	() ()
1 1	37.252.173.27 37.252.173.27	() ()
3 3	3.121.12.72 3.121.12.72	() ()
2 2	35.210.53.219 35.210.53.219	() ()
3 4	64.202.112.191 64.202.112.191	() ()
2 2	35.244.159.8 35.244.159.8	() ()
1 1	34.237.23.137 34.237.23.137	() ()
1 1	2a05:d018:d29... 2a05:d018:d29:3602:1794:1826:a9e8:a8ca	() ()
1 1	52.203.60.58 52.203.60.58	() ()
1	193.122.128.135 193.122.128.135	() ()
1	38.91.45.7 38.91.45.7	() ()
2 2	64.74.236.63 64.74.236.63	() ()
1 1	104.89.42.102 104.89.42.102	() ()
2 2	54.76.84.232 54.76.84.232	() ()
1 1	198.148.27.139 198.148.27.139	() ()
3 3	185.29.134.244 185.29.134.244	() ()
2 2	151.101.66.49 151.101.66.49	() ()
2	2.18.233.180 2.18.233.180	() ()
1 1	23.37.42.132 23.37.42.132	() ()
2	104.89.20.125 104.89.20.125	() ()
1	18.195.155.181 18.195.155.181	() ()
1 1	202.241.208.57 202.241.208.57	() ()
2 2	185.184.8.65 185.184.8.65	() ()
3 4	37.157.6.251 37.157.6.251	() ()
1 1	185.183.112.148 185.183.112.148	() ()
2 2	52.31.13.93 52.31.13.93	() ()
1	198.47.127.19 198.47.127.19	() ()
2 2	213.155.156.169 213.155.156.169	() ()
8	185.64.189.110 185.64.189.110	() ()
1	178.250.2.151 178.250.2.151	() ()
1 1	85.114.159.93 85.114.159.93	() ()
1	185.64.190.81 185.64.190.81	() ()
1 1	51.222.80.231 51.222.80.231	() ()
1 2	2606:4700:10:... 2606:4700:10::ac43:db6	() ()
1	169.50.137.184 169.50.137.184	() ()
1	69.173.144.139 69.173.144.139	() ()
1	69.173.144.138 69.173.144.138	() ()
128	46

30 2606:4700:3037::ac43:cd0f (United States)

ASN13335 (CLOUDFLARENET, US)

routerlogin.mobi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3031::6815:496e (United States)

ASN13335 (CLOUDFLARENET, US)

go.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gvl.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:e000:2:cb38:840:93a1 (United States)

ASN16509 (AMAZON-02, US)

go.ezoic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 94.31.29.32 (United Kingdom)

ASN33438 (HIGHWINDS2, US)
PTR: 94.31.29.32.IPYX-077437-ZYO.above.net

cdn4.buysellads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

g.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 63.32.247.12 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-247-12.eu-west-1.compute.amazonaws.com

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.33.221.89 (Amsterdam, Netherlands) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.151 (Paris, France)

ASN200271 (IGUANE-, FR)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:46::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

public.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 34.248.122.81 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-122-81.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.202.105.21 (None, )

ASN- ()

pixel.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.94 (None, )

ASN- ()

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.21.141.232 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-232.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.39 (United States) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 213.19.147.44 (United Kingdom) 7 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 35.71.131.137 (None, ) 9 redirects

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (None, ) 3 redirects

ASN- ()

sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.86.139.113 (None, )

ASN- ()

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.226.144.114 (None, )

ASN- ()

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.128 (None, ) 1 redirects

ASN- ()

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.61.140 (None, ) 1 redirects

ASN- ()

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.181.226 (None, ) 6 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.154.242 (None, ) 1 redirects

ASN- ()

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.241.206 (None, )

ASN- ()

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.135.60 (None, ) 2 redirects

ASN- ()

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 135.125.160.77 (None, ) 2 redirects

ASN- ()

gu.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (None, )

ASN- ()

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.173.27 (None, ) 1 redirects

ASN- ()

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.121.12.72 (None, ) 3 redirects

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.53.219 (None, ) 2 redirects

ASN- ()

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.202.112.191 (None, ) 3 redirects

ASN- ()

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (None, ) 2 redirects

ASN- ()

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.237.23.137 (None, ) 1 redirects

ASN- ()

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:1794:1826:a9e8:a8ca (None, ) 1 redirects

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.203.60.58 (None, ) 1 redirects

ASN- ()

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.122.128.135 (None, )

ASN- ()

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.91.45.7 (None, )

ASN- ()

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.74.236.63 (None, ) 2 redirects

ASN- ()

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.89.42.102 (None, ) 1 redirects

ASN- ()

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.84.232 (None, ) 2 redirects

ASN- ()

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.139 (None, ) 1 redirects

ASN- ()

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.134.244 (None, ) 3 redirects

ASN- ()

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.49 (None, ) 2 redirects

ASN- ()

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.180 (None, )

ASN- ()

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.42.132 (None, ) 1 redirects

ASN- ()

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.89.20.125 (None, )

ASN- ()

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.155.181 (None, )

ASN- ()

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.241.208.57 (None, ) 1 redirects

ASN- ()

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.65 (None, ) 2 redirects

ASN- ()

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.6.251 (None, ) 3 redirects

ASN- ()

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.183.112.148 (None, ) 1 redirects

ASN- ()

sync.adotmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.31.13.93 (None, ) 2 redirects

ASN- ()

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (None, )

ASN- ()

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.169 (None, ) 2 redirects

ASN- ()

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.64.189.110 (None, )

ASN- ()

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (None, )

ASN- ()

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (None, ) 1 redirects

ASN- ()

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.81 (None, )

ASN- ()

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.222.80.231 (None, ) 1 redirects

ASN- ()

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:db6 (None, ) 1 redirects

ASN- ()

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.184 (None, )

ASN- ()

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (None, )

ASN- ()

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (None, )

ASN- ()

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	routerlogin.mobi routerlogin.mobi	531 KB
17	gumgum.com 1 redirects g2.gumgum.com — Cisco Umbrella Rank: 1545 rtb.gumgum.com	5 KB
12	pubmatic.com ads.pubmatic.com image6.pubmatic.com image2.pubmatic.com simage2.pubmatic.com image4.pubmatic.com	27 KB
11	doubleclick.net 6 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 cm.g.doubleclick.net	147 KB
10	adsrvr.org 9 redirects match.adsrvr.org	4 KB
10	servenobid.com ads.servenobid.com — Cisco Umbrella Rank: 1823 public.servenobid.com — Cisco Umbrella Rank: 3540	7 KB
8	smartadserver.com ssbsync.smartadserver.com rtb-csync.smartadserver.com	3 KB
7	1rx.io 7 redirects sync.1rx.io — Cisco Umbrella Rank: 528	4 KB
7	adnxs.com 5 redirects ib.adnxs.com — Cisco Umbrella Rank: 241 acdn.adnxs.com — Cisco Umbrella Rank: 565 secure.adnxs.com	22 KB
6	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 520 dsum-sec.casalemedia.com	7 KB
5	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com pixel.rubiconproject.com	11 KB
4	adform.net 3 redirects c1.adform.net	2 KB
4	outbrain.com 3 redirects sync.outbrain.com	1 KB
4	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 1056	2 KB
4	ezodn.com go.ezodn.com — Cisco Umbrella Rank: 9052 g.ezodn.com — Cisco Umbrella Rank: 65356 gvl.ezodn.com — Cisco Umbrella Rank: 103019	241 KB
3	mathtag.com 3 redirects sync.mathtag.com	2 KB
3	bidswitch.net 3 redirects x.bidswitch.net	2 KB
3	yahoo.com 3 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 283 pr-bh.ybp.yahoo.com	2 KB
3	unrulymedia.com 3 redirects sync.targeting.unrulymedia.com	1 KB
3	criteo.com bidder.criteo.com — Cisco Umbrella Rank: 722 gum.criteo.com — Cisco Umbrella Rank: 369 dis.criteo.com	2 KB
3	buysellads.net cdn4.buysellads.net — Cisco Umbrella Rank: 16454	162 KB
2	zeotap.com 1 redirects spl.zeotap.com mwzeom.zeotap.com	900 B
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	bidr.io 2 redirects match.prod.bidr.io	1 KB
2	creativecdn.com 2 redirects creativecdn.com	695 B
2	everesttech.net 2 redirects sync-tm.everesttech.net	623 B
2	360yield.com 2 redirects ad.360yield.com	617 B
2	zemanta.com 2 redirects b1sync.zemanta.com	1 KB
2	openx.net 2 redirects us-u.openx.net	427 B
2	admedo.com 2 redirects pool.admedo.com	718 B
2	dyntrk.com 2 redirects gu.dyntrk.com	850 B
2	w55c.net 2 redirects pm.w55c.net	1 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	1 KB
2	lijit.com 2 redirects ce.lijit.com — Cisco Umbrella Rank: 816	1 KB
2	33across.com pixel.33across.com ssc-cms.33across.com
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 645	57 KB
2	gstatic.com fonts.gstatic.com	32 KB
1	simpli.fi um.simpli.fi	610 B
1	onaudience.com 1 redirects pixel.onaudience.com	398 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	501 B
1	adotmob.com 1 redirects sync.adotmob.com	711 B
1	socdm.com 1 redirects tg.socdm.com	700 B
1	emxdgt.com cs.emxdgt.com
1	contextweb.com 1 redirects bh.contextweb.com	383 B
1	bluekai.com 1 redirects stags.bluekai.com	1 KB
1	deepintent.com match.deepintent.com	44 B
1	technoratimedia.com sync.technoratimedia.com	292 B
1	ipredictive.com 1 redirects sync.ipredictive.com	428 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	616 B
1	taboola.com sync.taboola.com	99 B
1	adgrx.com cm.adgrx.com	408 B
1	a-mo.net 1 redirects prebid.a-mo.net	311 B
1	sonobi.com sync.go.sonobi.com — Cisco Umbrella Rank: 1044	478 B
1	rfihub.com 1 redirects p.rfihub.com	753 B
1	postrelease.com jadserve.postrelease.com	428 B
1	omnitagjs.com hb-api.omnitagjs.com — Cisco Umbrella Rank: 4305	708 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 165	27 KB
1	ezoic.net go.ezoic.net — Cisco Umbrella Rank: 10357	2 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	1 KB
128	59

	Domain	Requested by
30	routerlogin.mobi	routerlogin.mobi
16	rtb.gumgum.com	1 redirects g2.gumgum.com ads.pubmatic.com
10	match.adsrvr.org	9 redirects ssum-sec.casalemedia.com
9	ads.servenobid.com	cdn4.buysellads.net public.servenobid.com ssum-sec.casalemedia.com g2.gumgum.com ssbsync.smartadserver.com
8	cm.g.doubleclick.net	6 redirects ssum-sec.casalemedia.com g2.gumgum.com
7	sync.1rx.io	7 redirects
6	rtb-csync.smartadserver.com	public.servenobid.com g2.gumgum.com ssbsync.smartadserver.com
5	ib.adnxs.com	4 redirects cdn4.buysellads.net
4	simage2.pubmatic.com	ads.pubmatic.com g2.gumgum.com
4	image2.pubmatic.com	ads.pubmatic.com g2.gumgum.com
4	c1.adform.net	3 redirects ads.pubmatic.com
4	sync.outbrain.com	3 redirects g2.gumgum.com
4	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
4	onetag-sys.com	cdn4.buysellads.net public.servenobid.com
3	sync.mathtag.com	3 redirects
3	x.bidswitch.net	3 redirects
3	sync.targeting.unrulymedia.com	3 redirects
3	cdn4.buysellads.net	routerlogin.mobi
3	securepubads.g.doubleclick.net	routerlogin.mobi securepubads.g.doubleclick.net
2	d5p.de17a.com	2 redirects
2	match.prod.bidr.io	2 redirects
2	creativecdn.com	2 redirects
2	eus.rubiconproject.com	g2.gumgum.com eus.rubiconproject.com
2	ads.pubmatic.com	g2.gumgum.com
2	sync-tm.everesttech.net	2 redirects
2	ad.360yield.com	2 redirects
2	b1sync.zemanta.com	2 redirects
2	us-u.openx.net	2 redirects
2	pool.admedo.com	2 redirects
2	gu.dyntrk.com	2 redirects
2	pm.w55c.net	2 redirects
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	ups.analytics.yahoo.com	2 redirects
2	ce.lijit.com	2 redirects
2	ssum-sec.casalemedia.com	1 redirects public.servenobid.com
2	ssbsync.smartadserver.com	public.servenobid.com g2.gumgum.com
2	static.criteo.net	cdn4.buysellads.net static.criteo.net
2	gvl.ezodn.com	g.ezodn.com
2	fonts.gstatic.com	fonts.googleapis.com
1	pixel.rubiconproject.com	g2.gumgum.com
1	token.rubiconproject.com	g2.gumgum.com
1	um.simpli.fi	g2.gumgum.com
1	mwzeom.zeotap.com	g2.gumgum.com
1	spl.zeotap.com	1 redirects
1	pixel.onaudience.com	1 redirects
1	image4.pubmatic.com	g2.gumgum.com
1	dsp.adfarm1.adition.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	image6.pubmatic.com	ads.pubmatic.com
1	sync.adotmob.com	1 redirects
1	tg.socdm.com	1 redirects
1	cs.emxdgt.com	g2.gumgum.com
1	secure-assets.rubiconproject.com	1 redirects
1	ssc-cms.33across.com	g2.gumgum.com
1	bh.contextweb.com	1 redirects
1	stags.bluekai.com	1 redirects
1	match.deepintent.com	g2.gumgum.com
1	sync.technoratimedia.com	g2.gumgum.com
1	sync.ipredictive.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	secure.adnxs.com	1 redirects
1	sync.taboola.com	ssum-sec.casalemedia.com
1	cm.adgrx.com	ssum-sec.casalemedia.com
1	prebid.a-mo.net	1 redirects
1	sync.go.sonobi.com	public.servenobid.com
1	p.rfihub.com	1 redirects
1	jadserve.postrelease.com	public.servenobid.com
1	pixel.33across.com	public.servenobid.com
1	g2.gumgum.com	public.servenobid.com
1	public.servenobid.com	cdn4.buysellads.net
1	acdn.adnxs.com	cdn4.buysellads.net
1	gum.criteo.com	static.criteo.net
1	hb-api.omnitagjs.com	cdn4.buysellads.net
1	bidder.criteo.com	cdn4.buysellads.net
1	www.googletagservices.com	cdn4.buysellads.net
1	g.ezodn.com	routerlogin.mobi
1	go.ezoic.net	routerlogin.mobi
1	fonts.googleapis.com	routerlogin.mobi
1	go.ezodn.com	routerlogin.mobi
128	80

This site contains links to these domains. Also see Links.

Domain
www.ezoic.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.ezoic.net Amazon	`2022-01-16` - `2023-02-14`	a year	crt.sh
*.buysellads.net Sectigo RSA Domain Validation Secure Server CA	`2021-08-03` - `2022-09-03`	a year	crt.sh
ads.servenobid.com Amazon	`2021-06-28` - `2022-07-27`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-04` - `2022-05-03`	3 months	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-24` - `2022-06-23`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
public.servenobid.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-22` - `2022-05-22`	a year	crt.sh
*.gumgum.com Amazon	`2021-06-05` - `2022-07-04`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
*.postrelease.com Amazon	`2021-12-28` - `2023-01-25`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2021-12-08` - `2023-01-09`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.technoratimedia.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-17` - `2022-10-05`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2021-05-18` - `2022-06-19`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh

This page contains 26 frames:

Primary Page: https://routerlogin.mobi/
Frame ID: 7087775B1590A3DA0231ACDF07358006
Requests: 59 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=routerlogin.mobi&gdpr=1&gdpr_consent=
Frame ID: C32F87ACDA44F89A1D5C4977636D1ECE
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1644043880398
Frame ID: CF82E3AF4D62B1E24B306784502C9F07
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: EE6239223E65873DCDA4485C7BFA93C9
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: FA0D133D469994DC20B12FC857BBA4AD
Requests: 9 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: B4E0999010CCC1271DBF5672665FA956
Requests: 16 HTTP requests in this frame

Frame: https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
Frame ID: 0FFCEAA1AC5EAE476EF3DB829C939796
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 4277F04E4D24A048370C5BC951E537F6
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 214912DA2671336594A90519B0A55849
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Frame ID: 81DB71B32C38A2470696947F8E7857C0
Requests: 10 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=8af961fe-1e6c-4000-ba53-c1ca56177ac9&gdpr=0&gdpr_consent=
Frame ID: 1C0DA140D797E7549A1B34152E781AF3
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=Yf4ebAAD0trcQAAy&gdpr=0&gdpr_consent=&_test=Yf4ebAAD0trcQAAy
Frame ID: DEB09652CF6BDE00C975715AFD166A95
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83Yzg2MWM1OS02OTgzLTQzMzEtYWJmYy1jZTNhMGQwNGEwM2I=&gdpr=0&gdpr_consent=&google_tc=
Frame ID: 72D222A1D736E51F250E975190B0D1C1
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 99572440D9F9BF4CEE4E4FC66F4EEE38
Requests: 11 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Frame ID: B96FE6F82CBB8CC76C0CE99643975CFB
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=6401a572-60cb-4ed9-81a5-3d19db554e4e&t=1646635884
Frame ID: 0C552B41F9559C6DE3F144FCAB15B830
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: EB77C18920519131D1C4F4BC2EB336F9
Requests: 4 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: 922470F0BF2206DD1C5A14D89660A1B0
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=Yf4ebMCo5swAAOVX-KYAAAAA
Frame ID: C8EB4DCADA545EC4C81952E934DAC1EE
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=POnU58bCHGWrBhgDO15S&pi=gumgum&tc=1
Frame ID: FC57AD3350D3D8562A69A6DEF1AF9C17
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=7F9165C1-14A9-42A6-A226-E38DE74648F1
Frame ID: A1AE672430310A0F3C798E38D342AC17
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6574281382123060460
Frame ID: CC772FD828F17BA590541E6A2EFE84EF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8af961fe-1e6c-4000-ba53-c1ca56177ac9&gdpr=0&gdpr_consent=
Frame ID: AD920427ED4B401DC32D8E3ADFF6E627
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: D27C613A43F16E064256E0AD496E189C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7061114714971043980
Frame ID: B182E3229E3B5F02D3E6516071658D9C
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=pbm&i=7F9165C1-14A9-42A6-A226-E38DE74648F1
Frame ID: 4863039EA0CD2ABEE2DEA11B67899C26
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Router Login - IP Address, Username & Passwords

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

128
Requests

74 %
HTTPS

16 %
IPv6

59
Domains

80
Subdomains

46
IPs

6
Countries

1296 kB
Transfer

3539 kB
Size

33
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ezoic.com/what-is-ezoic/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66

https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Request Chain 67

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526uid%253D%2524UID HTTP 302
https://ads.servenobid.com/sync?pid=312&uid=7839808446743297181

Request Chain 68

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
https://ads.servenobid.com/sync?pid=310&uid=1fdc2bb82162b58958d073a7

Request Chain 69

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1644043883752 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4382088601 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4382088601 HTTP 302
https://sync.1rx.io/usersync/tradedesk/f1bd9932-c512-4dab-bb06-8a930dd022b4 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-298ffd67-61d4-4139-9f2c-a5b88de30941-003?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-298ffd67-61d4-4139-9f2c-a5b88de30941-003 HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-298ffd67-61d4-4139-9f2c-a5b88de30941-003

Request Chain 71

https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
https://ads.servenobid.com/sync?pid=324&uid=5131077720559208457

Request Chain 73

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
https://ads.servenobid.com/sync?pid=327&uid=6dadd055-282e-4507-b9e0-6cb003ebf678&gdpr=0&gdpr_consent=&us_privacy=1YN-

Request Chain 74

https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58559/occ?verify=true HTTP 302
https://ads.servenobid.com/sync?pid=337&uid=y-Be4BcZpE2uGWynoupU1YkhTXg90OzAHZFZmvjm8-~A

Request Chain 76

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yf4ea4dVs-LNAMBWEx1GtgAABKUAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yf4ea4dVs-LNAMBWEx1GtgAABKUAAAAB&dcc=t

Request Chain 77

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yf4ea4dVs.LNAMBWEx1GtgAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIyhaGDeeV9NWF_GXGZb_g0&google_cver=1&gdpr=1&google_hm=2

Request Chain 80

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=OF5yLnU91NgeUQ5&gdpr=1

Request Chain 81

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

Request Chain 84

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://rtb.gumgum.com/usersync?b=apn&i=7839808446743297181

Request Chain 85

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_7c861c59-6983-4331-abfc-ce3a0d04a03b&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_7c861c59-6983-4331-abfc-ce3a0d04a03b&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=9cc76812-bacc-4bf8-8a25-3fd1605e020a HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=9cc76812-bacc-4bf8-8a25-3fd1605e020a HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=5f6ad1f3-3062-4774-80c4-46b55ca59b5c&user_group=1&ssp=gumgum2&bsw_param=9cc76812-bacc-4bf8-8a25-3fd1605e020a HTTP 302
https://rtb.gumgum.com/usersync?b=bsw&i=9cc76812-bacc-4bf8-8a25-3fd1605e020a

Request Chain 86

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28WhmKM2gSQ1qY0GzlbbCW_0kwfs5JpwAmnpcDN7An-0MzyJO2zxjAfwMt3lgwS-Te%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28WhmKM2gSQ1qY0GzlbbCW_0kwfs5JpwAmnpcDN7An-0MzyJO2zxjAfwMt3lgwS-Te%29 HTTP 302
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_7c861c59-6983-4331-abfc-ce3a0d04a03b&obuid=ENC(WhmKM2gSQ1qY0GzlbbCW_0kwfs5JpwAmnpcDN7An-0MzyJO2zxjAfwMt3lgwS-Te) HTTP 302
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=WhmKM2gSQ1qY0GzlbbCW_0kwfs5JpwAmnpcDN7An-0MzyJO2zxjAfwMt3lgwS-Te HTTP 302
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=7839808446743297181&obUid=WhmKM2gSQ1qY0GzlbbCW_0kwfs5JpwAmnpcDN7An-0MzyJO2zxjAfwMt3lgwS-Te

Request Chain 87

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://rtb.gumgum.com/usersync?b=opx&i=eb578b3b-390d-44e5-9153-8574634e8062

Request Chain 88

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=sta&i=0-7944fa05-d009-4006-6b9b-4715b011ae8b$ip$217.114.215.133

Request Chain 89

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=oth&i=y-dpyCtvVE2pf1xqAP_rDcFPGde0On41HKwiQH~A

Request Chain 90

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://rtb.gumgum.com/usersync?b=vnt&i=08a0bbee-8650-11ec-8157-6f1d48b2cc96

Request Chain 93

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_7c861c59-6983-4331-abfc-ce3a0d04a03b&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://stags.bluekai.com/site/23178?id=b2XpJN9FquL5B__8_16E&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2YRSLBYEUTRZIZYXKTBVIJPV6OC7GE3EKJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2YRSLBYEUTRZIZYXKTBVIJPV6OC7GE3EKJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=b2XpJN9FquL5B__8_16E&us_privacy=1---

Request Chain 94

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://rtb.gumgum.com/usersync?b=idi&i=362655c4-54c7-4f40-a7da-1ede175daab4

Request Chain 95

https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5983921673 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5983921673 HTTP 302
https://sync.1rx.io/usersync/tradedesk/6401a572-60cb-4ed9-81a5-3d19db554e4e HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-298ffd67-61d4-4139-9f2c-a5b88de30941-003?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-298ffd67-61d4-4139-9f2c-a5b88de30941-003 HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-298ffd67-61d4-4139-9f2c-a5b88de30941-003

Request Chain 96

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://rtb.gumgum.com/usersync?b=pln&i=3Hy0pqPUsEi1&ev=1&pid=558355

Request Chain 99

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://rtb.gumgum.com/usersync?b=mmh&i=8af961fe-1e6c-4000-ba53-c1ca56177ac9&gdpr=0&gdpr_consent=

Request Chain 100

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Yf4ebAAD0trcQAAy HTTP 302
https://rtb.gumgum.com/usersync?b=atm&i=Yf4ebAAD0trcQAAy&gdpr=0&gdpr_consent=&_test=Yf4ebAAD0trcQAAy

Request Chain 101

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83Yzg2MWM1OS02OTgzLTQzMzEtYWJmYy1jZTNhMGQwNGEwM2I=&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83Yzg2MWM1OS02OTgzLTQzMzEtYWJmYy1jZTNhMGQwNGEwM2I=&gdpr=0&gdpr_consent=&google_tc=

Request Chain 104

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=ttd&i=6401a572-60cb-4ed9-81a5-3d19db554e4e&t=1646635884

Request Chain 105

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
https://eus.rubiconproject.com/usync.html?p=gumgum

Request Chain 107

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://rtb.gumgum.com/usersync?b=sus&i=Yf4ebMCo5swAAOVX-KYAAAAA

Request Chain 108

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://rtb.gumgum.com/usersync?b=rth&i=POnU58bCHGWrBhgDO15S&pi=gumgum&tc=1

Request Chain 110

https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=4020974057525123100&gdpr=0&gdpr_consent=

Request Chain 111

https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=0745220403b7c551dec721bb&gdpr=0&gdprConsent=

Request Chain 112

https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACSQk7D_D0AAG8tqNtwwA&gdpr=0

Request Chain 113

https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1971346236 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1971346236 HTTP 302
https://sync.1rx.io/usersync/tradedesk/c51dc446-48f0-4019-ade2-d9c2a9f2bb88 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-298ffd67-61d4-4139-9f2c-a5b88de30941-003?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-298ffd67-61d4-4139-9f2c-a5b88de30941-003 HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-298ffd67-61d4-4139-9f2c-a5b88de30941-003

Request Chain 117

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6574281382123060460

Request Chain 118

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8af961fe-1e6c-4000-ba53-c1ca56177ac9&gdpr=0&gdpr_consent=

Request Chain 120

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7061114714971043980

Request Chain 122

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=f5FlwRSpQqaiJuON50ZI8Q%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 123

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8af961fe-1e6c-4000-ba53-c1ca56177ac9

Request Chain 124

https://pixel.onaudience.com/?partner=214&mapped=7F9165C1-14A9-42A6-A226-E38DE74648F1 HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=b867544b685a019e HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=86ff8722-d9b3-4250-5695-70f33fa0409e&reqId=acb56529-36ec-49f2-57c9-2cfaa54ffc5a&zcluid=b867544b685a019e&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEB_fbsJQmKc0tNmAllqIy1Y&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=86ff8722-d9b3-4250-5695-70f33fa0409e&reqId=acb56529-36ec-49f2-57c9-2cfaa54ffc5a&zcluid=b867544b685a019e&zdid=1332

Request Chain 125

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0Y5MTY1QzEtMTRBOS00MkE2LUEyMjYtRTM4REU3NDY0OEYx&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 126

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMKrtfogwZgzjCjpTHIP_SU&google_cver=1

Request Chain 128

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2400424574025026460

Request Chain 129

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c51dc446-48f0-4019-ade2-d9c2a9f2bb88

Request Chain 130

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7839808446743297181&gdpr=0&gdpr_consent=

128 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
routerlogin.mobi/ 217 KB
52 KB 386ms
328ms Document
text/html 2606:4700:3037::ac43:cd0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://routerlogin.mobi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:cd0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc9c4a9769ce8ca48cd9e9c5c3c4fcd83d2fb4b1ba782f7a7616061b2d03c7e9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 05 Feb 2022 06:51:18 GMT
content-type: text/html; charset=UTF-8
age: 9891
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
display: pub_site_sol
expires: Fri, 04 Feb 2022 06:51:18 GMT
last-modified: Fri, 04 Feb 2022 11:36:53 GMT
pagespeed: off
response: 200
vary: Accept-Encoding X-Forwarded-Proto,Accept-Encoding
x-cache: HIT
x-middleton-display: pub_site_sol
x-middleton-response: 200
x-sol: pub_site
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rophpwQeG%2BUhAaTWoAM5IUbVxDP0LdmrmcKIDSIxS25EOAUR%2F83rOzi1%2BwgTc3VZ1MZ7%2FaN5wqECg1SU032gNw7PR%2FNiOUvP70yh1AQw9lJjYINM%2F2KLwABF2%2B77Zbnut2k8pHIWf94jHCNsRAtv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d8a359f9e1991ed-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 68ms
25ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: routerlogin.mobi
URL: https://routerlogin.mobi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

10a7e524db359a94a66ea75b97e81a52932f0e10a04deabb49fb73ec5d038946

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://routerlogin.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27225
x-xss-protection: 0
server: sffe
etag: "1122 / 430 of 1000 / last-modified: 1644015869"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 05 Feb 2022 06:51:18 GMT

GET
H2 200 dall.js Show response
go.ezodn.com/hb/ 291 KB
87 KB 82ms
35ms Script
application/javascript 2606:4700:3031::6815:496e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,oftmedia,sharethrough,yieldmo&cb=195-0-33
Requested by: Host: routerlogin.mobi
URL: https://routerlogin.mobi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:496e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5bdcdde411d51b2c8592667fbfa1ebb428a7c28624b1cbe780fc3c1b47305ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://routerlogin.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 05 Jan 2022 01:30:27 GMT
server: cloudflare
age: 2697651
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sqh%2FU67I2ljD%2Bqw5zSv%2FwdnKg7ByaEl0xdKI3bDNVb%2BaTkSYgGLPw%2B8GISjJM2dO3akmy7SWisDdwoYqE461Z6pn1m%2BnWpYfTES2Gl%2FxKoLfNSMoKyK%2F6WyKp01Ef6tabQMD6skSQ6ocmtM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d8a35a21ce168f7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 7f9679a7f570c9a2823e8d4167919651.css
routerlogin.mobi/wp-content/cache/min/1/ 133 KB
23 KB 109ms
108ms Stylesheet
text/css 2606:4700:3037::ac43:cd0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://routerlogin.mobi/wp-content/cache/min/1/7f9679a7f570c9a2823e8d4167919651.css
Requested by: Host: routerlogin.mobi
URL: https://routerlogin.mobi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:cd0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc3d889abf85e587e7e6faeb30c96c2df6d31b583ccf3d73cb2787ebfa372106

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://routerlogin.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:18 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol, orig_site_sol
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
x-sol: orig
response: 200
last-modified: Sat, 05 Feb 2022 05:11:12 GMT
server: cloudflare
etag: W/"61fbc49f-2151b-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qp3luqvSeIvQxQ2TDWJQaTmuBCxuy%2FGiHgNLm2Egbef7tWSVuhry0NQlpUsSH6sMzcx8eiMoZBWn6T1U%2F2Ld3sgWkHKYBWq4YA%2BAKWc%2Ff7EPfGHaP9ZsvJAL%2BFNtjgb5%2BQKkIT%2Bw5sdmy7T%2FVxXw"}],"group":"cf-nel","max_age":604800}
content-type: text/css
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=2592000
cf-ray: 6d8a35a1cb2691ed-FRA

GET
H3 200 banger.js Show response
routerlogin.mobi/porpoiseant/ 53 KB
13 KB 103ms
102ms Script
application/javascript 2606:4700:3037::ac43:cd0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://routerlogin.mobi/porpoiseant/banger.js?cb=195-0&bv=102&v=57&PageSpeed=off
Requested by: Host: routerlogin.mobi
URL: https://routerlogin.mobi/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cd0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f17f709d860874aca8922d177216f8b50d0437346550892b3138eaa9bb2961ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://routerlogin.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:18 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 05 Feb 2022 06:51:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eUGCu9OwZIAkndIFMpLfVafOFkZ2C7xt6o0gB9SvOpV0eBEaejrEnQDoVt7RmTO8HPOKLnr4CYugvJg8L7TZhZwji6i8L6nqgRq7gD8fOaFjGyvSPWL4%2FTVcGygXaiguEgdHlqJibVqQD2uFHZS8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d8a35a26f369012-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag: noindex

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 76ms
34ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3Aregular%2Citalic%2C700%26subset%3Dlatin%2C&display=swap

Requested by

Host: routerlogin.mobi
URL: https://routerlogin.mobi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8c0c6175278a9af9636b961d65cdd18841671e678071edce1c9784b318759233

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://routerlogin.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 05 Feb 2022 06:51:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 05 Feb 2022 06:51:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 05 Feb 2022 06:51:18 GMT

GET
H2 200 consentsettings.js Show response
routerlogin.mobi/detroitchicago/ 1 KB
968 B 71ms
71ms Script
application/javascript 2606:4700:3037::ac43:cd0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://routerlogin.mobi/detroitchicago/consentsettings.js?cb=2
Requested by: Host: routerlogin.mobi
URL: https://routerlogin.mobi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:cd0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 383472db86bc19b822592340828e1a9d680ece8e6a5114eb4744351081fdea3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://routerlogin.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:18 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 05 Feb 2022 03:59:20 GMT
server: cloudflare
etag: W/"5be-5d73d64666836;5d73d64666836-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ok%2Bd4Ekq9E2fXTRPdELmo%2BNH4e8ZUxH2gJjNHYR7cLSQ3ahmNQhdO1NBTPFv7gxy4%2FCit31Qf9wPWXFai%2FJdhvSv63jdYqkn0BcFo%2B8AGOb4InQMzFTMzZo5YiwE%2FkX2DE3aPti4f2hsGoyrO7PA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d8a35a1db5291ed-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag: noindex

GET
H3 200 cmbv2.js Show response
routerlogin.mobi/detroitchicago/ 41 KB
12 KB 66ms
65ms Script
application/javascript 2606:4700:3037::ac43:cd0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://routerlogin.mobi/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y0b-5y0d-14y13-3y17-4y21-3y34-23y57-21&cmbcb=20&sj=x04x02x06x07x0bx0dx13x17x21x34x57
Requested by: Host: routerlogin.mobi
URL: https://routerlogin.mobi/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cd0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ed42228a7839dff5fdd6848684498358c3fda443d6c3313c5e2f7968796f45c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://routerlogin.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:18 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 05 Feb 2022 06:51:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FHUnz7KJ5KfyvbhAYNK6QXZVwkOjH3U1ZO0xR1Io15TUOMxYocchxCMB6jg4fbhyWsGRLDNOBuRtH6c%2BMeDVXjoUxzAQUxM2%2FIOp7ceepcXTFr4p6YMVTdi4TqRd8oMgCM2NR5L6OOrWzFUCC9mf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d8a35a26f3a9012-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag: noindex

GET
H3 200 lazyload.min.js Show response
routerlogin.mobi/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/ 8 KB
3 KB 33ms
32ms Script
application/javascript 2606:4700:3037::ac43:cd0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://routerlogin.mobi/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
Requested by: Host: routerlogin.mobi
URL: https://routerlogin.mobi/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cd0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://routerlogin.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 17 Sep 2020 13:29:33 GMT
server: cloudflare
age: 928972
etag: W/"5f6364bd-1ed2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oRfwspHHqlTGtnojzEHsXc35BNr0UPHaJ1ne%2BrCBfieNKA9EnL%2BcAtYfega6L7ndV1NFNqTHwWLF3%2FYJReeKRiPwlqCga1qMUZpXk38jfDSn10mpb6FNdMsab95w1x%2BhfALKVSzY0olMfftqmr2c"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d8a35a26f3b9012-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 8f21bcccb1d680db5dd5b0885ea65808.js Show response
routerlogin.mobi/wp-content/cache/min/1/ 314 KB
82 KB 185ms
184ms Script
application/javascript 2606:4700:3037::ac43:cd0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://routerlogin.mobi/wp-content/cache/min/1/8f21bcccb1d680db5dd5b0885ea65808.js
Requested by: Host: routerlogin.mobi
URL: https://routerlogin.mobi/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cd0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 674c7218dcf4a06572cea948f88ae04399fa35b91a5d2b7b57999427e8cab7c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://routerlogin.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:18 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Sat, 05 Feb 2022 05:11:22 GMT
server: cloudflare
etag: W/"61fbc49f-4e993-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1cfV92Zks3Z5iup4MyqCCOBdlUwHyoDzQ51rM%2BjhChDti7EXu3bwBU%2FICgSgrMpAwYuUwaezEZvnuhJKmRFJYdf%2FWVDkg%2BCJhTcdaXYrLsjI%2BFj4XfwzrN4UV5nwGQRPR4MEcBnX%2F9%2FTA4DZHXpC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6d8a35a26f3d9012-FRA

GET
H3 200 ezcl.webp Show response
routerlogin.mobi/utilcave_com/inc/ 1 KB
2 KB 88ms
87ms Script
application/javascript 2606:4700:3037::ac43:cd0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://routerlogin.mobi/utilcave_com/inc/ezcl.webp?cb=4
Requested by: Host: routerlogin.mobi
URL: https://routerlogin.mobi/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cd0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c5ad2fd42dffdf04a0f1d757c1cccb4d840218d7ecada79d6cc9db33ca40319

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://routerlogin.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:18 GMT
content-encoding: br
cf-cache-status: BYPASS
x-sol: middleton
server: cloudflare
display: staticcontent_sol
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ee7GVsKJLezPSJk1JQIdLhC7QC7f3%2BGB8UG1%2BMnYAJGyjgSLWDwjSQRMCc0nDz7X%2FZZCM4OXa1D1Uh76Dsa7W1NFOVl2ghQwtoZM6N67wxn%2F8KlIKE1UYabrfbjscesGjj3XeMM17vpFqEfvCTJ3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: staticcontent_sol
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d8a35a26f3e9012-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pubads_impl_2022020101.js Show response
securepubads.g.doubleclick.net/gpt/ 351 KB
119 KB 44ms
16ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

b1ad18d59a923a30397279d4545c15ae7088bb6e70f37b6468b890fc4cfee8ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://routerlogin.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 23:49:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25317
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121756
x-xss-protection: 0
last-modified: Tue, 01 Feb 2022 09:38:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 04 Feb 2023 23:49:21 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 35 B
75 B 53ms
27ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=routerlogin.mobi

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef19b5f26aa49fcbd1901fbb9b5cc5da79d1d26a4c4ef31f387ca69769cc2016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://routerlogin.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Feb 2022 06:51:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51
x-xss-protection: 0
expires: Sat, 05 Feb 2022 06:51:18 GMT

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc57e47e638c9588240238e4fdd2f94ed6e7e97bda7a04a226afdb82b5274e32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6866db878c8c80f02f27270d1aa4e85f988fb535d9cd9d4541b5b76c6e805be4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 346e1b927246849bc11cc69c9df8cab8ebdd6c8db92b5f57730cb58f07ce57d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 84ms
28ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3Aregular%2Citalic%2C700%26subset%3Dlatin%2C&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://routerlogin.mobi
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 20:07:55 GMT
x-content-type-options: nosniff
age: 297803
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Feb 2023 20:07:55 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 85ms
30ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3Aregular%2Citalic%2C700%26subset%3Dlatin%2C&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://routerlogin.mobi
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 18:59:49 GMT
x-content-type-options: nosniff
age: 301889
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Feb 2023 18:59:49 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a23433b413a1cdfb998ee5461557fa061ab84972314aa4636ad3920201978c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 genericons.css
routerlogin.mobi/wp-content/themes/revenue-pro/genericons/genericons/ 28 KB
16 KB 36ms
36ms Stylesheet
text/css 2606:4700:3037::ac43:cd0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://routerlogin.mobi/wp-content/themes/revenue-pro/genericons/genericons/genericons.css
Requested by: Host: routerlogin.mobi
URL: https://routerlogin.mobi/wp-content/cache/min/1/7f9679a7f570c9a2823e8d4167919651.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cd0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://routerlogin.mobi/wp-content/cache/min/1/7f9679a7f570c9a2823e8d4167919651.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 28 Jan 2020 09:25:24 GMT
server: cloudflare
age: 55810
etag: W/"5e2ffe04-6e6a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8lzc%2F83gRKtYAYCRkpoh1bfTnKuufWiIUl2b%2FAJynH83cTJrRV6iRNITsb6F2cje9a6vx15oQbQDhyh3hAIPEAjRDrKRzRmI9%2FVOI%2FvbnMckPA1tbCYDQpuSDEyeSXIlMnuK2MxZuad93vhcMQR%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d8a35a308419012-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 ezoic.png
go.ezoic.net/utilcave_com/img/ 1 KB
2 KB 142ms
17ms Image
image/png 2600:9000:2250:e000:2:cb38:840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.ezoic.net/utilcave_com/img/ezoic.png
Requested by: Host: routerlogin.mobi
URL: https://routerlogin.mobi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:e000:2:cb38:840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://routerlogin.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 07:27:28 GMT
via: 1.1 8ac93eaf91328abbc6951d3fbab21e80.cloudfront.net (CloudFront)
x-sol: middleton
age: 429831
x-cache: Hit from cloudfront
x-middleton-display: staticcontent_sol
content-length: 1181
x-amz-cf-id: YjpQKidQGJKeA_l7VzsZ6JLKN1cG2_yXBftdwDvmRsBA5-FuhzGkeQ==
last-modified: Mon, 24 Jan 2022 07:07:18 GMT
server: nginx
etag: "49d-5bd497273b080-gzip-gzip"
vary: Accept-Encoding,Accept-Encoding
content-type: image/png
cache-control: max-age=604800
x-amz-cf-pop: FRA60-P2
display: staticcontent_sol
expires: Mon, 07 Feb 2022 07:27:28 GMT

GET
H3 200 houston.js Show response
routerlogin.mobi/detroitchicago/ 4 KB
2 KB 114ms
113ms Script
application/javascript 2606:4700:3037::ac43:cd0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://routerlogin.mobi/detroitchicago/houston.js?gcb=0&cb=16
Requested by: Host: routerlogin.mobi
URL: https://routerlogin.mobi/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cd0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a89057208861e739c4ea6ea2e1126afd5b41c89f22548e5afeb74b7c71614777

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://routerlogin.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:18 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 05 Feb 2022 06:51:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3QiPpe%2BGhIdzjqQPigV5uyaXA8aaAFETvbq1EqOisqA4vTcp%2F5k0AvCGVv5tbW%2FjV%2BVc%2BXQGETh%2FdmcMFhnCuhOwgM5SRFQA2QopJ%2FagfUtlX4t7QNMh9osukwQwVwUQbL%2FEtGWVWN%2BZFdbWyrU0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d8a35a328689012-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag: noindex

GET
H3 200 imp.gif Show response
routerlogin.mobi/detroitchicago/ 43 B
666 B 219ms
217ms XHR
image/gif 2606:4700:3037::ac43:cd0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://routerlogin.mobi/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A2%2C%22ad_count_adjustment%22%3A1%2C%22ad_lazyload_version%22%3A-1%2C%22ad_load_version%22%3A1%2C%22ad_location_ids%22%3A%224%2C3%2C35%2C22%2C5%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A5%2C%22bidder_method%22%3A1%2C%22bidder_version%22%3A4%2C%22city%22%3A%22%22%2C%22country%22%3A%22DE%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A4%2C%22domain_id%22%3A212534%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A0%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A0%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A3%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A1%2C%22page_ad_positions%22%3A%221100%2C1112%2C1117%2C1122%2C1123%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%228ecc45d0-0755-41d2-68d5-0c0386abdfa9%22%2C%22position_selection_id%22%3A0%2C%22postal_code%22%3A%22%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A91261%2C%22response_time_orig%22%3A28%2C%22serverid%22%3A%2213.38.50.176%3A21154%22%2C%22state%22%3A%22%22%2C%22sub_page_ad_positions%22%3A%221100%2C1112%2C1117%2C1122%2C1123%22%2C%22t_epoch%22%3A1644043878%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Frouterlogin.mobi%2F%22%2C%22user_id%22%3A0%2C%22weather_precipitation%22%3A0%2C%22weather_summary%22%3A%22%22%2C%22weather_temperature%22%3A0%2C%22word_count%22%3A888%2C%22worst_bad_word_level%22%3A0%7D
Requested by: Host: routerlogin.mobi
URL: https://routerlogin.mobi/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y0b-5y0d-14y13-3y17-4y21-3y34-23y57-21&cmbcb=20&sj=x04x02x06x07x0bx0dx13x17x21x34x57
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cd0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://routerlogin.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:19 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F0Zo6MCKqToOzr8x2Jf37xZBh7jMJwjWMnONG8AjUgmDsiHWb3%2BCj6F%2Bxzd4Zf2Dgk%2FR7mZxRXrNCoIU0NwWC18xd1%2B0hX4YNTXNBKq7QcmWKYS9Q%2FyaFzt3W%2Bvx7LPOmM0gVEnsu4Yr3%2FODQnGN"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-middleton-display: imp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 6d8a35a358a99012-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Fri, 04 Feb 2022 06:51:18 GMT

GET
H3 200 cmbdv2.js Show response
routerlogin.mobi/detroitchicago/ 47 KB
12 KB 81ms
80ms Script
application/javascript 2606:4700:3037::ac43:cd0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://routerlogin.mobi/detroitchicago/cmbdv2.js?gcb=195-0&cb=03-5y0c-5y18-4y35-23y58-21&cmbcb=20&sj=x03x0cx18x35x58
Requested by: Host: routerlogin.mobi
URL: https://routerlogin.mobi/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cd0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89d399788a1975154c815e157b1a20be418d3ce47320921dde3126f5c95b8f0d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://routerlogin.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:18 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 05 Feb 2022 06:51:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VEsil7ea%2FWUFz10ySyFfXBI8pwLW5%2BLBKx%2FXvFGqx5%2BGnx32y6caYEGAOeC1MEZALRrOOzzBbI56R%2FqLGbjNB5AuRkR3XOsT3n3UoExizty2HRaevpgdziA6OF87m%2BTJab%2F96eevbI0cMFfCzwnq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d8a35a358ab9012-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag: noindex

GET
H3 200 genericons-regular-webfont.woff
routerlogin.mobi/wp-content/themes/revenue-pro/genericons/font/ 17 KB
17 KB 69ms
68ms Font
application/font-woff 2606:4700:3037::ac43:cd0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://routerlogin.mobi/wp-content/themes/revenue-pro/genericons/font/genericons-regular-webfont.woff
Requested by: Host: routerlogin.mobi
URL: https://routerlogin.mobi/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cd0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e1536ec01be2959f60ab02b0194f62521734031080914187efc25e482fefdc9

Request headers

Referer: https://routerlogin.mobi/
Origin: https://routerlogin.mobi
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 28 Jan 2020 09:23:33 GMT
server: cloudflare
age: 157305
etag: W/"5e2ffd95-4348"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fz4huXe%2B3OodjYJdzUvui3JwrO4XPaIYxg6jwVld45ZNMCGFdtLAJjAQwIWY8wFO5QpTU%2Bzv3AYNaN%2FQmJTVW1KSBPekg65PjznpESev8ixgm2EVruns%2B%2B8dYoV%2FaRfFDWWqQjlLgXNfLwBo2aol"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d8a35a368be9012-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6

Request headers

Referer
Origin: https://routerlogin.mobi
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H3 200 RouterLogin-mobi-logo.png
routerlogin.mobi/wp-content/uploads/2020/09/ 537 B
1 KB 33ms
33ms Image
image/png 2606:4700:3037::ac43:cd0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://routerlogin.mobi/wp-content/uploads/2020/09/RouterLogin-mobi-logo.png
Requested by: Host: routerlogin.mobi
URL: https://routerlogin.mobi/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cd0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c55a4429122b3e84a62473afe3d95c12b9cc976f3911bb9e0ee36e44b75125e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://routerlogin.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 930556
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 537
last-modified: Tue, 22 Sep 2020 13:23:59 GMT
server: cloudflare
etag: "5f69faef-219"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=whHUlI5I25XcjyjpErbaGNwKeTNx6%2FS4Bala9hY6bASwhFP7C3ppB1L2ZB8LoyFOkA3v5iMteiMlioecyN4V9IpwXVRyzkbIefwa8rdU9fjum5dqp7uQf5uDSAnidgiUlrPT7zcKtlfubOFz6sVP"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6d8a35a3b9359012-FRA

GET
H3 200 Tp-link-router-not-working-after-reset-250x250.jpg
routerlogin.mobi/wp-content/uploads/2022/02/ 15 KB
16 KB 146ms
145ms Image
image/jpeg 2606:4700:3037::ac43:cd0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://routerlogin.mobi/wp-content/uploads/2022/02/Tp-link-router-not-working-after-reset-250x250.jpg
Requested by: Host: routerlogin.mobi
URL: https://routerlogin.mobi/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cd0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b5996e61a10b88aad0af79925937cbf2f1b8caa6b4a471fba4d6f0a290b6d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://routerlogin.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:19 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Sat, 05 Feb 2022 05:11:21 GMT
server: cloudflare
etag: W/"61fa5d70-3de9-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CkU5Q0NDXTioj3WZdeKDoC8Vmv6xZiHhRSGlTwdOvaQgyzG4RR5%2FcE7oOxte4Xu8YHgwugSow9u59mQgcRL6gxp%2BywJJornDoekZT36v0hKy48DUaRDAghtEHG0UZPQH1AxjPpB5WniqYQ1Hn3GI"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000
cf-ray: 6d8a35a3b9369012-FRA

GET
H3 200 nmash.js
routerlogin.mobi/porpoiseant/ 24 KB
7 KB 58ms
58ms Other
application/javascript 2606:4700:3037::ac43:cd0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://routerlogin.mobi/porpoiseant/nmash.js?v=102
Requested by: Host: routerlogin.mobi
URL: https://routerlogin.mobi/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cd0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffb648200f12e9e83c7a7d94892271c74f23b39d6f77b9df5e21c96166a41ecb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://routerlogin.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:19 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 04 Feb 2022 14:11:24 GMT
server: cloudflare
etag: W/"6003-5d731d3738e7c;5d731d3738e7c-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pQMoz%2FrknFrpvG5QE%2BAubz7AY%2FK0T5vlpXvP5O%2F7y8MMvQI9fMquuRdBevrKpk7r%2BI6rf9OjElYKDeGnegZZg1k8f6n3MvbeY514Sqw%2BQox55KW1ukd%2BcLg79RV2%2B6%2FGKYNeeGW7hVaqxHsRGil6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d8a35a3b9379012-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag: noindex

GET
H3 200 192.168.10.10-740x414.jpg
routerlogin.mobi/wp-content/uploads/2021/01/ 60 KB
60 KB 136ms
136ms Image
image/jpeg 2606:4700:3037::ac43:cd0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://routerlogin.mobi/wp-content/uploads/2021/01/192.168.10.10-740x414.jpg
Requested by: Host: routerlogin.mobi
URL: https://routerlogin.mobi/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cd0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4132ba42b3e47aa757cdf63b1b9bcead2ab6c9133e21ecc2a62fa04b2374a81b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://routerlogin.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:19 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Fri, 04 Feb 2022 07:10:16 GMT
server: cloudflare
etag: W/"5ff054f1-eec0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lhgvZ1Coyte9VLN6DERWNAVo3pS5%2FTnbjDW5egrP6Nu67yHV%2BYROOB8lfOMH4Ob8LIYPWemm0djujzIAVZbKyaRDv6lLntT79uch3UqpDwA%2BrN2HhZ0%2FbRivNmtOWceqIYxzd8gioJZCdHlufZ4e"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000
cf-ray: 6d8a35a3b9439012-FRA

GET
H3 200 fios-internet-not-working-250x250.jpg
routerlogin.mobi/wp-content/uploads/2022/01/ 22 KB
23 KB 136ms
135ms Image
image/jpeg 2606:4700:3037::ac43:cd0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://routerlogin.mobi/wp-content/uploads/2022/01/fios-internet-not-working-250x250.jpg
Requested by: Host: routerlogin.mobi
URL: https://routerlogin.mobi/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cd0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8047ef3363ea19e0cf1be2bbadfeaf4875382deeb6e1b8ac399fe88c435ef92d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://routerlogin.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:19 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Sat, 05 Feb 2022 06:11:37 GMT
server: cloudflare
etag: W/"61f7cd15-599d-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2W4Yx8KkOc39e3dpOMSSFdUzcjMX7qjrWhGVNn2INwwRL98%2F3CED%2F8IaxzKJrFxYk9qeABBwcLrjdmqmymYBk7aDGmv1XlZaMQSSXaLCV7IP1RaTR%2F6XyyPKRt3QNbAiTV4fFCsy1IV4PhVkobpy"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000
cf-ray: 6d8a35a3b94c9012-FRA

GET
H3 200 192.168.1.128-300x163.jpg
routerlogin.mobi/wp-content/uploads/2019/01/ 11 KB
12 KB 97ms
97ms Image
image/jpeg 2606:4700:3037::ac43:cd0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://routerlogin.mobi/wp-content/uploads/2019/01/192.168.1.128-300x163.jpg
Requested by: Host: routerlogin.mobi
URL: https://routerlogin.mobi/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cd0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0d208d7068dbc077fa426bcdb41d8933fec3cd544d556e67ebde19908004c34

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://routerlogin.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:19 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Fri, 04 Feb 2022 13:12:11 GMT
server: cloudflare
etag: W/"5e2ffdf2-2c48-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hGMn0bc6%2Bd5%2FLgsS5wHczknbAZtWLblsBXD1nYwqGrrY5yWH42%2Bt%2BDJj1jMORfAqMXuaJ6yyPeEmKg0i%2Bw8DlCQF02%2B2j78glgMgdeECrAbEV6T08DWj8OscAcLX7VV%2B2HZBkGYCY71V6KrJEF2g"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000
cf-ray: 6d8a35a3b94d9012-FRA

GET
H3 200 192.168.1.1-250x250.jpg
routerlogin.mobi/wp-content/uploads/2019/02/ 20 KB
21 KB 104ms
103ms Image
image/jpeg 2606:4700:3037::ac43:cd0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://routerlogin.mobi/wp-content/uploads/2019/02/192.168.1.1-250x250.jpg
Requested by: Host: routerlogin.mobi
URL: https://routerlogin.mobi/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cd0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1db1ea93e232449098528c5365e9256091b6204140acff3e9690fedc07c09a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://routerlogin.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:19 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Fri, 04 Feb 2022 10:11:14 GMT
server: cloudflare
etag: W/"5e2ffde7-4fce-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tN5kp87TeXZfvFgz1hJ1HtTao9kQ4JSxvhYDFGWh1XGXlixhuvkR74t85hZ0j96HUN%2FfCbvKKp9JDs6yuh8BtSFvbaVCNJgZMiQzHtKyVdQYlF53IrMNd1UGycZ6aUlbmEs9VsBmKac753%2Fj4x%2BY"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000
cf-ray: 6d8a35a3c9509012-FRA

GET
H3 200 192.168.0.1-250x250.jpg
routerlogin.mobi/wp-content/uploads/2019/02/ 20 KB
21 KB 124ms
123ms Image
image/jpeg 2606:4700:3037::ac43:cd0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://routerlogin.mobi/wp-content/uploads/2019/02/192.168.0.1-250x250.jpg
Requested by: Host: routerlogin.mobi
URL: https://routerlogin.mobi/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cd0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c7487ce8c14812a63576a5c50327c7bc94608c7a901a29fad7f2e2697b8d93d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://routerlogin.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:19 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Sat, 05 Feb 2022 03:59:15 GMT
server: cloudflare
etag: W/"5e2ffd0f-5031-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RJnmfDvekCvwRQB2SJH0egMNX%2FKldtAU3UWrvPu5EqgISRD5tvRprhjCU%2FZO7G2ufdm9pd8%2FsBkmKOtQmWnt6SDJRQZRmUi85%2Bs9rWSVwAI%2BP68unKYvSXU5VYlJssBrk03hdrpmM5N1yWcTxC%2F%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000
cf-ray: 6d8a35a3c9529012-FRA

GET
H3 200 192.168.254.254-300x163.jpg
routerlogin.mobi/wp-content/uploads/2019/01/ 17 KB
18 KB 128ms
127ms Image
image/jpeg 2606:4700:3037::ac43:cd0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://routerlogin.mobi/wp-content/uploads/2019/01/192.168.254.254-300x163.jpg
Requested by: Host: routerlogin.mobi
URL: https://routerlogin.mobi/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cd0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b167dddc88154510036c6ea8e0e5d4ab86ff9ad54257fe589b4da63260a22438

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://routerlogin.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:19 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Sat, 05 Feb 2022 06:05:16 GMT
server: cloudflare
etag: W/"5e2ffd61-4418-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=46hzqZLbWprd7qa8JDjr4iB03XuZJY09HIHXNngA%2BH%2FxHIg%2Fh8SLIxB1OapCWzcTlp%2FvGfiGzDfMLxuz4qS0JUXbzWVApbsD%2BrycAZpvOHQmgj5faszHpUx5iR%2Fy8gYsdaKnXFdhxRsGmvLevVNx"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000
cf-ray: 6d8a35a3c9539012-FRA

GET
H3 200 192.168.0.100-1-300x163.jpg
routerlogin.mobi/wp-content/uploads/2019/01/ 12 KB
13 KB 124ms
123ms Image
image/jpeg 2606:4700:3037::ac43:cd0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://routerlogin.mobi/wp-content/uploads/2019/01/192.168.0.100-1-300x163.jpg
Requested by: Host: routerlogin.mobi
URL: https://routerlogin.mobi/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cd0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b079914b081d961cd0112fdfff5064ce085a9064dcfc45d7c8a0e2cd853fc477

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://routerlogin.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:19 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Sat, 05 Feb 2022 04:11:23 GMT
server: cloudflare
etag: W/"5e2ffd65-311d-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mk90mI%2FsVO4TV9W%2BrE6iVxJ3FUBKVPdAikMdSar1QlskdBdRv1zQys3INQS84j8biqSQ%2FY9o5eZ8vxpr8MpM1nUb2Kv4kbYv1pkpjtUV%2FPtthH2tB323gB8mOOY1uPzLUOoa2e51amnR9mvb3myo"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000
cf-ray: 6d8a35a3c9549012-FRA

GET
H3 200 192.168.0.2-300x163.jpg
routerlogin.mobi/wp-content/uploads/2019/01/ 11 KB
11 KB 117ms
116ms Image
image/jpeg 2606:4700:3037::ac43:cd0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://routerlogin.mobi/wp-content/uploads/2019/01/192.168.0.2-300x163.jpg
Requested by: Host: routerlogin.mobi
URL: https://routerlogin.mobi/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cd0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b705e5c0bc265bde920042296b02bb099b6cd42761a3c184bfae338c02252234

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://routerlogin.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:19 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Fri, 04 Feb 2022 06:11:25 GMT
server: cloudflare
etag: W/"5e2ffdfc-2b2b-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jn0Pnwzh76SiokJdHFGcSuM8BqkHgWGw48oBEozXRNuf3iHluFe4egQ6ZpHx0RTYlutUzZT8XBdF9aGrZjPBWAze%2FEmpl1ky04IVtzZ160gB%2FRyxqxghzWle4xR4WhBDNsq0QYr8B5azhNO1wlYA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000
cf-ray: 6d8a35a3c9589012-FRA

GET
H3 200 192.168.1.102-250x250.jpg
routerlogin.mobi/wp-content/uploads/2019/01/ 20 KB
21 KB 138ms
137ms Image
image/jpeg 2606:4700:3037::ac43:cd0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://routerlogin.mobi/wp-content/uploads/2019/01/192.168.1.102-250x250.jpg
Requested by: Host: routerlogin.mobi
URL: https://routerlogin.mobi/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cd0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96ffefb8001a78607c1aa3674841f47cdea84032ce51cdf0af0323e5ee450b35

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://routerlogin.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:19 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Sat, 05 Feb 2022 03:12:30 GMT
server: cloudflare
etag: W/"5e2ffd92-50e3-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oOR0dJvTbO61rFQTsHJJAsS%2FW0eETX4ORV2AnpTU0sqqGAVA6UNMU2kgWs0iwNBE%2F3%2FIYSGM%2FqewuyzdW57N2m13VsyqWTlNOx5v%2FI6to8SYtdoAeEEyXvBpaRuTIOksToge3e5hWtJrv6HBC6zF"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000
cf-ray: 6d8a35a3c9599012-FRA

GET
H3 200 192.168.1.100-300x163.jpg
routerlogin.mobi/wp-content/uploads/2019/01/ 11 KB
12 KB 110ms
109ms Image
image/jpeg 2606:4700:3037::ac43:cd0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://routerlogin.mobi/wp-content/uploads/2019/01/192.168.1.100-300x163.jpg
Requested by: Host: routerlogin.mobi
URL: https://routerlogin.mobi/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cd0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d11f7468655f6d31e77167b28435f78e910c0f123f0be63753a43b7b98c08332

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://routerlogin.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:19 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Sat, 05 Feb 2022 05:11:17 GMT
server: cloudflare
etag: W/"5e2ffdcb-2c4f-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DIYjzPYJH15kdHi3cW9kZPpUA3nLEjQttUqvpgmgENT5CsLM6d1XAFjMPBrcsH0hEUu7TcLf46l438ViikNzgl27OdYSnbx2lXDSZa8ztYvOuCTZrufIlyf1rdm6pUzuMhqyr54Z8zG83H3c%2F7eX"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000
cf-ray: 6d8a35a3c95a9012-FRA

GET
H3 200 192.168.1.7-300x163.jpg
routerlogin.mobi/wp-content/uploads/2019/01/ 11 KB
11 KB 83ms
82ms Image
image/jpeg 2606:4700:3037::ac43:cd0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://routerlogin.mobi/wp-content/uploads/2019/01/192.168.1.7-300x163.jpg
Requested by: Host: routerlogin.mobi
URL: https://routerlogin.mobi/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cd0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 280fa1716bd460ab1b8d9ae4aae5f04d7a34432622714d09e82b0225f7978eab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://routerlogin.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:19 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Fri, 04 Feb 2022 07:10:17 GMT
server: cloudflare
etag: W/"5e2ffda9-2ab2-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E0HOTreGkrzf9E3iPwvlYg9dgTr%2BqtlW3z9NAoiROMk2oXz%2BQasDQ7%2Ff0xZa%2Bho5yR8abBf46751nS07k3EJgjviZ5m2CeQNJlJRn%2F3ROrc1ML0rjgLZjBLRyLzBz1trtaNfBbc8cpe%2FqgKQ%2F9OY"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000
cf-ray: 6d8a35a3c95c9012-FRA

GET
H3 200 192.168.8.1-250x250.jpg
routerlogin.mobi/wp-content/uploads/2019/01/ 20 KB
21 KB 130ms
130ms Image
image/jpeg 2606:4700:3037::ac43:cd0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://routerlogin.mobi/wp-content/uploads/2019/01/192.168.8.1-250x250.jpg
Requested by: Host: routerlogin.mobi
URL: https://routerlogin.mobi/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cd0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 049df80f0becc4a69cebc35531cec8f25bcb36fde3d2d05af82f7f3ae6bef5ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://routerlogin.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:19 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Sat, 05 Feb 2022 04:11:25 GMT
server: cloudflare
etag: W/"5e2ffd6b-505e-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ljmLr4jLg7pstD0BaWM1E3Ij91Cm4vHSW9hJ4Ab6Y8Jm%2FKk9aDG%2FJ9KjZSY60uj280OhrHbFHHVOy7cT0y8q9wevuO4Uk1PTtpYa14e9H6GbMp4ILtLcmRwYufjhAXOszxqWXnqBuv19sGU0%2BDT6"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000
cf-ray: 6d8a35a3c95d9012-FRA

GET
H2 200 routerlogin.js Show response
cdn4.buysellads.net/pub/ 466 KB
161 KB 525ms
459ms Script
application/javascript 94.31.29.32
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4.buysellads.net/pub/routerlogin.js?1644043800000
Requested by: Host: routerlogin.mobi
URL: https://routerlogin.mobi/wp-content/cache/min/1/8f21bcccb1d680db5dd5b0885ea65808.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.32 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.32.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: bca70519e5992c095417b2684a34d34bc8ee3eb4aa49fd1361a8fe64efddbc5b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://routerlogin.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:19 GMT
content-encoding: gzip
last-modified: Fri, 04 Feb 2022 21:07:35 GMT
server: NetDNA-cache/2.2
x-amz-request-id: 8H6AZQPA2N12EEWE
etag: W/"f1c55807adfe9409173958660ceed3c2"
x-cache: MISS
content-type: application/javascript
cache-control: max-age=31104000
x-amz-id-2: DNALuX95Oa1FbWgxFUSHCl6yH1UoKDSK+U2VXXBb8GPqD2Lkw1jqPgKu8NKOYLaedXwdmOyDVdg=
expires: Tue, 31 Jan 2023 06:51:19 GMT

GET
H2 200 cmp.js Show response
g.ezodn.com/cmp/v2/ 399 KB
108 KB 107ms
37ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezodn.com/cmp/v2/cmp.js?v=50
Requested by: Host: routerlogin.mobi
URL: https://routerlogin.mobi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7360356b5ade646c718574599e78e4216c1e0979278ea730bd0b5ab9d3032f9b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://routerlogin.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 31 Jan 2022 23:11:19 GMT
server: cloudflare
age: 326624
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wDW4ofTb0YG0t8FLrQgD1rO%2FGh1mDDFOLXmdTyPNrSSk7mLr86SoQBGkUS1QKFGpEJGaiOQHvc3TNiuM4Z8o6ii8oESqGiwRAKSsejhOTMhmrxBZweNHrghRPKR4ADvJ8BqU8aJfjHa%2FbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d8a35a49f9f9237-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 bx_loader.gif
routerlogin.mobi/wp-content/themes/revenue-pro/assets/img/ 8 KB
9 KB 86ms
85ms Image
image/gif 2606:4700:3037::ac43:cd0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://routerlogin.mobi/wp-content/themes/revenue-pro/assets/img/bx_loader.gif
Requested by: Host: routerlogin.mobi
URL: https://routerlogin.mobi/wp-content/cache/min/1/7f9679a7f570c9a2823e8d4167919651.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cd0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://routerlogin.mobi/wp-content/cache/min/1/7f9679a7f570c9a2823e8d4167919651.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:19 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Sat, 05 Feb 2022 03:12:30 GMT
server: cloudflare
etag: W/"5e2ffd0b-2185-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T2JsoUVSK0sgpxTvFwcJDeNf%2BHmpIJj9Kw2y%2B8ifIjROCA8s01gmPAB72MPLRWfnrokQUq22CIL5qEMA0cZQFxhHJQqGFk7ZmUnYmxA4l6phYe25PyeZ%2FwZxYYGzhIuT71uz6sfeRDmRCrsV5u72"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=2592000
cf-ray: 6d8a35a45a209012-FRA

GET
H3 200 btn-nav.png
routerlogin.mobi/wp-content/themes/revenue-pro/assets/img/ 17 KB
18 KB 87ms
86ms Image
image/png 2606:4700:3037::ac43:cd0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://routerlogin.mobi/wp-content/themes/revenue-pro/assets/img/btn-nav.png
Requested by: Host: routerlogin.mobi
URL: https://routerlogin.mobi/wp-content/cache/min/1/7f9679a7f570c9a2823e8d4167919651.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cd0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a83a3b3cd267f15e25444e8f1df1e6d325e65990d3db5f209dc71c96350c946

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://routerlogin.mobi/wp-content/cache/min/1/7f9679a7f570c9a2823e8d4167919651.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:19 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Sat, 05 Feb 2022 04:11:25 GMT
server: cloudflare
etag: W/"5e2ffd71-45e1-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KUSUZsdHckzXxtczVWwDSMizPdo3lW%2F%2FZdXTv3XXyitBnaXUxjVijcaNg6X4i%2FjTTulH3443d5LntyPzBFQF6Cu1NXdajnRLthqduQtqjmTNf9XsXDQxT1faMCEhVgXQ2go1GI2i663jkkX2Pdn1"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
cf-ray: 6d8a35a46a389012-FRA

GET
H2 200 GVL Show response
gvl.ezodn.com/gvlcache/ 303 KB
40 KB 90ms
42ms XHR
application/json 2606:4700:3031::6815:496e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gvl.ezodn.com/gvlcache/GVL?gvlSpecificationVersion=2&language=en&cmpv=57
Requested by: Host: g.ezodn.com
URL: https://g.ezodn.com/cmp/v2/cmp.js?v=50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:496e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d407b4aacf72b6c31852d64dd3df6814574b4c659e5501701c68f4cf88cf1f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://routerlogin.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:19 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
gvlcache-hit: true
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s1JW7c0qKGznLpm3mHbsP3EuS9HtTGUDtJO4%2F7EBAZKS0Uj2u4VL1b5vrt26%2BuwaFaLXuITxgq%2F1U39c8RwnB9pnSM24OEZZ8Neiw5jEcOEYvdyBNcqaxQgHiR%2BERUGvnmYLPq9QyXRbJePx"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800, public
cf-ray: 6d8a35a578825c92-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 GVL Show response
gvl.ezodn.com/gvlcache/ 31 KB
6 KB 59ms
38ms XHR
application/json 2606:4700:3031::6815:496e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gvl.ezodn.com/gvlcache/GVL?gvlSpecificationVersion=2&language=de&cmpv=57
Requested by: Host: g.ezodn.com
URL: https://g.ezodn.com/cmp/v2/cmp.js?v=50
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:496e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: baa40a59a2c497a69a81f2cf5851021aa12d71702570d344e54345399d06b71b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://routerlogin.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:19 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
gvlcache-hit: true
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DA6HWuSj35fILjHAEW5RDXAbCkkKDxBe5UOvl1yUkcJr%2Fw4tL0l9UVNcnhx46P3%2BOdXzbpJ8xu3VX4OYtb3cg8AR2GgbzBXGdrJ8He8OqRr0W%2FnVyRuf3QhOQ%2FeauKbwIn%2BpczBqrE%2B9xaT3"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800, public
cf-ray: 6d8a35a5f9d15bf5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 71ms
26ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/routerlogin.js?1644043800000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93f871ce94c730e02c2d43634d4819bed0f282df99c2f59b0795786bb8accf22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://routerlogin.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27234
x-xss-protection: 0
server: sffe
etag: "1122 / 715 of 1000 / last-modified: 1644015917"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 05 Feb 2022 06:51:19 GMT

GET
H2 200 acceptable.gif
cdn4.buysellads.net/ 43 B
367 B 208ms
207ms Image
image/gif 94.31.29.32
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.buysellads.net/acceptable.gif?ch=1&rn=9.258662469238974
Requested by: Host: routerlogin.mobi
URL: https://routerlogin.mobi/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.32 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.32.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://routerlogin.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:20 GMT
last-modified: Fri, 19 Jul 2019 16:45:51 GMT
server: NetDNA-cache/2.2
x-amz-request-id: 8H682P1ZW1DRP1EH
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-cache: MISS
content-type: image/gif
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 43
x-amz-id-2: 34xzqN8MfLYF5mjho0S+n5ypDWN6lZ15lsD1kKC3OZugF65GupaNcBRbBnyk7N5qO6D2QWm2GgI=
expires: Tue, 31 Jan 2023 06:51:20 GMT

GET
H2 200 acceptable.gif
cdn4.buysellads.net/ 43 B
367 B 214ms
213ms Image
image/gif 94.31.29.32
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.buysellads.net/acceptable.gif?ch=2&rn=9.258662469238974
Requested by: Host: routerlogin.mobi
URL: https://routerlogin.mobi/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.32 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.32.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://routerlogin.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:20 GMT
last-modified: Fri, 19 Jul 2019 16:45:51 GMT
server: NetDNA-cache/2.2
x-amz-request-id: 8H692KJ8DQE3MREC
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-cache: MISS
content-type: image/gif
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 43
x-amz-id-2: fWIn/vb3KdpgZQd5fDOLC6LKpVyOM12Y+eup4Nw/i72iRsW93JEkSeqS9turbIS9hchw5I1e6iw=
expires: Tue, 31 Jan 2023 06:51:20 GMT

POST
H2 200 adreq Show response
ads.servenobid.com/ 87 B
420 B 134ms
39ms XHR
application/json 63.32.247.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=8811
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/routerlogin.js?1644043800000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.247.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-247-12.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 66c1aaea8a3cc8117f2152a147954550edd0abc42b52d3560510fbd8108b356e

Request headers

Referer: https://routerlogin.mobi/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Feb 2022 06:51:20 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://routerlogin.mobi
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
702 B 74ms
25ms XHR
application/json 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/routerlogin.js?1644043800000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://routerlogin.mobi/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 05 Feb 2022 06:51:20 GMT
X-Proxy-Origin: 217.114.215.133; 217.114.215.133; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 36a372fb-aefb-4865-a2b0-c8b70673877a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://routerlogin.mobi
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
313 B 122ms
56ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.0&cb=85091364811

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/routerlogin.js?1644043800000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://routerlogin.mobi/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Feb 2022 06:51:19 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://routerlogin.mobi
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
363 B 60ms
17ms XHR
application/json 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/routerlogin.js?1644043800000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://routerlogin.mobi/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://routerlogin.mobi
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 358 B
708 B 108ms
52ms XHR
application/json 185.255.84.151
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Frouterlogin.mobi%2F&CanonicalUrl=https%3A%2F%2Frouterlogin.mobi%2F&PublisherDomain=https%3A%2F%2Frouterlogin.mobi

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/routerlogin.js?1644043800000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.151 Paris, France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

6771773e12468df7f018f1386cdd707359ec462795dd111879db786970dd52d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://routerlogin.mobi/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 06:51:20 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://routerlogin.mobi
access-control-max-age: 3600
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 27
access-control-allow-headers: Accept-Encoding, Content-Type
content-length: 358
expires: 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 89 KB
28 KB 94ms
31ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/routerlogin.js?1644043800000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

5f1a0eb046f22533fd96fde5da0c9f951cb8b69354839596657271c9af223be0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://routerlogin.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:22 GMT
content-encoding: gzip
last-modified: Mon, 24 Jan 2022 04:27:55 GMT
server: nginx
etag: W/"61ee2acb-16429"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 06 Feb 2022 06:51:22 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame C32F 2 KB
1 KB 70ms
23ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=routerlogin.mobi&gdpr=1&gdpr_consent=

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

d7639ef9732adaf582c2006a5de74d4e4fa148e000abb6dfd2e2a9f3455490db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://routerlogin.mobi/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 394
date: Sat, 05 Feb 2022 06:51:22 GMT
content-length: 972
strict-transport-security: max-age=31536000; preload;

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 89 KB
28 KB 102ms
48ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

5f1a0eb046f22533fd96fde5da0c9f951cb8b69354839596657271c9af223be0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://routerlogin.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:23 GMT
content-encoding: gzip
last-modified: Mon, 24 Jan 2022 04:27:55 GMT
server: nginx
etag: W/"61ee2acb-16429"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 06 Feb 2022 06:51:23 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame CF82 2 KB
814 B 19ms
19ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1644043880398

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/routerlogin.js?1644043800000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://routerlogin.mobi/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame EE62 52 KB
17 KB 70ms
14ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/routerlogin.js?1644043800000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://routerlogin.mobi/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Thu, 03 Feb 2022 02:33:21 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sat, 05 Feb 2022 06:51:23 GMT
Age: 15479
X-Served-By: cache-lga21939-LGA, cache-hhn4059-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1, 92262
X-Timer: S1644043884.536150,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 sync.html Show response
public.servenobid.com/ Frame FA0D 8 KB
4 KB 194ms
20ms Document
text/html 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/routerlogin.js?1644043800000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bbfd30e5fd2bd475d319b5b55ab61469966d1517b703f9bd830a6f3207387c27

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://routerlogin.mobi/

Response headers

cache-control: max-age=86400
content-type: text/html
content-encoding: br
last-modified: Wed, 15 Dec 2021 19:31:35 GMT
accept-ranges: bytes
etag: "32347ab14bd5257f1f3d2e210ba82276"
server: AmazonS3
x-cache: TCP_HIT
x-amz-id-2: B0ZK7ykm/69k2imSWk8eUT4OGOj0EknoJTDH2Xpp6qJLhCs9k3vOx/LYiOa5cUQNDTknq/tHHCM=
x-amz-request-id: BVCV044RX6RA2ZWE
x-amz-meta-codebuild-content-sha256: 8644b4f52d5a37b8f0b84f0bbcfa66f9e0f7f97407e4d25c13a055f86b22baed
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:0897103a-6355-4b89-92f6-53a82b1da700
x-amz-meta-codebuild-content-md5: 276cf0a41034befc9a603617ae1a1731
x-azure-ref-originshield: 0jtn9YQAAAACTkSLG2M/iSIaTDcNts5W1QU1TMDRFREdFMTgwNwA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
x-azure-ref: 0ax7+YQAAAAChCEZ5E3T1RaPbmhNfER6eRlJBRURHRTEwMTAAODRlN2RmYTItMTQ0Mi00MzM0LWIzNGYtZTQyZDNmN2RkYWQ5
date: Sat, 05 Feb 2022 06:51:23 GMT

GET
H2 204 /
onetag-sys.com/usync/ 0
52 B 19ms
19ms Image
text/plain 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/usync/?tag=img

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://routerlogin.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-cache, no-transform

GET
H2 200 13926 Show response
g2.gumgum.com/usync/ Frame B4E0 4 KB
2 KB 129ms
40ms Document
text/html 34.248.122.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b0c0e8587fac5691313c5d165ce2fd2ba8657420325e59f8e836f9bd8445d223

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/

Response headers

date: Sat, 05 Feb 2022 06:51:23 GMT
content-type: text/html;charset=UTF-8
server: nginx
etag: W/"0ac38bea008ac01ab6f2d2c2bd441e601"
timing-allow-origin: *
content-encoding: gzip

GET
H2 204 ps
pixel.33across.com/ Frame 0FFC 0
0 461ms
157ms Document
text/plain 67.202.105.21

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.21 -, , ASN (),
Reverse DNS
Software: 33XP003 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/

Response headers

x-33x-status: 2000208
server: 33XP003
date: Sat, 05 Feb 2022 06:51:23 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 4277 2 KB
814 B 18ms
16ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK sync Show response
ssbsync.smartadserver.com/api/ Frame 2149 689 B
939 B 177ms
27ms Document
text/html 185.86.139.94

General

Check archive.org

Show headers Download Go to

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.94 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e97d4f6f7d658b956df41459d15a32dc07d214142170cb86480be37f61d5c3c0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/

Response headers

date: Sat, 05 Feb 2022 06:51:23 GMT
content-type: text/html
content-length: 689

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame 81DB
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

2 KB
3 KB

33ms
33ms

Document
text/html

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e4213deff40ac5fe041a66daa8a1fbf220a959befb8e5c955fb936f67439da5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 230|241|45|39|41|47|196|26
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Expires: Sat, 05 Feb 2022 06:51:23 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 05 Feb 2022 06:51:23 GMT
Content-Length: 1672
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 311
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Sat, 05 Feb 2022 06:51:23 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 05 Feb 2022 06:51:23 GMT
Connection: keep-alive

GET
H2

200

sync
ads.servenobid.com/ Frame FA0D
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526uid%253D%2524UID
https://ads.servenobid.com/sync?pid=312&uid=7839808446743297181

0
344 B

37ms
36ms

Image
image/avif

63.32.247.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=312&uid=7839808446743297181
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 63.32.247.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-247-12.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:23 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Pragma: no-cache
Date: Sat, 05 Feb 2022 06:51:23 GMT
X-Proxy-Origin: 217.114.215.133; 217.114.215.133; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d182d0a1-799a-4436-9f76-25bc8451b2ab
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ads.servenobid.com/sync?pid=312&uid=7839808446743297181
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame FA0D
Redirect Chain

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
https://ads.servenobid.com/sync?pid=310&uid=1fdc2bb82162b58958d073a7

0
347 B

37ms
37ms

Image
image/avif

63.32.247.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=310&uid=1fdc2bb82162b58958d073a7
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 63.32.247.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-247-12.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:23 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Pragma: no-cache
Date: Sat, 05 Feb 2022 06:51:23 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ads.servenobid.com/sync?pid=310&uid=1fdc2bb82162b58958d073a7
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap7ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame FA0D
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1644043883752
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4382088601
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4382088601
https://sync.1rx.io/usersync/tradedesk/f1bd9932-c512-4dab-bb06-8a930dd022b4
https://sync.targeting.unrulymedia.com/csync/RX-298ffd67-61d4-4139-9f2c-a5b88de30941-003?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-298ffd67-6...
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-298ffd67-61d4-4139-9f2c-a5b88de30941-003

43 B
163 B

27ms
27ms

Image
image/gif

185.86.139.113

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-298ffd67-61d4-4139-9f2c-a5b88de30941-003
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Server: 185.86.139.113 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:23 GMT
transfer-encoding: chunked
content-type: image/gif

Redirect headers

location: https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-298ffd67-61d4-4139-9f2c-a5b88de30941-003
date: Sat, 05 Feb 2022 06:51:24 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX298ffd6761d441399f2ca5b88de30941003
content-type: text/html

GET
H2 200 101954
jadserve.postrelease.com/suid/ Frame FA0D 43 B
428 B 420ms
100ms Image
image/gif 34.226.144.114

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/101954?ntv_r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D322%26uid%3DNTV_USER_ID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.226.144.114 -, , ASN (),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 06:51:24 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame FA0D
Redirect Chain

https://p.rfihub.com/cm?pub=44007&in=1
https://ads.servenobid.com/sync?pid=324&uid=5131077720559208457

0
344 B

36ms
36ms

Image
image/avif

63.32.247.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=324&uid=5131077720559208457
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 63.32.247.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-247-12.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:24 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Location: https://ads.servenobid.com/sync?pid=324&uid=5131077720559208457
Date: Sat, 05 Feb 2022 06:51:24 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK usa
sync.go.sonobi.com/ Frame FA0D 0
478 B 105ms
22ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Feb 2022 06:51:23 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame FA0D
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
https://ads.servenobid.com/sync?pid=327&uid=6dadd055-282e-4507-b9e0-6cb003ebf678&gdpr=0&gdpr_consent=&us_privacy=1YN-

0
356 B

36ms
36ms

Image
image/avif

63.32.247.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=327&uid=6dadd055-282e-4507-b9e0-6cb003ebf678&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 63.32.247.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-247-12.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:24 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=327&uid=6dadd055-282e-4507-b9e0-6cb003ebf678&gdpr=0&gdpr_consent=&us_privacy=1YN-
date: Sat, 05 Feb 2022 06:51:23 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 0
server: envoy
content-length: 0

GET
H2

200

sync
ads.servenobid.com/ Frame FA0D
Redirect Chain

https://ups.analytics.yahoo.com/ups/58559/occ
https://ups.analytics.yahoo.com/ups/58559/occ?verify=true
https://ads.servenobid.com/sync?pid=337&uid=y-Be4BcZpE2uGWynoupU1YkhTXg90OzAHZFZmvjm8-~A

0
367 B

277ms
276ms

Image
image/avif

63.32.247.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=337&uid=y-Be4BcZpE2uGWynoupU1YkhTXg90OzAHZFZmvjm8-~A
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 63.32.247.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-247-12.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:24 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=337&uid=y-Be4BcZpE2uGWynoupU1YkhTXg90OzAHZFZmvjm8-~A
date: Sat, 05 Feb 2022 06:51:23 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 81DB 170 B
502 B 194ms
26ms Image
image/png 142.250.181.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yf4ea4dVs-LNAMBWEx1GtgAABKUAAAAB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 06:51:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 81DB
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yf4ea4dVs-LNAMBWEx1GtgAABKUAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yf4ea4dVs-LNAMBWEx1GtgAABKUAAAAB&dcc=t

43 B
645 B

103ms
103ms

Image
image/gif

52.46.154.242

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yf4ea4dVs-LNAMBWEx1GtgAABKUAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Protocol

HTTP/1.1

Server

52.46.154.242 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Feb 2022 06:51:24 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: AWB3EP2FGDN3EKV7C12P
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 05 Feb 2022 06:51:24 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 5C4QG65MYK9760ZJXDEW
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yf4ea4dVs-LNAMBWEx1GtgAABKUAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 81DB
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yf4ea4dVs.LNAMBWEx1GtgAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIyhaGDeeV9NWF_GXGZb_g0&google_cver=1&gdpr=1&google_hm=2

43 B
999 B

24ms
22ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIyhaGDeeV9NWF_GXGZb_g0&google_cver=1&gdpr=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: HTTP/1.1
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Feb 2022 06:51:24 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 05 Feb 2022 06:51:24 GMT

Redirect headers

pragma: no-cache
date: Sat, 05 Feb 2022 06:51:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIyhaGDeeV9NWF_GXGZb_g0&google_cver=1&gdpr=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 81DB 70 B
265 B 219ms
47ms Image
image/gif 35.71.131.137

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 06:51:24 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK bridge
cm.adgrx.com/ Frame 81DB 43 B
408 B 185ms
24ms Image
image/gif 72.251.241.206

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.241.206 -, , ASN (),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Feb 2022 06:51:24 GMT
server: Cowboy
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
X-RealServer-NX: ams-delivery-4
Content-Length: 43
Expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 81DB
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=OF5yLnU91NgeUQ5&gdpr=1

43 B
987 B

42ms
21ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=OF5yLnU91NgeUQ5&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: HTTP/1.1
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Feb 2022 06:51:24 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 05 Feb 2022 06:51:24 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 05 Feb 2022 06:51:23 GMT
Server: PingMatch/v2.0.30-702-g2925257#rel-ec2-master i-0a9739bdde9ce53f1@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=OF5yLnU91NgeUQ5&gdpr=1
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 81DB
Redirect Chain

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

43 B
315 B

28ms
28ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: HTTP/1.1
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Feb 2022 06:51:24 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Sat, 05 Feb 2022 06:51:24 GMT

Redirect headers

date: Sat, 05 Feb 2022 06:51:23 GMT
server: nginx
access-control-allow-origin: *
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control: no-cache
content-type: text/html; charset=UTF-8
access-control-allow-headers: Origin
keep-alive: timeout=10

GET
H2 200 /
sync.taboola.com/sg/indexscod/1/cm/ Frame 81DB 0
99 B 199ms
23ms Image
text/plain 141.226.228.48

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=1&gdpr_consent=&id=Yf4ea4dVs.LNAMBWEx1GtgAA%261189
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:24 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 22430

GET
H2 200 sync
ads.servenobid.com/ Frame 81DB 0
356 B 40ms
36ms Image
image/avif 63.32.247.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=333&uid=Yf4ea4dVs-LNAMBWEx1GtgAABKUAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.247.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-247-12.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:23 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2

200

usersync
rtb.gumgum.com/ Frame B4E0
Redirect Chain

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
https://rtb.gumgum.com/usersync?b=apn&i=7839808446743297181

35 B
208 B

55ms
46ms

Image
image/gif

34.248.122.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=apn&i=7839808446743297181
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Server: 34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 06:51:23 GMT
server: nginx
content-type: image/gif;charset=UTF-8
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Sat, 05 Feb 2022 06:51:23 GMT
X-Proxy-Origin: 217.114.215.133; 217.114.215.133; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: e4c9bf74-a437-4642-8e81-478b3cbfafd4
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://rtb.gumgum.com/usersync?b=apn&i=7839808446743297181
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame B4E0
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_7c861c59-6983-4331-abfc-ce3a0d04a03b&gdpr=0&gdpr_consent=&us_privacy=1---
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_7c861c59-6983-4331-abfc-ce3a0d04a03b&gdpr=0&gdpr_consent=&us_privacy=1---
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=9cc76812-bacc-4bf8-8a25-3fd1605e020a
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=9cc76812-bacc-4bf8-8a25-3fd1605e020a
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=5f6ad1f3-3062-4774-80c4-46b55ca59b5c&user_group=1&ssp=gumgum2&bsw_param=9cc76812-bacc-4bf8-8a25-3fd1605e020a
https://rtb.gumgum.com/usersync?b=bsw&i=9cc76812-bacc-4bf8-8a25-3fd1605e020a

35 B
208 B

45ms
45ms

Image
image/gif

34.248.122.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=bsw&i=9cc76812-bacc-4bf8-8a25-3fd1605e020a
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Server: 34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 06:51:24 GMT
server: nginx
content-type: image/gif;charset=UTF-8
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: //rtb.gumgum.com/usersync?b=bsw&i=9cc76812-bacc-4bf8-8a25-3fd1605e020a
Date: Sat, 05 Feb 2022 06:51:24 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame B4E0
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28WhmKM2gSQ1qY0GzlbbCW_0kwfs5JpwAmnpcDN7An-0MzyJO2zxjAfwMt3lgwS-Te%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_7c861c59-6983-4331-abfc-ce3a0d04a03b&obuid=ENC(WhmKM2gSQ1qY0GzlbbCW_0kwfs5JpwAmnpcDN7An-0MzyJO2zxjAfwMt3lgwS-Te)
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=WhmKM2gSQ1qY0GzlbbCW_0kwfs5JpwAmnpcDN7An-0MzyJO2zxjAfwMt3lgwS-Te
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=7839808446743297181&obUid=WhmKM2gSQ1qY0GzlbbCW_0kwfs5JpwAmnpcDN7An-0MzyJO2zxjAfwMt3lgwS-Te

0
145 B

95ms
95ms

Image
text/plain

64.202.112.191

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=appnexus&uid=7839808446743297181&obUid=WhmKM2gSQ1qY0GzlbbCW_0kwfs5JpwAmnpcDN7An-0MzyJO2zxjAfwMt3lgwS-Te
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 64.202.112.191 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 05 Feb 2022 06:51:24 GMT
Cache-Control: no-cache
X-TraceId: 55f0ee40a573c0b3e4cee90502b97c36
Content-Length: 0

Redirect headers

Pragma: no-cache
Date: Sat, 05 Feb 2022 06:51:24 GMT
X-Proxy-Origin: 217.114.215.133; 217.114.215.133; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 9f790212-ab78-4540-a886-49d8809fd195
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.outbrain.com/cookie-sync?p=appnexus&uid=7839808446743297181&obUid=WhmKM2gSQ1qY0GzlbbCW_0kwfs5JpwAmnpcDN7An-0MzyJO2zxjAfwMt3lgwS-Te
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame B4E0
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://rtb.gumgum.com/usersync?b=opx&i=eb578b3b-390d-44e5-9153-8574634e8062

35 B
208 B

45ms
45ms

Image
image/gif

34.248.122.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=opx&i=eb578b3b-390d-44e5-9153-8574634e8062
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Server: 34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 06:51:24 GMT
server: nginx
content-type: image/gif;charset=UTF-8
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Sat, 05 Feb 2022 06:51:24 GMT
content-encoding: gzip
server: OXGW/17.1.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://rtb.gumgum.com/usersync?b=opx&i=eb578b3b-390d-44e5-9153-8574634e8062
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
via: 1.1 google

GET
H2

200

usersync
rtb.gumgum.com/ Frame B4E0
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=sta&i=0-7944fa05-d009-4006-6b9b-4715b011ae8b$ip$217.114.215.133

35 B
208 B

46ms
46ms

Image
image/gif

34.248.122.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=sta&i=0-7944fa05-d009-4006-6b9b-4715b011ae8b$ip$217.114.215.133
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Server: 34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 06:51:24 GMT
server: nginx
content-type: image/gif;charset=UTF-8
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=sta&i=0-7944fa05-d009-4006-6b9b-4715b011ae8b$ip$217.114.215.133
Date: Sat, 05 Feb 2022 06:51:24 GMT
Connection: keep-alive
Content-Length: 124
Content-Type: text/html; charset=utf-8

GET
H2

200

usersync
rtb.gumgum.com/ Frame B4E0
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=oth&i=y-dpyCtvVE2pf1xqAP_rDcFPGde0On41HKwiQH~A

35 B
208 B

45ms
45ms

Image
image/gif

34.248.122.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=oth&i=y-dpyCtvVE2pf1xqAP_rDcFPGde0On41HKwiQH~A
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Server: 34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 06:51:24 GMT
server: nginx
content-type: image/gif;charset=UTF-8
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Sat, 05 Feb 2022 06:51:24 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://rtb.gumgum.com/usersync?b=oth&i=y-dpyCtvVE2pf1xqAP_rDcFPGde0On41HKwiQH~A
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2

200

usersync
rtb.gumgum.com/ Frame B4E0
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%...
https://rtb.gumgum.com/usersync?b=vnt&i=08a0bbee-8650-11ec-8157-6f1d48b2cc96

35 B
208 B

46ms
46ms

Image
image/gif

34.248.122.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=vnt&i=08a0bbee-8650-11ec-8157-6f1d48b2cc96
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Server: 34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 06:51:24 GMT
server: nginx
content-type: image/gif;charset=UTF-8
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=vnt&i=08a0bbee-8650-11ec-8157-6f1d48b2cc96
Date: Sat, 05 Feb 2022 06:51:23 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0
X-CI-RTID: 08a0bbef-8650-11ec-8157-6f1d48b2cc96

GET
H2 204 services
sync.technoratimedia.com/ Frame B4E0 0
292 B 356ms
110ms Image
text/plain 193.122.128.135

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.122.128.135 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:24 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 30484697
access-control-allow-origin: https://g2.gumgum.com/
access-control-allow-credentials: true

GET
H2 200 142
match.deepintent.com/usersync/ Frame B4E0 0
44 B 324ms
104ms Image
text/plain 38.91.45.7

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/142
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 38.91.45.7 -, , ASN (),
Reverse DNS
Software: c /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:23 GMT
content-length: 0
server: c

GET
H2

200

usersync
rtb.gumgum.com/ Frame B4E0
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_7c861c59-6983-4331-abfc-ce3a0d04a03b&gdpr=0&gdpr_consent=&us_privacy=1---
https://stags.bluekai.com/site/23178?id=b2XpJN9FquL5B__8_16E&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2...
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2YRSLBYEUTRZIZYXKTBVIJPV6OC7GE3EKJTVONPXA...
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=b2XpJN9FquL5B__8_16E&us_privacy=1---

35 B
208 B

47ms
46ms

Image
image/gif

34.248.122.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=b2XpJN9FquL5B__8_16E&us_privacy=1---
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Server: 34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 06:51:24 GMT
server: nginx
content-type: image/gif;charset=UTF-8
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Sat, 05 Feb 2022 06:51:24 GMT
P3p: CP="We do not support P3P header."
Location: https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=b2XpJN9FquL5B__8_16E&us_privacy=1---
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 118
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame B4E0
Redirect Chain

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://rtb.gumgum.com/usersync?b=idi&i=362655c4-54c7-4f40-a7da-1ede175daab4

35 B
208 B

49ms
48ms

Image
image/gif

34.248.122.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=idi&i=362655c4-54c7-4f40-a7da-1ede175daab4
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Server: 34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 06:51:24 GMT
server: nginx
content-type: image/gif;charset=UTF-8
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=idi&i=362655c4-54c7-4f40-a7da-1ede175daab4
date: Sat, 05 Feb 2022 06:51:24 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame B4E0
Redirect Chain

https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5983921673
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5983921673
https://sync.1rx.io/usersync/tradedesk/6401a572-60cb-4ed9-81a5-3d19db554e4e
https://sync.targeting.unrulymedia.com/csync/RX-298ffd67-61d4-4139-9f2c-a5b88de30941-003?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-298ffd67-6...
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-298ffd67-61d4-4139-9f2c-a5b88de30941-003

43 B
163 B

52ms
26ms

Image
image/gif

185.86.139.113

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-298ffd67-61d4-4139-9f2c-a5b88de30941-003
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 185.86.139.113 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:24 GMT
transfer-encoding: chunked
content-type: image/gif

Redirect headers

location: https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-298ffd67-61d4-4139-9f2c-a5b88de30941-003
date: Sat, 05 Feb 2022 06:51:24 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX298ffd6761d441399f2ca5b88de30941003
content-type: text/html

GET
H2

200

usersync
rtb.gumgum.com/ Frame B4E0
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://rtb.gumgum.com/usersync?b=pln&i=3Hy0pqPUsEi1&ev=1&pid=558355

35 B
208 B

46ms
46ms

Image
image/gif

34.248.122.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=pln&i=3Hy0pqPUsEi1&ev=1&pid=558355
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Server: 34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 06:51:24 GMT
server: nginx
content-type: image/gif;charset=UTF-8
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: de-DE
location: https://rtb.gumgum.com/usersync?b=pln&i=3Hy0pqPUsEi1&ev=1&pid=558355
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-56659f45bd-4cfph
expires: -1

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame B4E0 0
75 B 30ms
30ms Image
text/plain 185.86.139.94

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=15
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.94 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:23 GMT
content-length: 0

GET
H2 200 sync
ads.servenobid.com/ Frame B4E0 0
357 B 38ms
36ms Image
image/avif 63.32.247.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=309&uid=e_7c861c59-6983-4331-abfc-ce3a0d04a03b
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.247.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-247-12.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:23 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 1C0D
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://rtb.gumgum.com/usersync?b=mmh&i=8af961fe-1e6c-4000-ba53-c1ca56177ac9&gdpr=0&gdpr_consent=

35 B
208 B

47ms
47ms

Document
image/gif

34.248.122.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=mmh&i=8af961fe-1e6c-4000-ba53-c1ca56177ac9&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/

Response headers

date: Sat, 05 Feb 2022 06:51:24 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Sat, 05 Feb 2022 06:51:24 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 4133 baa842e master cdg-pixel-x15 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://rtb.gumgum.com/usersync?b=mmh&i=8af961fe-1e6c-4000-ba53-c1ca56177ac9&gdpr=0&gdpr_consent=
Expires: Sat, 05 Feb 2022 06:51:23 GMT

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame DEB0
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Yf4ebAAD0trcQAAy
https://rtb.gumgum.com/usersync?b=atm&i=Yf4ebAAD0trcQAAy&gdpr=0&gdpr_consent=&_test=Yf4ebAAD0trcQAAy

35 B
208 B

47ms
47ms

Document
image/gif

34.248.122.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=atm&i=Yf4ebAAD0trcQAAy&gdpr=0&gdpr_consent=&_test=Yf4ebAAD0trcQAAy
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/

Response headers

date: Sat, 05 Feb 2022 06:51:24 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

server: Varnish
retry-after: 0
location: https://rtb.gumgum.com/usersync?b=atm&i=Yf4ebAAD0trcQAAy&gdpr=0&gdpr_consent=&_test=Yf4ebAAD0trcQAAy
accept-ranges: bytes
date: Sat, 05 Feb 2022 06:51:24 GMT
via: 1.1 varnish
x-served-by: cache-hhn4049-HHN
x-cache: HIT
x-cache-hits: 0
x-timer: S1644043884.119392,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET
H3

200

pixel Show response
cm.g.doubleclick.net/ Frame 72D2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83Yzg2MWM1OS02OTgzLTQzMzEtYWJmYy1jZTNhMGQwNGEwM2I=&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83Yzg2MWM1OS02OTgzLTQzMzEtYWJmYy1jZTNhMGQwNGEwM2I=&gdpr=0&gdpr_consent=&google_tc=

170 B
188 B

62ms
36ms

Document
image/png

142.250.181.226

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83Yzg2MWM1OS02OTgzLTQzMzEtYWJmYy1jZTNhMGQwNGEwM2I=&gdpr=0&gdpr_consent=&google_tc=

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/

Response headers

content-type: image/png
date: Sat, 05 Feb 2022 06:51:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83Yzg2MWM1OS02OTgzLTQzMzEtYWJmYy1jZTNhMGQwNGEwM2I=&gdpr=0&gdpr_consent=&google_tc=
date: Sat, 05 Feb 2022 06:51:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 364
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 9957 15 KB
6 KB 169ms
17ms Document
text/html 2.18.233.180

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/

Response headers

last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=137617
expires: Sun, 06 Feb 2022 21:05:00 GMT
date: Sat, 05 Feb 2022 06:51:23 GMT
vary: Accept-Encoding

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame B96F 0
0 379ms
126ms Document
text/plain 67.202.105.21

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.21 -, , ASN (),
Reverse DNS
Software: 33XP004 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/

Response headers

x-33x-status: 2000208
server: 33XP004
date: Sat, 05 Feb 2022 06:51:23 GMT

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 0C55
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=ttd&i=6401a572-60cb-4ed9-81a5-3d19db554e4e&t=1646635884

35 B
208 B

45ms
45ms

Document
image/gif

34.248.122.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=ttd&i=6401a572-60cb-4ed9-81a5-3d19db554e4e&t=1646635884
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/

Response headers

date: Sat, 05 Feb 2022 06:51:24 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Sat, 05 Feb 2022 06:51:24 GMT
content-type: text/html
content-length: 209
location: https://rtb.gumgum.com/usersync?b=ttd&i=6401a572-60cb-4ed9-81a5-3d19db554e4e&t=1646635884
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame EB77
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
https://eus.rubiconproject.com/usync.html?p=gumgum

281 B
554 B

65ms
17ms

Document
text/html

104.89.20.125

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.20.125 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "40014-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 05 Feb 2022 06:51:24 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?p=gumgum
date: Sat, 05 Feb 2022 06:51:23 GMT
access-control-allow-credentials: true
access-control-allow-origin: *

GET
H2 204 um
cs.emxdgt.com/ Frame 9224 0
0 195ms
28ms Document
text/html 18.195.155.181

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/

Response headers

content-type: text/html
date: Sat, 05 Feb 2022 06:51:23 GMT
content-length: 0

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame C8EB
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://rtb.gumgum.com/usersync?b=sus&i=Yf4ebMCo5swAAOVX-KYAAAAA

35 B
208 B

46ms
46ms

Document
image/gif

34.248.122.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=sus&i=Yf4ebMCo5swAAOVX-KYAAAAA
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/

Response headers

date: Sat, 05 Feb 2022 06:51:24 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Server: nginx
Date: Sat, 05 Feb 2022 06:51:24 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: private
Location: https://rtb.gumgum.com/usersync?b=sus&i=Yf4ebMCo5swAAOVX-KYAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time: 4
X-SO-HostName: a-ad40123.dc2p.scaleout.jp
X-SO-LB-Hostname: a-tgng40008.dc2p.scaleout.jp
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":35,"gdpr":true,"ipv4":"0.0.0.0","key":"Yf4ebMCo5swAAOVX-KYAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40123"}
X-SO-Key: Yf4ebMCo5swAAOVX-KYAAAAA
X-SO-IP: 217.114.215.133
X-SO-Cluster-ID: 35
X-SO-Upstream-ID: a-ad40123

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame FC57
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://creativecdn.com/cm-notify?pi=gumgum&tc=1
https://rtb.gumgum.com/usersync?b=rth&i=POnU58bCHGWrBhgDO15S&pi=gumgum&tc=1

35 B
208 B

45ms
44ms

Document
image/gif

34.248.122.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=rth&i=POnU58bCHGWrBhgDO15S&pi=gumgum&tc=1
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/

Response headers

date: Sat, 05 Feb 2022 06:51:24 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Sat, 05 Feb 2022 06:51:24 GMT Sat, 05 Feb 2022 06:51:24 GMT
location: https://rtb.gumgum.com/usersync?b=rth&i=POnU58bCHGWrBhgDO15S&pi=gumgum&tc=1
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0

GET
H2 200 sync
ads.servenobid.com/ Frame 2149 0
344 B 39ms
36ms Image
image/avif 63.32.247.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=317&uid=8946380340563696636&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.247.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-247-12.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:24 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame 2149
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?CC=1&party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=4020974057525123100&gdpr=0&gdpr_consent=

43 B
408 B

86ms
30ms

Image
image/gif

185.86.139.113

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=4020974057525123100&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: HTTP/1.1
Server: 185.86.139.113 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 06:51:24 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma: no-cache
date: Sat, 05 Feb 2022 06:51:24 GMT
server: nginx
location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=4020974057525123100&gdpr=0&gdpr_consent=
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame 2149
Redirect Chain

https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=0745220403b7c551dec721bb&gdpr=0&gdprConsent=

43 B
413 B

86ms
31ms

Image
image/gif

185.86.139.113

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=0745220403b7c551dec721bb&gdpr=0&gdprConsent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: HTTP/1.1
Server: 185.86.139.113 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 06:51:23 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=0745220403b7c551dec721bb&gdpr=0&gdprConsent=
date: Sat, 05 Feb 2022 06:51:24 GMT
access-control-allow-credentials: true
x-powered-by: Express
content-length: 0
vary: Origin
keep-alive: timeout=5

GET
H/1.1

200
OK

redir
rtb-csync.smartadserver.com/ Frame 2149
Redirect Chain

https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACSQk7D_D0AAG8tqNtwwA&gdpr=0

43 B
440 B

30ms
29ms

Image
image/gif

185.86.139.113

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACSQk7D_D0AAG8tqNtwwA&gdpr=0
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: HTTP/1.1
Server: 185.86.139.113 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 06:51:23 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACSQk7D_D0AAG8tqNtwwA&gdpr=0
Date: Sat, 05 Feb 2022 06:51:24 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame 2149
Redirect Chain

https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1971346236
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1971346236
https://sync.1rx.io/usersync/tradedesk/c51dc446-48f0-4019-ade2-d9c2a9f2bb88
https://sync.targeting.unrulymedia.com/csync/RX-298ffd67-61d4-4139-9f2c-a5b88de30941-003?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-298ffd67-6...
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-298ffd67-61d4-4139-9f2c-a5b88de30941-003

43 B
163 B

26ms
25ms

Image
image/gif

185.86.139.113

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-298ffd67-61d4-4139-9f2c-a5b88de30941-003
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: HTTP/1.1
Server: 185.86.139.113 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:23 GMT
transfer-encoding: chunked
content-type: image/gif

Redirect headers

location: https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-298ffd67-61d4-4139-9f2c-a5b88de30941-003
date: Sat, 05 Feb 2022 06:51:24 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX298ffd6761d441399f2ca5b88de30941003
content-type: text/html

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 9957 2 KB
3 KB 81ms
21ms Script
text/html 198.47.127.19

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=57566028&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 87c57feaf9c1f8d0049cf7215317ea7450073bc6fb263deaddaa58362fc8654a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:23 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame EB77 32 KB
10 KB 18ms
18ms Script
text/html 104.89.20.125

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.20.125 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 972be15bdf6d6e3ca4187bf8ae7b04595f0889176ffd8e5f13618c8ef385b74d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 05 Feb 2022 06:51:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Dec 2021 23:04:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=17194
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9703
Expires: Sat, 05 Feb 2022 11:37:58 GMT

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame A1AE 35 B
468 B 30ms
29ms Document
image/gif 37.157.6.251

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=7F9165C1-14A9-42A6-A226-E38DE74648F1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sat, 05 Feb 2022 06:51:24 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame CC77
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6574281382123060460

42 B
210 B

24ms
24ms

Document
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6574281382123060460
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sat, 05 Feb 2022 06:51:23 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug004:0:424
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6574281382123060460
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame AD92
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8af961fe-1e6c-4000-ba53-c1ca56177ac9&gdpr=0&gdpr_consent=

42 B
495 B

331ms
22ms

Document
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8af961fe-1e6c-4000-ba53-c1ca56177ac9&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sat, 05 Feb 2022 02:27:07 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug0022:0:522
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Date: Sat, 05 Feb 2022 06:51:24 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 4133 baa842e master cdg-pixel-x24 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8af961fe-1e6c-4000-ba53-c1ca56177ac9&gdpr=0&gdpr_consent=
Expires: Sat, 05 Feb 2022 06:51:23 GMT

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame D27C 43 B
362 B 97ms
33ms Document
image/gif 178.250.2.151

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.151 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Sat, 05 Feb 2022 06:51:23 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Sat, 05 Feb 2022 00:00:00 GMT
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 602454
strict-transport-security: max-age=31536000; preload;

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame B182
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7061114714971043980

42 B
210 B

37ms
23ms

Document
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7061114714971043980
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sat, 05 Feb 2022 06:51:23 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug002:0:562
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Sat, 05 Feb 2022 06:51:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7061114714971043980

GET
H2 200 usersync Show response
rtb.gumgum.com/ Frame 4863 35 B
208 B 49ms
48ms Document
image/gif 34.248.122.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=pbm&i=7F9165C1-14A9-42A6-A226-E38DE74648F1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Sat, 05 Feb 2022 06:51:24 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9957
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=f5FlwRSpQqaiJuON50ZI8Q%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

15 KB
15 KB

18ms
18ms

Image
text/html

2.18.233.180

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Server: 2.18.233.180 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:24 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3de4-5d6ef246ef4cf"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=137616
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5549
expires: Sun, 06 Feb 2022 21:05:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 05 Feb 2022 06:51:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 9957
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8af961fe-1e6c-4000-ba53-c1ca56177ac9

0
260 B

301ms
27ms

Image
text/plain

185.64.190.81

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8af961fe-1e6c-4000-ba53-c1ca56177ac9
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Server: 185.64.190.81 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 03:49:53 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Sat, 05 Feb 2022 06:51:24 GMT
Server: MT3 4133 baa842e master cdg-pixel-x24 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8af961fe-1e6c-4000-ba53-c1ca56177ac9
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 05 Feb 2022 06:51:23 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 9957
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=7F9165C1-14A9-42A6-A226-E38DE74648F1
https://spl.zeotap.com/?zdid=1332&zcluid=b867544b685a019e
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=86ff8722-d9b3-4250-5695-70f33fa0409e&reqId=acb56529-36ec-49f2-57c9-2cfaa54ffc5a&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESEB_fbsJQmKc0tNmAllqIy1Y&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=86ff8722-d9b3-4250-5695-70f33fa0409e&reqId=acb56529-36ec-49f2-57c9-2cf...

95 B
164 B

29ms
28ms

Image
image/png

2606:4700:10::ac43:db6

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEB_fbsJQmKc0tNmAllqIy1Y&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=86ff8722-d9b3-4250-5695-70f33fa0409e&reqId=acb56529-36ec-49f2-57c9-2cfaa54ffc5a&zcluid=b867544b685a019e&zdid=1332
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Server: 2606:4700:10::ac43:db6 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:24 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 6d8a35c7383f68eb-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sat, 05 Feb 2022 06:51:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEB_fbsJQmKc0tNmAllqIy1Y&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=86ff8722-d9b3-4250-5695-70f33fa0409e&reqId=acb56529-36ec-49f2-57c9-2cfaa54ffc5a&zcluid=b867544b685a019e&zdid=1332
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 9957
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0Y5MTY1QzEtMTRBOS00MkE2LUEyMjYtRTM4REU3NDY0OEYx&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
187 B

328ms
24ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:23 GMT
cache-control: no-store, no-cache, private
x-lat: amspug005:0:524
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 05 Feb 2022 06:51:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 9957
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMKrtfogwZgzjCjpTHIP_SU&google_cver=1

42 B
594 B

327ms
24ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMKrtfogwZgzjCjpTHIP_SU&google_cver=1
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 02:27:07 GMT
cache-control: no-store, no-cache, private
x-lat: amspug0022:0:398
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 05 Feb 2022 06:51:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMKrtfogwZgzjCjpTHIP_SU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 9957 43 B
610 B 100ms
28ms Image
image/gif 169.50.137.184

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.184 -, , ASN (),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:24 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Fri, 04 Feb 2022 06:51:24 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 9957
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2400424574025026460

42 B
543 B

319ms
21ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2400424574025026460
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 03:22:06 GMT
cache-control: no-store, no-cache, private
x-lat: amspug0023:0:361
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 05 Feb 2022 06:51:24 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2400424574025026460
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 9957
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c51dc446-48f0-4019-ade2-d9c2a9f2bb88

42 B
449 B

297ms
22ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c51dc446-48f0-4019-ade2-d9c2a9f2bb88
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:23 GMT
cache-control: no-store, no-cache, private
x-lat: amspug003:0:444
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 05 Feb 2022 06:51:24 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c51dc446-48f0-4019-ade2-d9c2a9f2bb88
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 9957
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7839808446743297181&gdpr=0&gdpr_consent=

42 B
313 B

330ms
25ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7839808446743297181&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 06:51:23 GMT
cache-control: no-store, no-cache, private
x-lat: amspug006:0:587
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Sat, 05 Feb 2022 06:51:24 GMT
X-Proxy-Origin: 217.114.215.133; 217.114.215.133; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 75f8d605-7c70-492f-b367-e3c714b648f4
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7839808446743297181&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame EB77 284 B
536 B 75ms
17ms Image
image/jpg 69.173.144.139

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/jpg

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame EB77 0
239 B 183ms
18ms Image
image/gif 69.173.144.138

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/gif

Verdicts & Comments Add Verdict or Comment

225 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.routerlogin.mobi/	1970-01-20 00:40:45	Name: ezoadgid_212534 Value: -2
.routerlogin.mobi/	1970-01-20 00:40:51	Name: ezoref_212534 Value:
.routerlogin.mobi/	1970-01-20 00:40:51	Name: ezoab_212534 Value: mod1
.routerlogin.mobi/	1970-01-20 00:43:36	Name: active_template::212534 Value: pub_site.1644043878
.routerlogin.mobi/	1970-01-20 00:40:45	Name: ezopvc_212534 Value: 1
.routerlogin.mobi/	1970-01-20 00:42:10	Name: ezepvv Value: 0
.routerlogin.mobi/	1970-01-20 00:40:45	Name: ezovid_212534 Value: 699724058
.routerlogin.mobi/	1970-01-20 00:40:45	Name: lp_212534 Value: https://routerlogin.mobi/
.routerlogin.mobi/	1970-01-20 00:43:36	Name: ezovuuidtime_212534 Value: 1644043878
.routerlogin.mobi/	1970-01-20 00:40:45	Name: ezovuuid_212534 Value: 61de70f6-1cd6-46d8-412f-fbd771ecaf5a
.routerlogin.mobi/	1970-01-20 09:26:19	Name: ezCMPCCS Value: false
.routerlogin.mobi/	1970-01-20 09:26:19	Name: ezosuibasgeneris-1 Value: a7c4ffc4-0084-46cc-680b-e965010a6ce4
routerlogin.mobi/	1970-01-22 13:59:55	Name: ezds Value: ffid%3D1%2Cw%3D1600%2Ch%3D1200
routerlogin.mobi/	1970-01-22 13:59:55	Name: ezohw Value: w%3D1600%2Ch%3D1200
routerlogin.mobi/	1969-12-31 23:59:59	Name: ezouspvv Value: 0
routerlogin.mobi/	1969-12-31 23:59:59	Name: ezouspva Value: 0
.adnxs.com/	1970-01-20 02:50:19	Name: uuid2 Value: 7839808446743297181
.yahoo.com/	1970-01-20 09:26:41	Name: A3 Value: d=AQABBGse_mECEIaBzXQiySWzth3d553AHdUFEgEBAQFv_2EIYgAAAAAA_eMAAA&S=AQAAAiT2QyLBwvLwgWt7wHQv1_U
.lijit.com/	1970-01-20 09:26:19	Name: ljt_reader Value: 1fdc2bb82162b58958d073a7
.servenobid.com/	1970-01-20 00:50:48	Name: pid_312 Value: 7839808446743297181
.casalemedia.com/	1970-01-20 09:26:19	Name: CMID Value: Yf4ea4dVs.LNAMBWEx1GtgAA
.casalemedia.com/	1970-01-20 02:50:19	Name: CMPS Value: 3194
.analytics.yahoo.com/	1970-01-20 09:27:46	Name: IDSYNC Value: 196n~2326
.lijit.com/	1970-01-20 09:26:19	Name: _ljtrtb_273657 Value: 273657
.casalemedia.com/	1970-01-20 02:50:19	Name: CMPRO Value: 1189
.casalemedia.com/	1970-01-20 00:42:10	Name: CMST Value: Yf4ea2H+HmsA
.casalemedia.com/	1970-01-20 09:26:19	Name: CMRUM3 Value: 2961fe1e6b05a0&c461fe1e6b05a0&f161fe1e6b05a0&2761fe1e6b0b40&e661fe1e6b2760&1a61fe1e6b05a0&2d61fe1e6b05a0&2f61fe1e6b05a0
.gumgum.com/	1970-01-20 09:26:19	Name: vst Value: e_7c861c59-6983-4331-abfc-ce3a0d04a03b
.servenobid.com/	1970-01-20 00:50:48	Name: pid_310 Value: 1fdc2bb82162b58958d073a7
.1rx.io/	1970-01-20 09:26:19	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-298ffd67-61d4-4139-9f2c-a5b88de30941-003%22%2C%22zdxidn%22%3A%221506%22%2C%22nxtrdr%22%3Afalse%7D
.smartadserver.com/	1970-01-20 10:10:58	Name: pid Value: 8946380340563696636
.servenobid.com/	1970-01-20 00:50:48	Name: pid_333 Value: Yf4ea4dVs-LNAMBWEx1GtgAABKUAAAAB
.servenobid.com/	1970-01-20 00:50:48	Name: pid_309 Value: e_7c861c59-6983-4331-abfc-ce3a0d04a03b

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://routerlogin.mobi/ Message: The resource https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,oftmedia,sharethrough,yieldmo&cb=195-0-33 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ad.360yield.com
ads.pubmatic.com
ads.servenobid.com
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
c1.adform.net
cdn4.buysellads.net
ce.lijit.com
cm.adgrx.com
cm.g.doubleclick.net
creativecdn.com
cs.emxdgt.com
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g.ezodn.com
g2.gumgum.com
go.ezodn.com
go.ezoic.net
gu.dyntrk.com
gum.criteo.com
gvl.ezodn.com
hb-api.omnitagjs.com
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
jadserve.postrelease.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
mwzeom.zeotap.com
onetag-sys.com
p.rfihub.com
pixel.33across.com
pixel.onaudience.com
pixel.rubiconproject.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
public.servenobid.com
routerlogin.mobi
rtb-csync.smartadserver.com
rtb.gumgum.com
s.amazon-adsystem.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
spl.zeotap.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.criteo.net
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tg.socdm.com
token.rubiconproject.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.googletagservices.com
x.bidswitch.net
104.89.20.125
104.89.42.102
135.125.160.77
141.226.228.48
142.250.181.226
142.250.185.130
147.75.61.140
151.101.193.108
151.101.66.49
169.50.137.184
178.162.133.149
178.250.0.165
178.250.2.151
18.195.155.181
185.183.112.148
185.184.8.65
185.255.84.151
185.29.134.244
185.33.221.89
185.64.189.110
185.64.190.81
185.86.139.113
185.86.139.94
193.0.160.128
193.122.128.135
198.148.27.139
198.47.127.19
2.18.233.180
2.21.141.232
202.241.208.57
213.155.156.169
213.19.147.44
213.19.147.45
216.52.2.39
23.37.42.132
2600:9000:2250:e000:2:cb38:840:93a1
2606:4700:10::ac43:db6
2606:4700:3031::6815:496e
2606:4700:3037::ac43:cd0f
2620:1ec:46::45
2a00:1450:4001:80f::2003
2a00:1450:4001:812::2002
2a00:1450:4001:830::200a
2a02:2638:1::13
2a02:2638::3
2a05:d018:d29:3602:1794:1826:a9e8:a8ca
2a06:98c1:3120::7
3.121.12.72
3.126.56.137
34.226.144.114
34.237.23.137
34.248.122.81
35.156.135.60
35.210.53.219
35.244.159.8
35.71.131.137
37.157.6.251
37.252.173.27
38.91.45.7
51.222.80.231
51.89.9.254
52.203.60.58
52.31.13.93
52.46.154.242
54.76.84.232
63.32.247.12
64.202.112.191
64.74.236.63
67.202.105.21
69.173.144.138
69.173.144.139
72.251.241.206
85.114.159.93
94.31.29.32
049df80f0becc4a69cebc35531cec8f25bcb36fde3d2d05af82f7f3ae6bef5ab
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0e1536ec01be2959f60ab02b0194f62521734031080914187efc25e482fefdc9
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10a7e524db359a94a66ea75b97e81a52932f0e10a04deabb49fb73ec5d038946
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1c5ad2fd42dffdf04a0f1d757c1cccb4d840218d7ecada79d6cc9db33ca40319
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
280fa1716bd460ab1b8d9ae4aae5f04d7a34432622714d09e82b0225f7978eab
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ed42228a7839dff5fdd6848684498358c3fda443d6c3313c5e2f7968796f45c
346e1b927246849bc11cc69c9df8cab8ebdd6c8db92b5f57730cb58f07ce57d1
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
383472db86bc19b822592340828e1a9d680ece8e6a5114eb4744351081fdea3c
3a83a3b3cd267f15e25444e8f1df1e6d325e65990d3db5f209dc71c96350c946
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4132ba42b3e47aa757cdf63b1b9bcead2ab6c9133e21ecc2a62fa04b2374a81b
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4c7487ce8c14812a63576a5c50327c7bc94608c7a901a29fad7f2e2697b8d93d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
5b5996e61a10b88aad0af79925937cbf2f1b8caa6b4a471fba4d6f0a290b6d80
5d407b4aacf72b6c31852d64dd3df6814574b4c659e5501701c68f4cf88cf1f5
5f1a0eb046f22533fd96fde5da0c9f951cb8b69354839596657271c9af223be0
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66c1aaea8a3cc8117f2152a147954550edd0abc42b52d3560510fbd8108b356e
674c7218dcf4a06572cea948f88ae04399fa35b91a5d2b7b57999427e8cab7c5
6771773e12468df7f018f1386cdd707359ec462795dd111879db786970dd52d5
6866db878c8c80f02f27270d1aa4e85f988fb535d9cd9d4541b5b76c6e805be4
6a23433b413a1cdfb998ee5461557fa061ab84972314aa4636ad3920201978c4
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c55a4429122b3e84a62473afe3d95c12b9cc976f3911bb9e0ee36e44b75125e
6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
7360356b5ade646c718574599e78e4216c1e0979278ea730bd0b5ab9d3032f9b
8047ef3363ea19e0cf1be2bbadfeaf4875382deeb6e1b8ac399fe88c435ef92d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87c57feaf9c1f8d0049cf7215317ea7450073bc6fb263deaddaa58362fc8654a
89d399788a1975154c815e157b1a20be418d3ce47320921dde3126f5c95b8f0d
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c0c6175278a9af9636b961d65cdd18841671e678071edce1c9784b318759233
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
93f871ce94c730e02c2d43634d4819bed0f282df99c2f59b0795786bb8accf22
96ffefb8001a78607c1aa3674841f47cdea84032ce51cdf0af0323e5ee450b35
972be15bdf6d6e3ca4187bf8ae7b04595f0889176ffd8e5f13618c8ef385b74d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1db1ea93e232449098528c5365e9256091b6204140acff3e9690fedc07c09a4
a5bdcdde411d51b2c8592667fbfa1ebb428a7c28624b1cbe780fc3c1b47305ae
a89057208861e739c4ea6ea2e1126afd5b41c89f22548e5afeb74b7c71614777
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
b079914b081d961cd0112fdfff5064ce085a9064dcfc45d7c8a0e2cd853fc477
b0c0e8587fac5691313c5d165ce2fd2ba8657420325e59f8e836f9bd8445d223
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b167dddc88154510036c6ea8e0e5d4ab86ff9ad54257fe589b4da63260a22438
b1ad18d59a923a30397279d4545c15ae7088bb6e70f37b6468b890fc4cfee8ba
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
b705e5c0bc265bde920042296b02bb099b6cd42761a3c184bfae338c02252234
baa40a59a2c497a69a81f2cf5851021aa12d71702570d344e54345399d06b71b
bbfd30e5fd2bd475d319b5b55ab61469966d1517b703f9bd830a6f3207387c27
bc57e47e638c9588240238e4fdd2f94ed6e7e97bda7a04a226afdb82b5274e32
bca70519e5992c095417b2684a34d34bc8ee3eb4aa49fd1361a8fe64efddbc5b
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d11f7468655f6d31e77167b28435f78e910c0f123f0be63753a43b7b98c08332
d7639ef9732adaf582c2006a5de74d4e4fa148e000abb6dfd2e2a9f3455490db
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e0d208d7068dbc077fa426bcdb41d8933fec3cd544d556e67ebde19908004c34
e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4213deff40ac5fe041a66daa8a1fbf220a959befb8e5c955fb936f67439da5e
e97d4f6f7d658b956df41459d15a32dc07d214142170cb86480be37f61d5c3c0
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef19b5f26aa49fcbd1901fbb9b5cc5da79d1d26a4c4ef31f387ca69769cc2016
f17f709d860874aca8922d177216f8b50d0437346550892b3138eaa9bb2961ff
fc3d889abf85e587e7e6faeb30c96c2df6d31b583ccf3d73cb2787ebfa372106
fc9c4a9769ce8ca48cd9e9c5c3c4fcd83d2fb4b1ba782f7a7616061b2d03c7e9
ffb648200f12e9e83c7a7d94892271c74f23b39d6f77b9df5e21c96166a41ecb

routerlogin.mobi Open in urlscan Pro 2606:4700:3037::ac43:cd0f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

128 Requests

74 %HTTPS

16 %IPv6

59 Domains

80 Subdomains

46 IPs

6 Countries

1296 kBTransfer

3539 kBSize

33 Cookies

1 Outgoing links

Redirected requests

128 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

routerlogin.mobi Open in urlscan Pro
2606:4700:3037::ac43:cd0f Public Scan

Screenshot
Live screenshot

Full Image

128
Requests

74 %
HTTPS

16 %
IPv6

59
Domains

80
Subdomains

46
IPs

6
Countries

1296 kB
Transfer

3539 kB
Size

33
Cookies

128 HTTP transactions
6 data transactions