www.wheeloffortunecheats.com Open in urlscan Pro
18.224.87.21 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.wheeloffortunecheats.com/
Effective URL:
https://www.wheeloffortunecheats.com/
Submission: On September 13 via manual (September 13th 2022, 9:13:43 am UTC) from JP — Scanned from JP

Summary HTTP 157 Redirects Behaviour Indicators

Summary

This website contacted 58 IPs in 12 countries across 61 domains to perform 157 HTTP transactions. The main IP is 18.224.87.21, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is www.wheeloffortunecheats.com.
TLS certificate: Issued by R3 on August 15th 2022. Valid for: 3 months.

This is the only time www.wheeloffortunecheats.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	18.224.87.21 18.224.87.21	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700:10:... 2606:4700:10::6816:194a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:20:... 2606:4700:20::681a:932	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:78b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:6800:400... 2404:6800:4004:821::2008	15169 (GOOGLE) (GOOGLE)
3	18.65.175.23 18.65.175.23	16509 (AMAZON-02) (AMAZON-02)
4	142.251.42.194 142.251.42.194	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:246	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.196.102 142.250.196.102	15169 (GOOGLE) (GOOGLE)
1	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:822::200e	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4008:c07::9d	15169 (GOOGLE) (GOOGLE)
1	23.39.13.202 23.39.13.202	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
1	2600:9000:221... 2600:9000:2219:b400:13:ed78:1200:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	2406:2600:4::b 2406:2600:4::b	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2	2606:4700:20:... 2606:4700:20::ac43:4bf1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	182.161.74.11 182.161.74.11	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
9 12	141.95.33.111 141.95.33.111	16276 (OVH) (OVH)
9 10	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
7	2602:803:c006... 2602:803:c006:158::65	26667 (RUBICONPR...) (RUBICONPROJECT)
1	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	185.86.137.17 185.86.137.17	201081 (SMARTADSE...) (SMARTADSERVER)
6	52.77.152.198 52.77.152.198	16509 (AMAZON-02) (AMAZON-02)
2 3	103.43.90.21 103.43.90.21	29990 (ASN-APPNEX) (ASN-APPNEX)
1	139.99.49.250 139.99.49.250	16276 (OVH) (OVH)
2 15	52.46.128.147 52.46.128.147	16509 (AMAZON-02) (AMAZON-02)
2 2	103.229.206.241 103.229.206.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	107.178.244.193 107.178.244.193	15169 (GOOGLE) (GOOGLE)
2 2	18.136.50.156 18.136.50.156	16509 (AMAZON-02) (AMAZON-02)
2 2	18.180.125.109 18.180.125.109	16509 (AMAZON-02) (AMAZON-02)
7 10	8.39.36.141 8.39.36.141	26667 (RUBICONPR...) (RUBICONPROJECT)
4 4	2a02:fa8:c411... 2a02:fa8:c411:12::1050	399104 (CNVR-APAC) (CNVR-APAC)
1	2404:6800:400... 2404:6800:4004:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:826::2002	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:80a::2001	15169 (GOOGLE) (GOOGLE)
1	13.112.124.88 13.112.124.88	16509 (AMAZON-02) (AMAZON-02)
4 11	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 8	54.255.75.208 54.255.75.208	16509 (AMAZON-02) (AMAZON-02)
2	23.44.52.240 23.44.52.240	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.220.183.187 52.220.183.187	16509 (AMAZON-02) (AMAZON-02)
1 7	104.88.208.33 104.88.208.33	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	18.178.22.21 18.178.22.21	16509 (AMAZON-02) (AMAZON-02)
1 1	199.187.193.179 199.187.193.179	47043 (SMARTADSE...) (SMARTADSERVER)
2 2	52.223.2.229 52.223.2.229	16509 (AMAZON-02) (AMAZON-02)
1 1	103.43.90.117 103.43.90.117	29990 (ASN-APPNEX) (ASN-APPNEX)
1 19	13.112.54.241 13.112.54.241	16509 (AMAZON-02) (AMAZON-02)
3 4	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
2 2	35.213.93.179 35.213.93.179	15169 (GOOGLE) (GOOGLE)
2 2	54.83.100.212 54.83.100.212	14618 (AMAZON-AES) (AMAZON-AES)
4 4	64.202.112.191 64.202.112.191	23352 (SERVERCEN...) (SERVERCENTRAL)
2 2	23.10.5.240 23.10.5.240	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4 4	74.118.186.45 74.118.186.45	26120 (RHYTHMONE) (RHYTHMONE)
1 1	74.214.196.131 74.214.196.131	19189 (PULSEPOINT) (PULSEPOINT)
3 4	38.133.127.95 38.133.127.95	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2 2	23.106.127.53 23.106.127.53	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
2 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2 3	2406:da18:929... 2406:da18:929:5a00:9a2c:8e82:ae9c:de5c	16509 (AMAZON-02) (AMAZON-02)
1 1	3.234.131.203 3.234.131.203	14618 (AMAZON-AES) (AMAZON-AES)
1	141.148.45.191 141.148.45.191	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1	169.197.150.7 169.197.150.7	398989 (DEEPINTENT) (DEEPINTENT)
2 2	18.140.149.174 18.140.149.174	16509 (AMAZON-02) (AMAZON-02)
1 1	20.127.253.7 20.127.253.7	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
4 7	142.251.42.130 142.251.42.130	15169 (GOOGLE) (GOOGLE)
1	52.55.123.47 52.55.123.47	14618 (AMAZON-AES) (AMAZON-AES)
1 1	202.241.208.57 202.241.208.57	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
2 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	103.231.99.243 103.231.99.243	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
1	52.94.220.185 52.94.220.185	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
4	52.74.163.173 52.74.163.173	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:116:800e... 2620:116:800e:21:c338:3a39:7c0b:1a51	16509 (AMAZON-02) (AMAZON-02)
1 1	2606:4700::68... 2606:4700::6813:ac6c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
1	2606:4700:10:... 2606:4700:10::6816:184a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2404:6800:400... 2404:6800:4004:810::2002	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:826::2001	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:821::2004	15169 (GOOGLE) (GOOGLE)
1	23.207.172.231 23.207.172.231	() ()
1	23.207.173.53 23.207.173.53	() ()
157	58

7 18.224.87.21 (Columbus, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-224-87-21.us-east-2.compute.amazonaws.com

www.wheeloffortunecheats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:194a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.snigelweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adengine.snigelweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:932 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

snigelweb-com.videoplayerhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:78b (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:821::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.65.175.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-175-23.nrt57.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.42.194 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s47-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.196.102 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s35-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:822::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4008:c07::9d (Taipei, Taiwan)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.39.13.202 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-39-13-202.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.119 (France)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2219:b400:13:ed78:1200:93a1 (United States)

ASN16509 (AMAZON-02, US)

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:2600:4::b (Japan) 1 redirects

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 182.161.74.11 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 141.95.33.111 (Germany) 9 redirects

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 15.197.193.217 (United States) 9 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2602:803:c006:158::65 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.86.137.17 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.77.152.198 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 103.43.90.21 (Singapore, Singapore) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.99.49.250 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip250.ip-139-99-49.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 52.46.128.147 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.229.206.241 (Singapore) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.244.193 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 193.244.178.107.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.136.50.156 (Singapore, Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-136-50-156.ap-southeast-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.180.125.109 (Tokyo, Japan) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-180-125-109.ap-northeast-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 8.39.36.141 (Los Angeles, United States) 7 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:fa8:c411:12::1050 (Amsterdam, Netherlands) 4 redirects

ASN399104 (CNVR-APAC, US)

inmobi-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yieldmo-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:81c::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:826::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:80a::2001 (Australia)

ASN15169 (GOOGLE, US)

a68679edec791171cd3a7410944b51dd.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.112.124.88 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-112-124-88.ap-northeast-1.compute.amazonaws.com

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.18.18.126 (None, ) 4 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.255.75.208 (Singapore, Singapore) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-255-75-208.ap-southeast-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.44.52.240 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-52-240.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.220.183.187 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-183-187.ap-southeast-1.compute.amazonaws.com

sync-amz.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.88.208.33 (Tokyo, Japan) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-88-208-33.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.178.22.21 (Tokyo, Japan) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-178-22-21.ap-northeast-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.187.193.179 (Canada) 1 redirects

ASN47043 (SMARTADSERVER, CA)

ssbsync-us.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.2.229 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.43.90.117 (Singapore, Singapore) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 13.112.54.241 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com

usersync.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.213.12.39 (Tokyo, Japan) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.213.93.179 (Tokyo, Japan) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 179.93.213.35.bc.googleusercontent.com

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.83.100.212 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-100-212.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.202.112.191 (Lovettsville, United States) 4 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.10.5.240 (Tokyo, Japan) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-10-5-240.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.118.186.45 (Serangoon, Singapore) 4 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.214.196.131 (Sunnyvale, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 38.133.127.95 (United States) 3 redirects

ASN22075 (AS-OUTBRAIN, US)

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.106.127.53 (Singapore, Singapore) 2 redirects

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2406:da18:929:5a00:9a2c:8e82:ae9c:de5c (Singapore, Singapore) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.234.131.203 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-131-203.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.148.45.191 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.140.149.174 (Singapore, Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-149-174.ap-southeast-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.127.253.7 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sync.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.49 (United States)

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.251.42.130 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: nrt12s45-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.55.123.47 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-123-47.compute-1.amazonaws.com

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.241.208.57 (Japan) 1 redirects

ASN4694 (IDCF IDC Frontier Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.231.99.243 (Japan)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.98 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.94.220.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.158.64 (Singapore, Singapore) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-apac.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.74.163.173 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-163-173.ap-southeast-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800e:21:c338:3a39:7c0b:1a51 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:ac6c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:184a (United States)

ASN13335 (CLOUDFLARENET, US)

argus-fra1.snigelweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:810::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:826::2001 (Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:821::2004 (Australia)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.207.172.231 (None, )

ASN- ()

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.207.173.53 (None, )

ASN- ()

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	rubiconproject.com 10 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 694 token.rubiconproject.com — Cisco Umbrella Rank: 1115 eus.rubiconproject.com — Cisco Umbrella Rank: 840 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1365 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1325 pixel.rubiconproject.com — Cisco Umbrella Rank: 494 pixel-apac.rubiconproject.com — Cisco Umbrella Rank: 24812	47 KB
20	gumgum.com 1 redirects rtb.gumgum.com — Cisco Umbrella Rank: 1623 usersync.gumgum.com — Cisco Umbrella Rank: 3001	6 KB
20	amazon-adsystem.com 2 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 362 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 278320 s.amazon-adsystem.com — Cisco Umbrella Rank: 415 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1274	60 KB
13	id5-sync.com 9 redirects cdn.id5-sync.com — Cisco Umbrella Rank: 1490 id5-sync.com — Cisco Umbrella Rank: 636	31 KB
13	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 226 ad.doubleclick.net — Cisco Umbrella Rank: 214 stats.g.doubleclick.net — Cisco Umbrella Rank: 188 cm.g.doubleclick.net — Cisco Umbrella Rank: 303	159 KB
12	casalemedia.com 4 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 755 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 709 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 904	9 KB
11	yahoo.com 4 redirects c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1492 ups.analytics.yahoo.com — Cisco Umbrella Rank: 419 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 772	6 KB
10	adsrvr.org 9 redirects match.adsrvr.org — Cisco Umbrella Rank: 486	5 KB
9	smartadserver.com 3 redirects prg.smartadserver.com — Cisco Umbrella Rank: 1864 ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 7564 ssbsync.smartadserver.com — Cisco Umbrella Rank: 1267 rtb-csync.smartadserver.com Failed	12 KB
8	sharethrough.com 4 redirects match.sharethrough.com — Cisco Umbrella Rank: 799	2 KB
8	googlesyndication.com a68679edec791171cd3a7410944b51dd.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 174	42 KB
7	wheeloffortunecheats.com 1 redirects www.wheeloffortunecheats.com	255 KB
5	yieldmo.com sync-amz.ads.yieldmo.com — Cisco Umbrella Rank: 9615 ads.yieldmo.com — Cisco Umbrella Rank: 985	3 KB
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 329 secure.adnxs.com — Cisco Umbrella Rank: 725 acdn.adnxs.com	21 KB
5	snigelweb.com cdn.snigelweb.com — Cisco Umbrella Rank: 21663 adengine.snigelweb.com — Cisco Umbrella Rank: 27336 argus-fra1.snigelweb.com — Cisco Umbrella Rank: 20084	211 KB
4	outbrain.com 3 redirects sync.outbrain.com — Cisco Umbrella Rank: 1041	1 KB
4	zemanta.com 4 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 845	2 KB
4	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 420	2 KB
4	dotomi.com 4 redirects inmobi-match.dotomi.com — Cisco Umbrella Rank: 14705 yieldmo-match.dotomi.com — Cisco Umbrella Rank: 8854	1 KB
4	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 458 mug.criteo.com — Cisco Umbrella Rank: 1814	1 KB
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 807	2 KB
3	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 713 image6.pubmatic.com — Cisco Umbrella Rank: 891	12 KB
2	creativecdn.com 2 redirects creativecdn.com — Cisco Umbrella Rank: 811	700 B
2	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 848	622 B
2	openx.net 2 redirects us-u.openx.net — Cisco Umbrella Rank: 708	427 B
2	bluekai.com 2 redirects stags.bluekai.com — Cisco Umbrella Rank: 826	1 KB
2	stackadapt.com 2 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 1116	1 KB
2	sportradarserving.com 2 redirects a.sportradarserving.com — Cisco Umbrella Rank: 3601	968 B
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 652	739 B
2	google.com adservice.google.com — Cisco Umbrella Rank: 142 www.google.com — Cisco Umbrella Rank: 19	2 KB
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 846	1 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 1087	856 B
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 757	580 B
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 743	1 KB
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 2417	24 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	20 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 2214	1 KB
2	btloader.com btloader.com — Cisco Umbrella Rank: 1976 api.btloader.com — Cisco Umbrella Rank: 2175	9 KB
1	indexww.com js-sec.indexww.com	2 KB
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 951	191 B
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 1389	362 B
1	quantserve.com 1 redirects pixel.quantserve.com — Cisco Umbrella Rank: 691	509 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 894	573 B
1	socdm.com 1 redirects tg.socdm.com — Cisco Umbrella Rank: 1511	843 B
1	emxdgt.com cs.emxdgt.com — Cisco Umbrella Rank: 1371	67 B
1	everesttech.net sync-tm.everesttech.net — Cisco Umbrella Rank: 949	177 B
1	inmobi.com 1 redirects sync.inmobi.com — Cisco Umbrella Rank: 3128	619 B
1	deepintent.com match.deepintent.com — Cisco Umbrella Rank: 1399	44 B
1	technoratimedia.com sync.technoratimedia.com — Cisco Umbrella Rank: 1710	294 B
1	ipredictive.com 1 redirects sync.ipredictive.com — Cisco Umbrella Rank: 1659	465 B
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 838	663 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1901	466 B
1	google.co.jp adservice.google.co.jp — Cisco Umbrella Rank: 55819	792 B
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 1117	425 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1893	342 B
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 2186	17 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 141	41 KB
1	videoplayerhub.com 1 redirects snigelweb-com.videoplayerhub.com — Cisco Umbrella Rank: 70551	464 B
0	tidaltv.com Failed sync.tidaltv.com Failed
0	mediarithmics.com Failed cookie-matching.mediarithmics.com Failed
0	rlcdn.com Failed api.rlcdn.com Failed
157	61

	Domain	Requested by
19	usersync.gumgum.com	1 redirects rtb.gumgum.com
15	s.amazon-adsystem.com	2 redirects c.amazon-adsystem.com s.amazon-adsystem.com rtb.gumgum.com sync-amz.ads.yieldmo.com ssum-sec.casalemedia.com match.sharethrough.com
12	id5-sync.com	9 redirects cdn.snigelweb.com cdn.id5-sync.com www.wheeloffortunecheats.com
10	match.adsrvr.org	9 redirects cdn.snigelweb.com
8	match.sharethrough.com	4 redirects s.amazon-adsystem.com match.sharethrough.com
7	cm.g.doubleclick.net	4 redirects rtb.gumgum.com s.amazon-adsystem.com
7	fastlane.rubiconproject.com	cdn.snigelweb.com
7	www.wheeloffortunecheats.com	1 redirects www.wheeloffortunecheats.com
6	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
6	eus.rubiconproject.com	s.amazon-adsystem.com eus.rubiconproject.com rtb.gumgum.com cdn.snigelweb.com
6	c2shb.ssp.yahoo.com	cdn.snigelweb.com
6	prg.smartadserver.com	cdn.snigelweb.com
5	pixel.rubiconproject.com	2 redirects s.amazon-adsystem.com
5	ssum-sec.casalemedia.com	3 redirects s.amazon-adsystem.com ssum-sec.casalemedia.com
5	token.rubiconproject.com	5 redirects
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	ads.yieldmo.com	sync-amz.ads.yieldmo.com
4	sync.outbrain.com	3 redirects rtb.gumgum.com
4	b1sync.zemanta.com	4 redirects
4	x.bidswitch.net	3 redirects sync-amz.ads.yieldmo.com
4	securepubads.g.doubleclick.net	cdn.snigelweb.com securepubads.g.doubleclick.net
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	pr-bh.ybp.yahoo.com	2 redirects ssum-sec.casalemedia.com
3	sync.1rx.io	3 redirects
3	ib.adnxs.com	2 redirects cdn.snigelweb.com acdn.adnxs.com
3	c.amazon-adsystem.com	cdn.snigelweb.com c.amazon-adsystem.com
3	cdn.snigelweb.com	www.wheeloffortunecheats.com cdn.snigelweb.com
2	yieldmo-match.dotomi.com	2 redirects
2	creativecdn.com	2 redirects
2	ad.360yield.com	2 redirects
2	us-u.openx.net	2 redirects
2	ssbsync.smartadserver.com	2 redirects
2	stags.bluekai.com	2 redirects
2	sync.srv.stackadapt.com	2 redirects
2	a.sportradarserving.com	2 redirects
2	eb2.3lift.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	ads.pubmatic.com	s.amazon-adsystem.com rtb.gumgum.com
2	inmobi-match.dotomi.com	2 redirects
2	match.prod.bidr.io	2 redirects
2	sync.crwdcntrl.net	2 redirects
2	pixel.tapad.com	2 redirects
2	sync.mathtag.com	2 redirects
2	mug.criteo.com	www.wheeloffortunecheats.com
2	script.4dex.io	cdn.snigelweb.com script.4dex.io
2	gum.criteo.com	1 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	ad-delivery.net	www.wheeloffortunecheats.com
1	js-sec.indexww.com	cdn.snigelweb.com
1	acdn.adnxs.com	cdn.snigelweb.com
1	www.google.com	tpc.googlesyndication.com
1	argus-fra1.snigelweb.com	cdn.snigelweb.com
1	pixel-sync.sitescout.com	match.sharethrough.com
1	csync.loopme.me	1 redirects
1	pixel.quantserve.com	1 redirects
1	pixel-apac.rubiconproject.com	1 redirects
1	px.ads.linkedin.com	s.amazon-adsystem.com
1	aax-eu.amazon-adsystem.com	s.amazon-adsystem.com
1	pixel-us-east.rubiconproject.com	1 redirects
1	image6.pubmatic.com	ads.pubmatic.com
1	secure-assets.rubiconproject.com	1 redirects
1	tg.socdm.com	1 redirects
1	cs.emxdgt.com	rtb.gumgum.com
1	sync-tm.everesttech.net	rtb.gumgum.com
1	sync.inmobi.com	1 redirects
1	match.deepintent.com	rtb.gumgum.com
1	sync.technoratimedia.com	rtb.gumgum.com
1	sync.ipredictive.com	1 redirects
1	bh.contextweb.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	secure.adnxs.com	1 redirects
1	ssbsync-us.smartadserver.com	1 redirects
1	sync-amz.ads.yieldmo.com	s.amazon-adsystem.com
1	rtb.gumgum.com	s.amazon-adsystem.com
1	a68679edec791171cd3a7410944b51dd.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.co.jp	securepubads.g.doubleclick.net
1	onetag-sys.com	cdn.snigelweb.com
1	htlb.casalemedia.com	cdn.snigelweb.com
1	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	cdn.id5-sync.com	www.wheeloffortunecheats.com
1	secure.cdn.fastclick.net	www.wheeloffortunecheats.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	api.btloader.com	snigelweb-com.videoplayerhub.com
1	ad.doubleclick.net	www.wheeloffortunecheats.com
1	adengine.snigelweb.com	cdn.snigelweb.com
1	www.googletagmanager.com	www.wheeloffortunecheats.com
1	btloader.com	www.wheeloffortunecheats.com
1	snigelweb-com.videoplayerhub.com	1 redirects
0	rtb-csync.smartadserver.com Failed
0	sync.tidaltv.com Failed
0	cookie-matching.mediarithmics.com Failed
0	api.rlcdn.com Failed	cdn.snigelweb.com
157	94

This site contains no links.

Subject Issuer	Validity	Valid
nationalscrabbleday.com R3	`2022-08-15` - `2022-11-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-28` - `2023-05-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2022-08-21` - `2022-11-19`	3 months	crt.sh
secure.cdn.fastclick.net DigiCert SHA2 Secure Server CA	`2022-01-15` - `2023-01-17`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
*.id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-02` - `2023-01-25`	6 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-21`	a year	crt.sh
*.google.co.jp GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.gumgum.com Amazon	`2022-05-06` - `2023-06-04`	a year	crt.sh
*.sharethrough.com Amazon	`2021-11-25` - `2022-12-22`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.ads.yieldmo.com Amazon	`2022-04-25` - `2023-05-24`	a year	crt.sh
*.technoratimedia.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-17` - `2022-10-05`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2022-05-02` - `2023-06-03`	a year	crt.sh
*.ad-server.k8s.jp.ggops.com Amazon	`2022-02-15` - `2023-03-16`	a year	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-02-03` - `2023-03-07`	a year	crt.sh
*.emxdgt.com Amazon	`2022-06-03` - `2023-07-02`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2022-07-20` - `2023-07-19`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-12-10` - `2022-12-09`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh

This page contains 31 frames:

Primary Page: https://www.wheeloffortunecheats.com/
Frame ID: CD2B4B0C0BE70D8527F2B4380872575E
Requests: 72 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&dcc=t
Frame ID: C6B71E6E2D490004E90071E9B5758C90
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Frame ID: D1E7046310F156D6DBD6EF117E6A44E9
Requests: 1 HTTP requests in this frame

Frame: https://a68679edec791171cd3a7410944b51dd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 95F64DEAD72DAA4C2267ACB684C19BAB
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Frame ID: E2C2869CE7D972D488C4829C08DF2C7C
Requests: 16 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Frame ID: 28D51483864D6BC0532C8C0AAB6F89B1
Requests: 10 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Frame ID: 7F5B3DB1BF306EB6D01BA3C7A94FF81A
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Frame ID: 51AFA0CF1AFDD2BE698256B99F3E58C7
Requests: 2 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Frame ID: DD6F28D6B47EA33BA56E76700C40E63E
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Frame ID: 50629F39CE2AF233F7A2FA3E812684B2
Requests: 11 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1NMHJRMDg1RTJ1TFBONXpBdE1zVzRUWHBqZjNwbkZBZ35B&gdpr=0&gdpr_consent=
Frame ID: A0A8B44715B8CD6B3D9CF37B20EB3E2A
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1872231576753694999&gdpr=0&gdpr_consent=
Frame ID: 502053ADE059B84E26A3701E68F8622A
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=1768410491449595057&ex=appnexus.com&gdpr=0
Frame ID: 550239C69513F17CF3371F68C288CE6E
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3653888948030760734942
Frame ID: 7A78ECE53E99571D56FEB214341BCF2A
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=inm&i=ID5-ZHMOKmajPa-Ui2x1IydwSy2RkvjkQM0-EaCigzZSnQ
Frame ID: 7495B2D773C479F792B0671B3D4CEB1E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 3A119C21FA4BDC622F1DA88602391F1B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=25fd5c9c-bab9-421b-969e-7f1456c58397
Frame ID: C0AAE4F348D0418E873B8C5C465EE5CE
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=90566320-49c2-4600-98d3-6e912e83b4f8&gdpr=0&gdpr_consent=
Frame ID: 44A38A09AB20BF76FBECC03BC1156CA9
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 549316CB671DD856D74A4D629C921DEB
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV8wNmExOGU0My02YjlmLTQyYjgtOTEyOC0xMzA0NGU0ZmU1NTM=&gdpr=0&gdpr_consent=&google_tc=
Frame ID: 873E9D9F5C07D0553EE3E9E0895BB4B8
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Frame ID: 7E064D7790344E6E28CA5FD70197B646
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=YyBJwsCo5r8AAK91HPEAAAAA
Frame ID: AE3CDB408DF623112080F3F6862F008A
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=YyBJwqqwyxKGsZ9oGbA8RAAA%264705
Frame ID: CFDBF8E90F6657A7F2F43D278E9F45E0
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=5lN59A0FPbYGBtwsd71P&pi=gumgum&tc=1
Frame ID: 51EAD4599F2BA410CB7FD883A81F0DEA
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: BB81397445D0247E12B09A7B322B7D36
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3BD5E8B1E1BAEFAF04869FA50B966D85
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C6877808146299175EF3DB7EB89811A1
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 471AEA93701ED54F1F8750FC45E6229E
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1663060418075&us_privacy=1---
Frame ID: C4BC280F2C6C62178AA9F77417FBE827
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: 8D9295D38FC360F4D69F43FD4E2FA27E
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: EF04B0B4A4F5ECED6AAFC5471BBAA103
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Wheel of Fortune Cheats & Answers | Simple to Use!

Page URL History Show full URLs

http://www.wheeloffortunecheats.com/ HTTP 301
https://www.wheeloffortunecheats.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

157
Requests

69 %
HTTPS

29 %
IPv6

61
Domains

94
Subdomains

58
IPs

12
Countries

964 kB
Transfer

2415 kB
Size

89
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.wheeloffortunecheats.com/ HTTP 301
https://www.wheeloffortunecheats.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://snigelweb-com.videoplayerhub.com/videoloader.js HTTP 301
https://btloader.com/tag?h=snigelweb-com&upapi=true

Request Chain 30

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.wheeloffortunecheats.com%2F&domain=www.wheeloffortunecheats.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=T_0HwnxNQ05Fa21MbTlDazU3ajNFT0hiRDJGQzJUcGlwNXdaZytJR2RvNXQ0TW95b3dVV0V2TFpnR2o0UGoyUjg0N1MrYUhWZHozVHluTlZ5a29TMDVHWGNSTTV6Q0RuVEo2V2I2c1RMdDd6ZmNxNDFjc1BTanNDQUdMbGp3V3dPVHVxTnZIbFJVbG9Ic1BjWm51K252bHRnRlZFUVdzOFp6Z0NPVG1WSlNmM1h6UTgzMzRnUWZpemxleDRlTDVSb1hCT2srWWVkV3JMbWx2ZE8ycStmaitEV2JpTzZnWXNnS3lhaFYydWp1MmE1YWlDbExNVERiVFF3Y2dyYmluNk5XcVpRfA&cppv=2

Request Chain 59

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&dcc=t

Request Chain 61

https://id5-sync.com/i/364/8.gif?id5id=ID5*_Uowto1k3sQIlvaV0iFaiewv7Gtf5j00mRPdWyQ0L2Qi43XrLCKt01QoasORVgFr&o=api&gdpr_consent=undefined&gdpr=false HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/364/2/7/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/364/2/7/2.gif?puid=1768410491449595057&gdpr=0&gdpr_consent= HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOKmajPa-Ui2x1IydwSy2RkvjkQM0-EaCigzZSnQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F364%2F3%2F6%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/364/3/6/3.gif?puid=e1ab6320-49c2-4500-bafc-1591abdb9e7c&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/k/264.gif?puid=25fd5c9c-bab9-421b-969e-7f1456c58397&ttl=%%TTL%% HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F364%2F108%2F4%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F364%2F108%2F4%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/364/108/4/5.gif?puid=7114302c-62ab-4cdb-8257-e5609aa56b75&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/364/19/3/6.gif?puid=${profile_id}&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/364/19/3/6.gif?puid=${profile_id}&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/364/19/3/6.gif?puid=c2e41a70a8fc200273dbfe484af0260c&gdpr=0&gdpr_consent= HTTP 302
https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
https://match.prod.bidr.io/cookie-sync/id5?us_privacy=&_bee_ppp=1 HTTP 303
https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAHJnk7GQJQAAA6MWOLTvQ HTTP 302
https://token.rubiconproject.com/token?pid=49266&puid={ID5UID}&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/k/285.gif?puid=L7ZZ8EOY-Y-DVIC&gdpr=0 HTTP 302
https://inmobi-match.dotomi.com/match/bounce/current?networkId=98193&version=1&gdpr=0&gdpr_consent= HTTP 302
https://inmobi-match.dotomi.com/match/bounce/current?DotomiTest=2e1c4a9e79192262&is_secure=true&networkId=98193&version=1&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/k/822.gif?puid=AAAMSk6YfYiZSwMngkq_AAAAAAA&expiration=1663146820&is_secure=true&gdpr_consent=&gdpr=0

Request Chain 68

https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0 HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1

Request Chain 73

https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1NMHJRMDg1RTJ1TFBONXpBdE1zVzRUWHBqZjNwbkZBZ35B&gdpr=0&gdpr_consent=

Request Chain 74

https://ssbsync-us.smartadserver.com/api/sync?callerId=2&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1872231576753694999&gdpr=0&gdpr_consent=

Request Chain 75

https://ib.adnxs.com/getuid?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid=%24UID&ex=appnexus.com&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=1768410491449595057&ex=appnexus.com&gdpr=0

Request Chain 76

https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0 HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3653888948030760734942

Request Chain 78

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://usersync.gumgum.com/usersync?b=apn&i=1768410491449595057

Request Chain 79

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_06a18e43-6b9f-42b8-9128-13044e4fe553&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=a_06a18e43-6b9f-42b8-9128-13044e4fe553&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2 HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2 HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=70f53b07-e2bb-49b5-b089-ad9bf93585cd&ssp=gumgum2 HTTP 302
https://usersync.gumgum.com/usersync?b=bsw&i=df040c0e-c214-4361-b88e-07a2545f0bc2

Request Chain 80

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sta&i=0-f95e373f-4ce4-433e-4f49-8780759f5850$ip$217.138.252.181

Request Chain 81

https://b1sync.zemanta.com/usersync/gumgum/?puid=a_06a18e43-6b9f-42b8-9128-13044e4fe553&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
https://stags.bluekai.com/site/23178?id=rkaFR0Z_FBAg47MKA8bZ&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT24TLMFDFEMC2L5DEEQLHGQ3U2S2BHBRFU&gdpr=0 HTTP 302
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT24TLMFDFEMC2L5DEEQLHGQ3U2S2BHBRFU HTTP 302
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=rkaFR0Z_FBAg47MKA8bZ

Request Chain 82

https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1663060418598 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3916562780 HTTP 302
https://sync.1rx.io/usersync/tradedesk/25fd5c9c-bab9-421b-969e-7f1456c58397 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-93c9eb9f-521f-4010-8e39-3c733d582855-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-93c9eb9f-521f-4010-8e39-3c733d582855-004 HTTP 302
https://usersync.gumgum.com/usersync?b=rhy&i=RX-93c9eb9f-521f-4010-8e39-3c733d582855-004

Request Chain 83

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://usersync.gumgum.com/usersync?b=pln&i=FJ3M9HeJyZS9&ev=1&pid=558355

Request Chain 84

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
https://usersync.gumgum.com/usersync?b=obn&i=ENC%28eJVgvr9nk0i8ODoDLsSlYJUIlcTdXYBB6enMsa3-VJpvtUoqAI8i5hI2veeRwbFV%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28eJVgvr9nk0i8ODoDLsSlYJUIlcTdXYBB6enMsa3-VJpvtUoqAI8i5hI2veeRwbFV%29 HTTP 302
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_06a18e43-6b9f-42b8-9128-13044e4fe553&obuid=ENC(eJVgvr9nk0i8ODoDLsSlYJUIlcTdXYBB6enMsa3-VJpvtUoqAI8i5hI2veeRwbFV) HTTP 302
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D%5Bssb_sync_pid%5D%26obUid%3DeJVgvr9nk0i8ODoDLsSlYJUIlcTdXYBB6enMsa3-VJpvtUoqAI8i5hI2veeRwbFV%26gdpr%3D$GDPR_APPLIES%26gdpr_consent%3D$CONSNT_STRING HTTP 302
https://sync.outbrain.com/cookie-sync?p=smart&uid=1872231576753694999&obUid=eJVgvr9nk0i8ODoDLsSlYJUIlcTdXYBB6enMsa3-VJpvtUoqAI8i5hI2veeRwbFV&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING

Request Chain 85

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=opx&i=d017cf44-d1ed-4e09-83ca-3e1a599f7bc4

Request Chain 86

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=oth&i=y-23h_F.VE2pfVz7CPZw0EBOyOrLs0hKUscvQJ~A

Request Chain 87

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=vnt&i=1d58c054-8259-45b6-9473-c853ef54acc3

Request Chain 90

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://usersync.gumgum.com/usersync?b=idi&i=85cadfbf-e647-43b4-aa6d-e7a5a1bc107b

Request Chain 91

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sad&i=1872231576753694999

Request Chain 93

https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D HTTP 302
https://usersync.gumgum.com/usersync?b=inm&i=ID5-ZHMOKmajPa-Ui2x1IydwSy2RkvjkQM0-EaCigzZSnQ

Request Chain 95

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=ttd&i=25fd5c9c-bab9-421b-969e-7f1456c58397

Request Chain 96

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://usersync.gumgum.com/usersync?b=mmh&i=90566320-49c2-4600-98d3-6e912e83b4f8&gdpr=0&gdpr_consent=

Request Chain 98

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV8wNmExOGU0My02YjlmLTQyYjgtOTEyOC0xMzA0NGU0ZmU1NTM=&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV8wNmExOGU0My02YjlmLTQyYjgtOTEyOC0xMzA0NGU0ZmU1NTM=&gdpr=0&gdpr_consent=&google_tc=

Request Chain 100

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://usersync.gumgum.com/usersync?b=sus&i=YyBJwsCo5r8AAK91HPEAAAAA

Request Chain 101

https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D&s=189872&C=1 HTTP 302
https://usersync.gumgum.com/usersync?b=iex&i=YyBJwqqwyxKGsZ9oGbA8RAAA%264705

Request Chain 102

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://usersync.gumgum.com/usersync?b=rth&i=5lN59A0FPbYGBtwsd71P&pi=gumgum&tc=1

Request Chain 103

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
https://eus.rubiconproject.com/usync.html?p=gumgum

Request Chain 105

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&gdpr=0&us_privacy=1---&khaos=L7ZZ8EOY-Y-DVIC HTTP 302
https://s.amazon-adsystem.com/ecm3?id=L7ZZ8EOY-Y-DVIC&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---

Request Chain 107

https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&gdpr_consent=undefined&gdpr=0&us_privacy=1---&khaos=L7ZZ8EOY-Y-DVIC HTTP 302
https://usersync.gumgum.com/usersync?b=mag&i=L7ZZ8EOY-Y-DVIC&gdpr=0&gdpr_consent=undefined&us_privacy=1---

Request Chain 109

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDZmMDIyOTlkMGM5NTRmMGM4YmUxYmU0MTc2ZmU5NTBiODdhZWVmOA&gdpr=0&us_privacy=1---

Request Chain 110

https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=25fd5c9c-bab9-421b-969e-7f1456c58397&gdpr=0&gdpr_consent=&expires=30

Request Chain 111

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1--- HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/6oBeswgSO8Mr82Jf6Tg0lg?csrc=&gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6840844656041498326

Request Chain 112

https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdaWjhFT1ktWS1EVklD&gdpr=0&us_privacy=1---

Request Chain 113

https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1--- HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L7ZZ8EOY-Y-DVIC&gdpr=0&us_privacy=1---

Request Chain 114

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=r3v35yYlSS-dWvk77BA-Hg&rk=usync-na&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=r3v35yYlSS-dWvk77BA-Hg&gdpr=0

Request Chain 115

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEG1C_RPWjAWbobPl9EDcUnU&google_cver=1

Request Chain 117

https://pixel-apac.rubiconproject.com/exchange/sync.php?p=yieldmo HTTP 302
https://ads.yieldmo.com/sync?pn_id=rc&id=L7ZZ8EOY-Y-DVIC

Request Chain 118

https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=gc631747aaf11d48c19e HTTP 302
https://ads.yieldmo.com/v000/sync?tdid=25fd5c9c-bab9-421b-969e-7f1456c58397

Request Chain 119

https://sync.srv.stackadapt.com/sync?nid=21 HTTP 302
https://ads.yieldmo.com/sync?pn_id=stk&userid=5SMUdNX2Tq1yL4zNIXPZwNmK_LU&gdpr=&gdpr_consent=

Request Chain 120

https://yieldmo-match.dotomi.com/match/bounce/current?networkId=42851&version=1 HTTP 302
https://yieldmo-match.dotomi.com/match/bounce/current?DotomiTest=17f59bc9ea321af6&is_secure=true&networkId=42851&version=1 HTTP 302
https://ads.yieldmo.com/sync?pn_id=eps&id=AAALfPXNSGTG7QNWbEVUAAAAAAA&expiration=1663146819&is_secure=true

Request Chain 122

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YyBJwrLsyE8QionNFyTJWwAAEl4AAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESED6DRZU6Gg4d18MHPwst-DQ&google_cver=1

Request Chain 123

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YyBJwrLsyE8QionNFyTJWwAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFP27zG9M7J2DFeN0h8Otn8&google_cver=1

Request Chain 125

https://match.adsrvr.org/track/cmf/casale HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=25fd5c9c-bab9-421b-969e-7f1456c58397&expiration=1665652418&gdpr=0&gdpr_consent=

Request Chain 126

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YyBJwrLsyE8QionNFyTJWwAAEl4AAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://pr-bh.ybp.yahoo.com/sync/casale/YyBJwrLsyE8QionNFyTJWwAAEl4AAAIB

Request Chain 127

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=BdXaRgffi0Ue19FAAoLFQVCC2BAe3o5BANYRueB3

Request Chain 128

https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent= HTTP 307
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=793f1314-115f-4324-9df8-065b48a20f9e&us_privacy=null&gdpr_consent=null&gdpr=null

Request Chain 129

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
https://stags.bluekai.com/site/23178?id=JREQaHfK3z08cTJ-9gIN&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2SSSIVIWCSDGJMZXUMBYMNKEULJZM5EU4 HTTP 302
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2SSSIVIWCSDGJMZXUMBYMNKEULJZM5EU4 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=JREQaHfK3z08cTJ-9gIN

Request Chain 132

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=25fd5c9c-bab9-421b-969e-7f1456c58397&gdpr=0&gdpr_consent=

Request Chain 133

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=97&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DgBgkxrVErPj9wqivTDd2AmVY%26source_user_id%3D%7BuserId%7D&gdpr=0&gdpr_consent=

Request Chain 134

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=25fd5c9c-bab9-421b-969e-7f1456c58397&gdpr=0&gdpr_consent=

Request Chain 135

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=25fd5c9c-bab9-421b-969e-7f1456c58397&gdpr=0&gdpr_consent=

Request Chain 151

https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=FJ3M9HeJyZS9&ev=1&pid=560288&gdpr_consent=&gdpr=0

157 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.wheeloffortunecheats.com/
Redirect Chain

http://www.wheeloffortunecheats.com/
https://www.wheeloffortunecheats.com/

26 KB
6 KB

534ms
178ms

Document
text/html

18.224.87.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wheeloffortunecheats.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.224.87.21 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-224-87-21.us-east-2.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a1d944c26df4360da647384c84a5442f1ec2a1f53a268482810a4b6c4335fe6d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Cache-Control: public, max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 6323
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Sep 2022 09:13:36 GMT
Server: nginx/1.18.0 (Ubuntu)

Redirect headers

Connection: keep-alive
Content-Length: 178
Content-Type: text/html
Date: Tue, 13 Sep 2022 09:13:35 GMT
Location: https://www.wheeloffortunecheats.com/
Server: nginx/1.18.0 (Ubuntu)

GET
H2 200 loader.js Show response
cdn.snigelweb.com/adengine/wheeloffortunecheats.com/ 14 KB
6 KB 35ms
12ms Script
application/javascript 2606:4700:10::6816:194a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.snigelweb.com/adengine/wheeloffortunecheats.com/loader.js
Requested by: Host: www.wheeloffortunecheats.com
URL: https://www.wheeloffortunecheats.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:194a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8686541c494497486a912074151c6d232c538e34f83a22fdf8982da8dadb04b0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.wheeloffortunecheats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 09:13:36 GMT
content-encoding: br
cf-cache-status: HIT
age: 90
x-edge-location: Tokyo, JP
x-cache: MISS
last-modified: Mon, 12 Sep 2022 13:53:33 GMT
server: cloudflare
etag: W/"378c-5e87b38ae4bec"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=900, must-revalidate, immutable
x-edge-ip: 82.102.28.51
cf-ray: 749fc492cae8ded7-NRT
x-storage: 824660094:8001
expires: 0

GET
H2

200

tag Show response
btloader.com/
Redirect Chain

https://snigelweb-com.videoplayerhub.com/videoloader.js
https://btloader.com/tag?h=snigelweb-com&upapi=true

31 KB
9 KB

22ms
10ms

Script
application/javascript

2606:4700:20::681a:78b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?h=snigelweb-com&upapi=true
Requested by: Host: www.wheeloffortunecheats.com
URL: https://www.wheeloffortunecheats.com/
Protocol: H2
Server: 2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea0825f76cec254711dee6cd35cb0dd7ed5bcab7dc4503c1b8e79fbebf6ff348

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.wheeloffortunecheats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 749fc493190834f9-NRT
date: Tue, 13 Sep 2022 09:13:36 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Tue, 13 Sep 2022 08:45:40 GMT
server: cloudflare
age: 1538
etag: W/"c0a2a703bfe4e6faed5de2de90d98165"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1k5id%2Fy6m2QzSLi%2FDvSN1L7K1Ok1EfkezFmw2EkZUBWQi9ZOsTZr%2FNr7TpxeTeDp3sXfBfaMdhBzKnUivy8AKSkFfhOl%2FSY%2BPREYnWJxseoHdztVIC1h%2Fd82ZeoxQdRimy4%2BTm6XUa4t9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br

Redirect headers

date: Tue, 13 Sep 2022 09:13:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4trgbM2fqCr3%2FHjsXfxy12tpLrZFCxYN7aSYR7kMOeHiPnhEvwFILloGRSgxy1QnkTtNYvF3zKryCu6DpEePojpUu13uZ4A5jMxn45nP20%2BC3ZxU%2FzvCDKrYkCoKwP76V78Wbj%2BrAqdmzapVT0IU2y%2F%2B2p7dM7u6arkcbSkK"}],"group":"cf-nel","max_age":604800}
location: https://btloader.com/tag?h=snigelweb-com&upapi=true
cache-control: max-age=3600
cf-ray: 749fc492ce63afc3-NRT
expires: Tue, 13 Sep 2022 10:13:36 GMT

GET
H/1.1 200
OK wheel-logo-square.png
www.wheeloffortunecheats.com/assets/images/ 3 KB
3 KB 175ms
174ms Image
image/png 18.224.87.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheeloffortunecheats.com/assets/images/wheel-logo-square.png
Requested by: Host: www.wheeloffortunecheats.com
URL: https://www.wheeloffortunecheats.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.224.87.21 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-224-87-21.us-east-2.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ce3254364d43ed9e515a28aa368900ca2cc939490054935195b9eb9ea4edcfdb

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.wheeloffortunecheats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 13 Sep 2022 09:13:36 GMT
Last-Modified: Mon, 20 Aug 2018 19:06:03 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "5b7b111b-bda"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3034
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery.js Show response
www.wheeloffortunecheats.com/assets/js/vendor/jquery/ 82 KB
82 KB 726ms
361ms Script
application/javascript 18.224.87.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wheeloffortunecheats.com/assets/js/vendor/jquery/jquery.js?v2
Requested by: Host: www.wheeloffortunecheats.com
URL: https://www.wheeloffortunecheats.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.224.87.21 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-224-87-21.us-east-2.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 678d501a0601f791f17c82e85965b60cb6a8f915c9bd64e0b05d74fa50de9bf8

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.wheeloffortunecheats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 13 Sep 2022 09:13:36 GMT
Last-Modified: Tue, 13 Jul 2021 03:23:48 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "60ed0744-147ac"
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 83884
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK bootstrap-new.js Show response
www.wheeloffortunecheats.com/assets/js/vendor/bootstrap/ 67 KB
68 KB 726ms
361ms Script
application/javascript 18.224.87.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wheeloffortunecheats.com/assets/js/vendor/bootstrap/bootstrap-new.js?v2
Requested by: Host: www.wheeloffortunecheats.com
URL: https://www.wheeloffortunecheats.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.224.87.21 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-224-87-21.us-east-2.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 425328ed7a60e35938fa92fc7ba5f5af96b53f9608bb41b8a07c0f91e8bdefcd

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.wheeloffortunecheats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 13 Sep 2022 09:13:36 GMT
Last-Modified: Tue, 13 Jul 2021 03:34:43 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "60ed09d3-10d19"
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68889
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 105 KB
41 KB 89ms
50ms Script
application/javascript 2404:6800:4004:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-104704225-1

Requested by

Host: www.wheeloffortunecheats.com
URL: https://www.wheeloffortunecheats.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4b875e818fa10efa63bf5d7d598210ca261ecf06a81a694310b170d5cefc150a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.wheeloffortunecheats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 09:13:36 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41956
x-xss-protection: 0
expires: Tue, 13 Sep 2022 09:13:36 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
www.wheeloffortunecheats.com/assets/css/vendor/font-awesome/fonts/ 63 KB
63 KB 348ms
175ms Font
application/octet-stream 18.224.87.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wheeloffortunecheats.com/assets/css/vendor/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.wheeloffortunecheats.com
URL: https://www.wheeloffortunecheats.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.224.87.21 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-224-87-21.us-east-2.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Request headers

Referer: https://www.wheeloffortunecheats.com/
Origin: https://www.wheeloffortunecheats.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 13 Sep 2022 09:13:36 GMT
Last-Modified: Mon, 20 Aug 2018 19:06:10 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "5b7b1122-fbd0"
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 64464

GET
H2 200 prebid.js Show response
cdn.snigelweb.com/prebid/5.20.2/ 553 KB
153 KB 23ms
21ms Script
application/javascript 2606:4700:10::6816:194a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.snigelweb.com/prebid/5.20.2/prebid.js?v=4665-1662990105556
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/adengine/wheeloffortunecheats.com/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:194a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7299ebe9aff132e33f05f8b3b4698ade1411ecfd67ffd416e4069ce7737f8c2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.wheeloffortunecheats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 09:13:36 GMT
content-encoding: br
cf-cache-status: HIT
age: 5045
x-edge-location: Tokyo, JP
x-cache: MISS
last-modified: Tue, 16 Aug 2022 14:10:42 GMT
server: cloudflare
etag: W/"8a450-5e65c5057e338"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, must-revalidate, immutable
x-edge-ip: 82.102.28.51
cf-ray: 749fc4933b66ded7-NRT
x-storage: 824660094:8001
expires: 0

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 167 KB
43 KB 252ms
4ms Script
application/javascript 18.65.175.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/adengine/wheeloffortunecheats.com/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.175.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-175-23.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 45877403f3c1932bbdbf87c7f02f250b9ddd3d5ed4dc59b30ac9c4f876d83d4b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.wheeloffortunecheats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 13 Sep 2022 08:15:59 GMT
content-encoding: gzip
last-modified: Mon, 12 Sep 2022 19:25:09 GMT
server: AmazonS3
age: 3458
etag: W/"0b4d277527066dd35dd7c0288cb596b4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 f6b1442435aa25cd25201838d0696952.cloudfront.net (CloudFront), 1.1 8246396d0e0c0de7666d18eae9856bde.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: NRT20-C4, NRT57-P1
x-amz-cf-id: mKBpA8_f6yRBUhZPxKqwHH5vwpU6tSveeOq-ho-zmwqwvBoxZqHg_A==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 99ms
54ms Script
text/javascript 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/adengine/wheeloffortunecheats.com/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

sffe /

Resource Hash

5b9283171237dacdb34331a5d76977c8e68c04a50e9e930000cf219a46d27695

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.wheeloffortunecheats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 09:13:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27197
x-xss-protection: 0
server: sffe
etag: "1332 / 263 of 1000 / last-modified: 1663058600"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 13 Sep 2022 09:13:36 GMT

GET
H2 200 adngin.js Show response
adengine.snigelweb.com/wheeloffortunecheats.com/4665-1662990105556/ 139 KB
40 KB 332ms
326ms Script
application/javascript 2606:4700:10::6816:194a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adengine.snigelweb.com/wheeloffortunecheats.com/4665-1662990105556/adngin.js
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/adengine/wheeloffortunecheats.com/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:194a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bd7288e07ec42d93d2109b944502e611c7d09e4c27865c4d535e3163d58db73

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.wheeloffortunecheats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 09:13:36 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=2628000, must-revalidate, immutable
cf-ray: 749fc4933b71ded7-NRT
expires: 0

GET
H2 200 argus.js Show response
cdn.snigelweb.com/argus/ 36 KB
12 KB 11ms
10ms Script
application/javascript 2606:4700:10::6816:194a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.snigelweb.com/argus/argus.js
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/adengine/wheeloffortunecheats.com/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:194a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 065d1fcdc4df18f1ff2d1fb755c897710eb98ac762b580be5cdd90a624de3f70

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.wheeloffortunecheats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 09:13:36 GMT
content-encoding: br
cf-cache-status: HIT
age: 1731
x-edge-location: Tokyo, JP
x-cache: REVALIDATED
x-age: 3604
last-modified: Thu, 23 Jun 2022 08:40:46 GMT
server: cloudflare
etag: W/"8f92-5e21968f286a9"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, must-revalidate, immutable
x-edge-ip: 82.102.28.51
cf-ray: 749fc4933b68ded7-NRT
x-storage: 824660094:8001
expires: 0

GET
H/1.1 200
OK www.wheeloffortunecheats.com_app_min.css
www.wheeloffortunecheats.com/assets/css/ 148 KB
32 KB 660ms
354ms Stylesheet
text/css 18.224.87.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wheeloffortunecheats.com/assets/css/www.wheeloffortunecheats.com_app_min.css
Requested by: Host: www.wheeloffortunecheats.com
URL: https://www.wheeloffortunecheats.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.224.87.21 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-224-87-21.us-east-2.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5ba6b182bb231ff1fe1feece1e2cae9038d06ca91704f0f30fdd323aadd265e7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.wheeloffortunecheats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 13 Sep 2022 09:13:36 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 Aug 2018 19:06:03 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"5b7b111b-25070"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
338 B 28ms
16ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: www.wheeloffortunecheats.com
URL: https://www.wheeloffortunecheats.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.wheeloffortunecheats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date: Tue, 13 Sep 2022 09:13:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 39534
x-guploader-uploadid: ADPycduOdSsiyD_9ifB9vkM7OtP5qCQIhMMDd0AM9313bOcn2APENWSb9UMH2qVUb4mkWssCTNkp3xhdnJhjC9_zebM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-type: image/gif
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CcYSyUzjcl6LLGgWc5reUjWdy%2Beo%2FfgVPyeOYYTFHerxmQm1NC8wdET1TxxHgVu6K1Wiag78Ef0txoj9c9FXmK%2F3yyZDNnJDAJcO8zSW1gQ97rSl2GsqqDVPce2%2Bc576qmXWKCbTLJFo0Yua0w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1620242732037093
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=86400
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 749fc4934a9f80f5-NRT
expires: Mon, 12 Sep 2022 23:14:42 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
663 B 42ms
2ms Image
image/x-icon 142.250.196.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: www.wheeloffortunecheats.com
URL: https://www.wheeloffortunecheats.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.wheeloffortunecheats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 08:02:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4247
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 14 Sep 2022 08:02:49 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
859 B 24ms
13ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.6349104968498693
Requested by: Host: www.wheeloffortunecheats.com
URL: https://www.wheeloffortunecheats.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.wheeloffortunecheats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date: Tue, 13 Sep 2022 09:13:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 39534
x-guploader-uploadid: ADPycduOdSsiyD_9ifB9vkM7OtP5qCQIhMMDd0AM9313bOcn2APENWSb9UMH2qVUb4mkWssCTNkp3xhdnJhjC9_zebM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-type: image/gif
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pSsPcyaPWew4Cly9NWfFkeIr865n3zP1ZV1%2FZ0Zj2wwVckwATHalzip%2BObn9iGwvGn%2BbcJCJ7cMARtGdxgYKjm7OCAUFbkqH9YkHnVNf1M7OBAs6sTOoFvRatyGDMqNEEDKUgT7IymaivnPuug%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1620242732037093
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=86400
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 749fc4934aa080f5-NRT
expires: Mon, 12 Sep 2022 23:14:42 GMT

GET
H2 204 pv Show response
api.btloader.com/ 0
128 B 142ms
130ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=FLpTgrR32&w=5705644852117504&o=5658536637890560&cv=2.0.9-1-g2cac8e3&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.wheeloffortunecheats.com%2F&upapi=true
Requested by: Host: snigelweb-com.videoplayerhub.com
URL: https://snigelweb-com.videoplayerhub.com/videoloader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.wheeloffortunecheats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 13 Sep 2022 09:13:36 GMT
cache-control: no-cache, no-store, must-revalidate
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 43ms
2ms Script
text/javascript 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-104704225-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.wheeloffortunecheats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5668
date: Tue, 13 Sep 2022 07:39:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 13 Sep 2022 09:39:08 GMT

GET
H2 200 pubads_impl_2022091201.js Show response
securepubads.g.doubleclick.net/gpt/ 376 KB
128 KB 5ms
4ms Script
text/javascript 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js?cb=31069553

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

sffe /

Resource Hash

feb6fb7964ff50524c107524c1773ae1fa2a13d37c9c2c81a9a7c87da8c970b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.wheeloffortunecheats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 05:18:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14085
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131208
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 08:37:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 13 Sep 2023 05:18:51 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 181 B
145 B 75ms
38ms XHR
application/json 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.wheeloffortunecheats.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

cafe /

Resource Hash

95bf28be35ea86a3b53ed331053a201a1e959b2d0e504cecf665a62d9d7ca56c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.wheeloffortunecheats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Sep 2022 09:13:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
expires: Tue, 13 Sep 2022 09:13:36 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
216 B 38ms
37ms XHR
text/plain 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=322267866&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wheeloffortunecheats.com%2F&ul=en-us&de=UTF-8&dt=Wheel%20of%20Fortune%20Cheats%20%26%20Answers%20%7C%20Simple%20to%20Use!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1149352154&gjid=2080164184&cid=1243412334.1663060417&tid=UA-104704225-1&_gid=876009790.1663060417&_r=1&gtm=2ou970&z=759806831

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wheeloffortunecheats.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 09:13:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wheeloffortunecheats.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
448 B 108ms
35ms XHR
text/plain 2404:6800:4008:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-104704225-1&cid=1243412334.1663060417&jid=1149352154&gjid=2080164184&_gid=876009790.1663060417&_u=YEBAAUAAAAAAAC~&z=1236337133

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4008:c07::9d Taipei, Taiwan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wheeloffortunecheats.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 13 Sep 2022 09:13:36 GMT
content-type: text/plain
access-control-allow-origin: https://www.wheeloffortunecheats.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 9ms
4ms XHR
application/javascript 18.65.175.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.175.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-175-23.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.wheeloffortunecheats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 14:16:31 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 68226
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 24 Aug 2022 19:06:24 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: tKimXuvhjexkvOlm5D.ynBWfUtiJgbbH
via: 1.1 c951e19d4b5948f3bf888af72c1a5f9c.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: NRT57-P1
content-type: application/javascript
x-amz-cf-id: va4Zj-4NeQlhYYe6zmcnvpcvGP399ZZezq2pRwRjrsqCSQPgMLMzQQ==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 619 B
985 B 4ms
3ms XHR
application/json 18.65.175.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3927&u=https%3A%2F%2Fwww.wheeloffortunecheats.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.175.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-175-23.nrt57.r.cloudfront.net
Software: Server /
Resource Hash: d1d4c66676320a20a448f13e24dbbb8957f030fd16c43e4bf22913e39354a8b1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.wheeloffortunecheats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 08:48:39 GMT
via: 1.1 8246396d0e0c0de7666d18eae9856bde.cloudfront.net (CloudFront)
server: Server
age: 1496
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.wheeloffortunecheats.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: NRT57-P1
content-length: 619
x-amz-cf-id: -N0WF8y6iNdwd25nyiVPiD3D3eLKZBvK8i1B4QOJqtR5dDmTv_DtFg==

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 119ms
3ms Script
application/javascript 23.39.13.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: www.wheeloffortunecheats.com
URL: https://www.wheeloffortunecheats.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.13.202 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-13-202.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d80b9ba4d9ed354519644fd9d90aa446ec818d52a9b98395c80a43159dc0e887

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.wheeloffortunecheats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 09:13:37 GMT
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 20:10:31 GMT
server: Apache
etag: "d71e-5e830058020dd-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17404
expires: Tue, 13 Sep 2022 09:28:37 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 48 KB
14 KB 17ms
8ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: www.wheeloffortunecheats.com
URL: https://www.wheeloffortunecheats.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e85815908064ec7977f13468af609ac980317a21b5b519cfa107948cf76b8ce9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.wheeloffortunecheats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 13 Sep 2022 09:13:36 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 31 Aug 2022 11:00:45 GMT
server: cloudflare
age: 2360
etag: W/"b17c28d6fd88a6b12feea5c52e9a7485"
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 749fc495997f34d5-NRT
x-amz-request-id: RF80GB3BNPQQHF08
x-amz-id-2: 6AgCUanwY2vPhVPBhMiRq4raV/bcJGMPJj8UqxcC2WaDfOpb1817q+PfAiMAk5oLUVTELggWrP0=

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
342 B 740ms
245ms XHR
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.eu-1-id5-sync.com/lb/v1
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31533570.ip-162-19-138.eu
Software: /
Resource Hash: 0177a9487ee76570e920b2f9a113057dc04a620369e77ad270eafba1d45dc58d

Request headers

Referer: https://www.wheeloffortunecheats.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.wheeloffortunecheats.com
date: Tue, 13 Sep 2022 09:13:37 GMT
transfer-encoding: chunked
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 165 B
545 B 346ms
323ms XHR
text/javascript 2600:9000:2219:b400:13:ed78:1200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3927&u=https%3A%2F%2Fwww.wheeloffortunecheats.com%2F&pid=B9AkRzrhhCVYW&cb=0&ws=1600x1200&v=22.9.81452&t=1250&slots=%5B%7B%22sd%22%3A%22adngin-top_leaderboard_desktop-0%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F22152718%2C15567680%2Fsws-hb%2F%2Fwheeloffortunecheats.com%2F%2FWOF_Dsk1_Top_LB%22%7D%2C%7B%22sd%22%3A%22adngin-sidebar_top-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F22152718%2C15567680%2Fsws-hb%2F%2Fwheeloffortunecheats.com%2F%2FWOF_Dsk2_Sidebar_Top%22%7D%2C%7B%22sd%22%3A%22adngin-bottom_leaderboard_desktop-0%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F22152718%2C15567680%2Fwheeloffortunecheats_bottom_adhesive_desktop%22%7D%2C%7B%22sd%22%3A%22adngin-incontent_desktop-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F22152718%2C15567680%2Fsws-hb%2F%2Fwheeloffortunecheats.com%2F%2FWOF_desktop_incontent%22%7D%2C%7B%22sd%22%3A%22adngin-sidebar_bottom_sticky-0-adaptive-group-0-placement-0%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F22152718%2C15567680%2Fsws-hb%2F%2Fwheeloffortunecheats.com%2F%2FWOF_Dsk2_Sidebar_Sticky%22%7D%2C%7B%22sd%22%3A%22adngin-sidebar_bottom_sticky-0-adaptive-group-1-placement-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F22152718%2C15567680%2Fsws-hb%2F%2Fwheeloffortunecheats.com%2F%2FWOF_Dsk2_Sidebar_Sticky%22%7D%2C%7B%22sd%22%3A%22adngin-sidebar_bottom_sticky-0-adaptive-group-1-placement-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F22152718%2C15567680%2Fsws-hb%2F%2Fwheeloffortunecheats.com%2F%2FWOF_Dsk2_Sidebar_Sticky%22%7D%5D&schain=1.0%2C1!snigelweb.com%2C7102%2C1%2C%2C%2Cwheeloffortunecheats.com&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2219:b400:13:ed78:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 368787afcc20e375fe47132a852e1f09b27381102dab05bb2fb012b83ee6299f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.wheeloffortunecheats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 09:13:37 GMT
content-encoding: gzip
server: Server
x-amz-cf-pop: NRT57-P1
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.wheeloffortunecheats.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 158
via: 1.1 7140f0ca7678f315f05e94435ec1dea8.cloudfront.net (CloudFront)
x-amz-cf-id: zqN_73ao99YNPqiuXqu5AS93HNUom9igkYuO8o9lkVkk3IkyLtdzew==

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 11ms
4ms Preflight
application/json 2406:2600:4::b
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.wheeloffortunecheats.com%2F&domain=www.wheeloffortunecheats.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.wheeloffortunecheats.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.wheeloffortunecheats.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 13 Sep 2022 09:13:36 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 267503
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
904 B 25ms
11ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/5.20.2/prebid.js?v=4665-1662990105556
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.wheeloffortunecheats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 09:13:36 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6
x-amz-request-id: txaf6e2c1c2f9f41df87375-00631b6357
x-amz-id-2: txaf6e2c1c2f9f41df87375-00631b6357
last-modified: Fri, 09 Sep 2022 16:00:45 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rxrMuu%2BAuq3Gtog%2FOI8KOvAVkDFeGwEEbAH%2F32fdZirm71E8UiESLkjg4QfW8oXHq%2FcXLcbkpGsIgJV6agOMuO9%2FeWA9N6JGiXgejaTs%2FrY4YieqNq4qcMb35d6NNwYrszy4ElbaDxsDkiIl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1662739245697142
cf-ray: 749fc495de4fafc7-NRT
expires: Tue, 13 Sep 2022 09:43:36 GMT

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.wheeloffortunecheats.com%2F&domain=www.wheeloffortunecheats.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=T_0HwnxNQ05Fa21MbTlDazU3ajNFT0hiRDJGQzJUcGlwNXdaZytJR2RvNXQ0TW95b3dVV0V2TFpnR2o0UGoyUjg0N1MrYUhWZHozVHluTlZ5a29TMDVHWGNSTTV6Q0RuVEo2V2I2c1RMdDd6ZmNxNDFjc1BTanNDQUdMbG...

408 B
680 B

7ms
3ms

XHR
application/json

182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=T_0HwnxNQ05Fa21MbTlDazU3ajNFT0hiRDJGQzJUcGlwNXdaZytJR2RvNXQ0TW95b3dVV0V2TFpnR2o0UGoyUjg0N1MrYUhWZHozVHluTlZ5a29TMDVHWGNSTTV6Q0RuVEo2V2I2c1RMdDd6ZmNxNDFjc1BTanNDQUdMbGp3V3dPVHVxTnZIbFJVbG9Ic1BjWm51K252bHRnRlZFUVdzOFp6Z0NPVG1WSlNmM1h6UTgzMzRnUWZpemxleDRlTDVSb1hCT2srWWVkV3JMbWx2ZE8ycStmaitEV2JpTzZnWXNnS3lhaFYydWp1MmE1YWlDbExNVERiVFF3Y2dyYmluNk5XcVpRfA&cppv=2

Requested by

Host: www.wheeloffortunecheats.com
URL: https://www.wheeloffortunecheats.com/

Protocol

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

43477afc4ae4ce50cf0c4b9c5a574da6683bd600ce8e4433b5eb71d902892d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.wheeloffortunecheats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 09:13:36 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 574318
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Sep 2022 09:13:36 GMT
server: Kestrel
location: https://mug.criteo.com/sid?cpp=T_0HwnxNQ05Fa21MbTlDazU3ajNFT0hiRDJGQzJUcGlwNXdaZytJR2RvNXQ0TW95b3dVV0V2TFpnR2o0UGoyUjg0N1MrYUhWZHozVHluTlZ5a29TMDVHWGNSTTV6Q0RuVEo2V2I2c1RMdDd6ZmNxNDFjc1BTanNDQUdMbGp3V3dPVHVxTnZIbFJVbG9Ic1BjWm51K252bHRnRlZFUVdzOFp6Z0NPVG1WSlNmM1h6UTgzMzRnUWZpemxleDRlTDVSb1hCT2srWWVkV3JMbWx2ZE8ycStmaitEV2JpTzZnWXNnS3lhaFYydWp1MmE1YWlDbExNVERiVFF3Y2dyYmluNk5XcVpRfA&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
access-control-allow-origin: https://www.wheeloffortunecheats.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 273253
content-length: 0
expires: 0

POST
H/1.1 200 364.json Show response
id5-sync.com/g/v2/ 456 B
1 KB 737ms
245ms XHR
application/json 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/364.json

Requested by

Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/5.20.2/prebid.js?v=4665-1662990105556

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

19ede48bc51809b2c106a5f0b6919863e189e5e16975bc2217f8aaa2019ef305

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.wheeloffortunecheats.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Sep 2022 09:13:36 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://www.wheeloffortunecheats.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8
transfer-encoding: chunked

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
553 B 16ms
5ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=8p4qh9l&fmt=json
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/5.20.2/prebid.js?v=4665-1662990105556
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 6e6551dedeeb4fb2ea88c400231e97f49a09b8d2d194ff301486e99042ad2a75

Request headers

Referer: https://www.wheeloffortunecheats.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Sep 2022 09:13:36 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.wheeloffortunecheats.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Thu, 13 Oct 2022 09:13:36 GMT

GET
H2 200 adagio.js Show response
script.4dex.io/ 72 KB
23 KB 16ms
11ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65910d9ad85211ab3195d9d6947901ca337e779f404344bc7209b5809d70e18c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.wheeloffortunecheats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 09:13:36 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 311385
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: tx14ff4394ce1340ce81a72-00631b6396
x-amz-id-2: tx14ff4394ce1340ce81a72-00631b6396
last-modified: Fri, 09 Sep 2022 16:00:45 GMT
server: cloudflare
etag: W/"831813ee9b2fc0d248741417a0e3b488"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yfsa2j%2Fb3ee7f%2FZ6ujsEpPxBqwIIlCAt%2BU5Js80o%2BIPD6dJKONJRZ%2BadVSMx7YnHRnuoutu5jR2s9cBu6FvmmTAy8lc7FUp1i%2FNuqyjX7dDoFUlnQRsXBUzw0erFVJjPMe4aEzBya7NUFafe"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1662739245061580
cf-ray: 749fc495fde5af94-NRT
access-control-allow-headers: Authorization

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 249ms
3ms Preflight
application/json 182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 13 Sep 2022 09:13:36 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 311654
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
1 KB 349ms
124ms XHR
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14598&site_id=227508&zone_id=1121244&size_id=2&alt_size_ids=55&gdpr=0&us_privacy=1---&rp_schain=1.0,1!snigelweb.com,7102,1,,,wheeloffortunecheats.com&eid_pubcid.org=8d6f0541-2986-4a19-817f-b199c05660c1%5E1&tpid_tdid=25fd5c9c-bab9-421b-969e-7f1456c58397&eid_adserver.org=25fd5c9c-bab9-421b-969e-7f1456c58397&rf=https%3A%2F%2Fwww.wheeloffortunecheats.com%2F&tk_flint=pbjs_lite_v5.20.2&x_source.tid=77b7d557-44ce-4ab0-8fff-1f23de350b22&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.0507&rp_maxbids=1&slots=1&rand=0.12349814624436295
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/5.20.2/prebid.js?v=4665-1662990105556
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: c1166316acff1d7e6302ce32b3ee2453f0f36aadfa1b2fdb682b0162f1ee2411

Request headers

Referer: https://www.wheeloffortunecheats.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 13 Sep 2022 09:13:37 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.wheeloffortunecheats.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 260
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 459ms
233ms XHR
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14598&site_id=227508&zone_id=1439454&size_id=15&gdpr=0&us_privacy=1---&rp_schain=1.0,1!snigelweb.com,7102,1,,,wheeloffortunecheats.com&eid_pubcid.org=8d6f0541-2986-4a19-817f-b199c05660c1%5E1&tpid_tdid=25fd5c9c-bab9-421b-969e-7f1456c58397&eid_adserver.org=25fd5c9c-bab9-421b-969e-7f1456c58397&rf=https%3A%2F%2Fwww.wheeloffortunecheats.com%2F&tk_flint=pbjs_lite_v5.20.2&x_source.tid=bd2215e6-5d17-463c-a6f5-d26ca823721f&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.0507&rp_maxbids=1&slots=1&rand=0.03961528534768388
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/5.20.2/prebid.js?v=4665-1662990105556
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 5bbb09900fc5db06e7575d8c6fc806b41afb7a51e7a4d53126dcd8550239b4c9

Request headers

Referer: https://www.wheeloffortunecheats.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 13 Sep 2022 09:13:37 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.wheeloffortunecheats.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
1 KB 379ms
152ms XHR
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14598&site_id=227508&zone_id=1121248&size_id=2&alt_size_ids=55&gdpr=0&us_privacy=1---&rp_schain=1.0,1!snigelweb.com,7102,1,,,wheeloffortunecheats.com&eid_pubcid.org=8d6f0541-2986-4a19-817f-b199c05660c1%5E1&tpid_tdid=25fd5c9c-bab9-421b-969e-7f1456c58397&eid_adserver.org=25fd5c9c-bab9-421b-969e-7f1456c58397&rf=https%3A%2F%2Fwww.wheeloffortunecheats.com%2F&tk_flint=pbjs_lite_v5.20.2&x_source.tid=08093068-2cbd-47d9-8b93-755c7142442a&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.0507&rp_maxbids=1&slots=1&rand=0.7485595541515597
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/5.20.2/prebid.js?v=4665-1662990105556
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 0608c789269ed4beb1de125c1b967161a30dade0d81f7522690183abf805d9a6

Request headers

Referer: https://www.wheeloffortunecheats.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 13 Sep 2022 09:13:37 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.wheeloffortunecheats.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
1 KB 366ms
134ms XHR
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14598&site_id=227508&zone_id=1874790&size_id=15&alt_size_ids=2&gdpr=0&us_privacy=1---&rp_schain=1.0,1!snigelweb.com,7102,1,,,wheeloffortunecheats.com&eid_pubcid.org=8d6f0541-2986-4a19-817f-b199c05660c1%5E1&tpid_tdid=25fd5c9c-bab9-421b-969e-7f1456c58397&eid_adserver.org=25fd5c9c-bab9-421b-969e-7f1456c58397&rf=https%3A%2F%2Fwww.wheeloffortunecheats.com%2F&tk_flint=pbjs_lite_v5.20.2&x_source.tid=f33ccc6c-2464-4ab3-80a1-b998cad0000e&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.0507&rp_maxbids=1&slots=1&rand=0.6195856533464894
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/5.20.2/prebid.js?v=4665-1662990105556
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 1ff3fe0013040ea627968a7df3cc5bcd75c59c8198213fb674cadd7ae8b66d28

Request headers

Referer: https://www.wheeloffortunecheats.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 13 Sep 2022 09:13:37 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.wheeloffortunecheats.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 260
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
1 KB 358ms
124ms XHR
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14598&site_id=227508&zone_id=1121246&size_id=15&alt_size_ids=10&gdpr=0&us_privacy=1---&rp_schain=1.0,1!snigelweb.com,7102,1,,,wheeloffortunecheats.com&eid_pubcid.org=8d6f0541-2986-4a19-817f-b199c05660c1%5E1&tpid_tdid=25fd5c9c-bab9-421b-969e-7f1456c58397&eid_adserver.org=25fd5c9c-bab9-421b-969e-7f1456c58397&rf=https%3A%2F%2Fwww.wheeloffortunecheats.com%2F&tk_flint=pbjs_lite_v5.20.2&x_source.tid=29d6adf8-f7d5-434f-9d5f-d0820ed963f0&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.0507&rp_maxbids=1&slots=1&rand=0.6110268520731292
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/5.20.2/prebid.js?v=4665-1662990105556
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: cc123fa72bf4b7018e474ff8678e095ca7c2caa3dc722eec9d8d5f9fa5d9aa71

Request headers

Referer: https://www.wheeloffortunecheats.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 13 Sep 2022 09:13:37 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.wheeloffortunecheats.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 261
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 370ms
135ms XHR
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14598&site_id=227508&zone_id=1121246&size_id=15&gdpr=0&us_privacy=1---&rp_schain=1.0,1!snigelweb.com,7102,1,,,wheeloffortunecheats.com&eid_pubcid.org=8d6f0541-2986-4a19-817f-b199c05660c1%5E1&tpid_tdid=25fd5c9c-bab9-421b-969e-7f1456c58397&eid_adserver.org=25fd5c9c-bab9-421b-969e-7f1456c58397&rf=https%3A%2F%2Fwww.wheeloffortunecheats.com%2F&tk_flint=pbjs_lite_v5.20.2&x_source.tid=cc6e3b3f-4f26-4e33-b799-c6e9d23d88f7&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.0507&rp_maxbids=1&slots=1&rand=0.7707872128287787
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/5.20.2/prebid.js?v=4665-1662990105556
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 03566ff71ce881e1ddb2e85238471acc2fcaadc990ba0f4d99418944e810d822

Request headers

Referer: https://www.wheeloffortunecheats.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 13 Sep 2022 09:13:37 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.wheeloffortunecheats.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 478ms
130ms XHR
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14598&site_id=227508&zone_id=1121246&size_id=15&gdpr=0&us_privacy=1---&rp_schain=1.0,1!snigelweb.com,7102,1,,,wheeloffortunecheats.com&eid_pubcid.org=8d6f0541-2986-4a19-817f-b199c05660c1%5E1&tpid_tdid=25fd5c9c-bab9-421b-969e-7f1456c58397&eid_adserver.org=25fd5c9c-bab9-421b-969e-7f1456c58397&rf=https%3A%2F%2Fwww.wheeloffortunecheats.com%2F&tk_flint=pbjs_lite_v5.20.2&x_source.tid=d85b6baa-6fe0-4357-bd1b-8e54109d4ac6&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.0507&rp_maxbids=1&slots=1&rand=0.8188314701012602
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/5.20.2/prebid.js?v=4665-1662990105556
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 776768838c267cfa3556be9b575081f8533968e088e23a9fafc730e67705d842

Request headers

Referer: https://www.wheeloffortunecheats.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 13 Sep 2022 09:13:37 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.wheeloffortunecheats.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 36 B
572 B 203ms
193ms XHR
application/json 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=321850&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2298e6396d98e7c1%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.wheeloffortunecheats.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A11%2C%22msi%22%3A11%2C%22mfu%22%3A0%2C%22bu%22%3A7%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A7%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.2%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22103a6e6668e1b9a%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22321850%22%2C%22fl%22%3A%22p%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22321850%22%2C%22fl%22%3A%22p%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%7D%2C%22bidfloor%22%3A0.05%2C%22bidfloorcur%22%3A%22EUR%22%7D%2C%7B%22id%22%3A%2211c5256ae25180b%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22416103%22%2C%22fl%22%3A%22p%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22bidfloor%22%3A0.05%2C%22bidfloorcur%22%3A%22EUR%22%7D%2C%7B%22id%22%3A%221253d14559346c8%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22321852%22%2C%22fl%22%3A%22p%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22321852%22%2C%22fl%22%3A%22p%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%7D%2C%22bidfloor%22%3A0.05%2C%22bidfloorcur%22%3A%22EUR%22%7D%2C%7B%22id%22%3A%221313ce0f0a74d7b%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22588372%22%2C%22fl%22%3A%22p%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22588372%22%2C%22fl%22%3A%22p%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22bidfloor%22%3A0.05%2C%22bidfloorcur%22%3A%22EUR%22%7D%2C%7B%22id%22%3A%2214502860206e14f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22321851%22%2C%22fl%22%3A%22p%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22321851%22%2C%22fl%22%3A%22p%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22bidfloor%22%3A0.05%2C%22bidfloorcur%22%3A%22EUR%22%7D%2C%7B%22id%22%3A%2215525350236a3dd%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22321851%22%2C%22fl%22%3A%22p%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22bidfloor%22%3A0.05%2C%22bidfloorcur%22%3A%22EUR%22%7D%2C%7B%22id%22%3A%22169f5e453a4ae82%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22321851%22%2C%22fl%22%3A%22p%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22bidfloor%22%3A0.05%2C%22bidfloorcur%22%3A%22EUR%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22snigelweb.com%22%2C%22sid%22%3A%227102%22%2C%22domain%22%3A%22wheeloffortunecheats.com%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2225fd5c9c-bab9-421b-969e-7f1456c58397%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%5D%2C%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%7D
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/5.20.2/prebid.js?v=4665-1662990105556
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c122cd664c0df6796112e3d1b62a7ce313cde19615433ff68dc55fd870ff9232

Request headers

Referer: https://www.wheeloffortunecheats.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 09:13:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ToS95fjJo593AfajTEoohnAesW1jEcUt5XoVFrpJBz3urwowqELVwrgJ%2BWwk4632L0OvurIik2FKc3Bd54ESpo7yvSp6ykLt3Q%2BHSsoCkOoh2DZTzHffhMegFwZbP%2FYdR6bIT1i8"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.wheeloffortunecheats.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 749fc496497a809f-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 1 KB
2 KB 1020ms
268ms XHR
application/json 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/5.20.2/prebid.js?v=4665-1662990105556
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: ba8fb17078ed4ce106f6d13954d859546ca19e78b21338fd8d113c744206d7fb

Request headers

Referer: https://www.wheeloffortunecheats.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 09:13:37 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.wheeloffortunecheats.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 1006 B
2 KB 1012ms
260ms XHR
application/json 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/5.20.2/prebid.js?v=4665-1662990105556
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: ae05f6a96540b6e8607bc23466939dbd972babf10403f1fd57d290b7ab9c1d0e

Request headers

Referer: https://www.wheeloffortunecheats.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 09:13:37 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.wheeloffortunecheats.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 1000 B
2 KB 1023ms
267ms XHR
application/json 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/5.20.2/prebid.js?v=4665-1662990105556
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e59cf575f7203ec6d1dd5baf20ea5038898f5d8d1bc6a63217da212ce7f94700

Request headers

Referer: https://www.wheeloffortunecheats.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 09:13:37 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.wheeloffortunecheats.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 846 B
2 KB 1064ms
302ms XHR
application/json 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/5.20.2/prebid.js?v=4665-1662990105556
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 4850322fc47f56c582d28fc8490cb669f4603bf7f00020e7abba15edbbe18872

Request headers

Referer: https://www.wheeloffortunecheats.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 09:13:37 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.wheeloffortunecheats.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 1 KB
2 KB 1110ms
328ms XHR
application/json 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/5.20.2/prebid.js?v=4665-1662990105556
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 229537d7b68d119c7de7405aed57ca1145310b9cf2a37e86efc06dc753f8fd23

Request headers

Referer: https://www.wheeloffortunecheats.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 09:13:37 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.wheeloffortunecheats.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 983 B
2 KB 1114ms
313ms XHR
application/json 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/5.20.2/prebid.js?v=4665-1662990105556
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: d1db1d74c915911182b91320b1f4c9cb305b67a5954e0bcea363eb314ac2a6a5

Request headers

Referer: https://www.wheeloffortunecheats.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 09:13:37 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.wheeloffortunecheats.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST v1
prg.smartadserver.com/prebid/ 0
0

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
261 B 366ms
129ms XHR
application/json 52.77.152.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9690ab017070f834caf8ed2e530038&pos=wof_dsk1_top_lb&cmd=bid&eidadserver.org=25fd5c9c-bab9-421b-969e-7f1456c58397&secure=1&us_privacy=1---
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/5.20.2/prebid.js?v=4665-1662990105556
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 58da13e3e2a48d44eead1f3b3bd302c5916964dfe7494dc85f8417228494307d

Request headers

Referer: https://www.wheeloffortunecheats.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Sep 2022 09:13:37 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.wheeloffortunecheats.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
261 B 391ms
154ms XHR
application/json 52.77.152.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9690ab017070f834caf8ed2e530038&pos=swshb_wof_dsk2_sidebar_top&cmd=bid&eidadserver.org=25fd5c9c-bab9-421b-969e-7f1456c58397&secure=1&us_privacy=1---
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/5.20.2/prebid.js?v=4665-1662990105556
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: d6d5ee7f80e0dbe37702933eb6acfb8cbc455b2c9d2dbeec2298e5b48d93e4c3

Request headers

Referer: https://www.wheeloffortunecheats.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Sep 2022 09:13:37 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.wheeloffortunecheats.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
472 B 361ms
124ms XHR
application/json 52.77.152.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9690ab017070f834caf8ed2e530038&pos=8a9698ef0175754ff4a1650087350454&cmd=bid&eidadserver.org=25fd5c9c-bab9-421b-969e-7f1456c58397&secure=1&us_privacy=1---
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/5.20.2/prebid.js?v=4665-1662990105556
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 75c3c27288e75d0770575221ea4729bccb90a71fd7c169f022d55f29b4b52bae

Request headers

Referer: https://www.wheeloffortunecheats.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Sep 2022 09:13:37 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.wheeloffortunecheats.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
262 B 367ms
131ms XHR
application/json 52.77.152.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9690ab017070f834caf8ed2e530038&pos=wof_dsk2_sidebar_sticky&cmd=bid&eidadserver.org=25fd5c9c-bab9-421b-969e-7f1456c58397&secure=1&us_privacy=1---
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/5.20.2/prebid.js?v=4665-1662990105556
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: c571a8b2995d5c32a7e3ac48db3836f93261c037281ddff03a2a593f5b076fa1

Request headers

Referer: https://www.wheeloffortunecheats.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Sep 2022 09:13:37 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.wheeloffortunecheats.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
262 B 367ms
130ms XHR
application/json 52.77.152.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9690ab017070f834caf8ed2e530038&pos=wof_dsk2_sidebar_sticky&cmd=bid&eidadserver.org=25fd5c9c-bab9-421b-969e-7f1456c58397&secure=1&us_privacy=1---
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/5.20.2/prebid.js?v=4665-1662990105556
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: dd9aef615cdfe297f8f1d3f618bf063c588f79fe02486a8939daf5bd6c4803fd

Request headers

Referer: https://www.wheeloffortunecheats.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Sep 2022 09:13:37 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.wheeloffortunecheats.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
261 B 443ms
207ms XHR
application/json 52.77.152.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9690ab017070f834caf8ed2e530038&pos=wof_dsk2_sidebar_sticky&cmd=bid&eidadserver.org=25fd5c9c-bab9-421b-969e-7f1456c58397&secure=1&us_privacy=1---
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/5.20.2/prebid.js?v=4665-1662990105556
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 811352d3c8c2611bb28dfad7f26ff9d0a44e6c006cea3dca18524bbc83c8e1fc

Request headers

Referer: https://www.wheeloffortunecheats.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Sep 2022 09:13:37 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.wheeloffortunecheats.com
access-control-allow-credentials: true
content-length: 62

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 846 B
1 KB 263ms
104ms XHR
application/json 103.43.90.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/5.20.2/prebid.js?v=4665-1662990105556

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.21 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

8d40c1ab3a72d60f7cdc89dfb3a7e60bdb6c26d01ee2b34477f1d1c670902ad2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.wheeloffortunecheats.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 13 Sep 2022 09:13:37 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.138.252.181; 217.138.252.181; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: eeca247f-c5dd-41dc-8a58-6926b56d22eb
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.wheeloffortunecheats.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
425 B 1068ms
906ms XHR
application/json 139.99.49.250
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/5.20.2/prebid.js?v=4665-1662990105556

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip250.ip-139-99-49.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.wheeloffortunecheats.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
access-control-allow-headers: content-type, origin, referer, user-agent
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.wheeloffortunecheats.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 41

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame C6B7
Redirect Chain

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&dcc=t

335 B
1 KB

201ms
200ms

Document
text/html

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&dcc=t

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

a24c7bf53a125eebda09ddd5d0fad85a11874962f397926102830f9289743315

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://www.wheeloffortunecheats.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 335
Content-Type: text/html;charset=ISO-8859-1
Date: Tue, 13 Sep 2022 09:13:38 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 4VDCAX9X3KVXW881WY8Q

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Tue, 13 Sep 2022 09:13:37 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 0KFJTJGQND82DMD4FPJK

POST
H/1.1 200 364.json Show response
id5-sync.com/g/v2/ 456 B
1 KB 264ms
244ms XHR
application/json 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/364.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

b7b6c4712b5e56be6158a10147537514ded56d75514cdd4ad9ac2a4e1e83dde3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.wheeloffortunecheats.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Sep 2022 09:13:36 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://www.wheeloffortunecheats.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8
transfer-encoding: chunked

GET
H/1.1

200

822.gif
id5-sync.com/k/
Redirect Chain

https://id5-sync.com/i/364/8.gif?id5id=ID5*_Uowto1k3sQIlvaV0iFaiewv7Gtf5j00mRPdWyQ0L2Qi43XrLCKt01QoasORVgFr&o=api&gdpr_consent=undefined&gdpr=false
https://ib.adnxs.com/getuid?https://id5-sync.com/c/364/2/7/2.gif?puid=$UID&gdpr=0&gdpr_consent=
https://id5-sync.com/c/364/2/7/2.gif?puid=1768410491449595057&gdpr=0&gdpr_consent=
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOKmajPa-Ui2x1IydwSy2RkvjkQM0-EaCigzZSnQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F364%2F3%2F6%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
https://id5-sync.com/c/364/3/6/3.gif?puid=e1ab6320-49c2-4500-bafc-1591abdb9e7c&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
https://id5-sync.com/k/264.gif?puid=25fd5c9c-bab9-421b-969e-7f1456c58397&ttl=%%TTL%%
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F364%2F108%2F4%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F364%2F108%2F4%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gd...
https://id5-sync.com/c/364/108/4/5.gif?puid=7114302c-62ab-4cdb-8257-e5609aa56b75&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/364/19/3/6.gif?puid=${profile_id}&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/364/19/3/6.gif?puid=${profile_id}&gdpr=0&gdpr_consent=
https://id5-sync.com/c/364/19/3/6.gif?puid=c2e41a70a8fc200273dbfe484af0260c&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
https://match.prod.bidr.io/cookie-sync/id5?us_privacy=&_bee_ppp=1
https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAHJnk7GQJQAAA6MWOLTvQ
https://token.rubiconproject.com/token?pid=49266&puid={ID5UID}&gdpr=0&gdpr_consent=
https://id5-sync.com/k/285.gif?puid=L7ZZ8EOY-Y-DVIC&gdpr=0
https://inmobi-match.dotomi.com/match/bounce/current?networkId=98193&version=1&gdpr=0&gdpr_consent=
https://inmobi-match.dotomi.com/match/bounce/current?DotomiTest=2e1c4a9e79192262&is_secure=true&networkId=98193&version=1&gdpr=0&gdpr_consent=
https://id5-sync.com/k/822.gif?puid=AAAMSk6YfYiZSwMngkq_AAAAAAA&expiration=1663146820&is_secure=true&gdpr_consent=&gdpr=0

43 B
2 KB

259ms
258ms

Image
image/gif

141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/k/822.gif?puid=AAAMSk6YfYiZSwMngkq_AAAAAAA&expiration=1663146820&is_secure=true&gdpr_consent=&gdpr=0

Requested by

Host: www.wheeloffortunecheats.com
URL: https://www.wheeloffortunecheats.com/

Protocol

HTTP/1.1

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.wheeloffortunecheats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 09:13:40 GMT
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

Redirect headers

pragma: no-cache
date: Tue, 13 Sep 2022 09:13:40 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://id5-sync.com/k/822.gif?puid=AAAMSk6YfYiZSwMngkq_AAAAAAA&expiration=1663146820&is_secure=true&gdpr_consent=&gdpr=0
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame D1E7 3 KB
3 KB 181ms
181ms Document
text/html 52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

0f7243be102ec27af4b7a84ad9e13bfbd0d540b49ba25ff50c5e6e2163f8fd5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&dcc=t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 2657
Content-Type: text/html;charset=ISO-8859-1
Date: Tue, 13 Sep 2022 09:13:38 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: XKRNNM1A3J6TXM3MCD6S

GET
H2 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
792 B 239ms
119ms Script
application/javascript 2404:6800:4004:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=www.wheeloffortunecheats.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js?cb=31069553

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.wheeloffortunecheats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Sep 2022 09:13:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 117ms
39ms Script
application/javascript 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.wheeloffortunecheats.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js?cb=31069553

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.wheeloffortunecheats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Sep 2022 09:13:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 6 KB
749 B 343ms
343ms XHR
text/plain 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4170612928635940&correlator=1110456003761341&eid=31069553&output=ldjh&gdfp_req=1&vrg=2022091201&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=22152718%3A15567680%2Csws-hb%2Cwheeloffortunecheats.com%2CWOF_Dsk1_Top_LB%2CWOF_Dsk2_Sidebar_Top%2Cwheeloffortunecheats_bottom_adhesive_desktop%2CWOF_desktop_incontent%2CWOF_Dsk2_Sidebar_Sticky&enc_prev_ius=%2F0%2F1%2F%2F2%2F%2F3%2C%2F0%2F1%2F%2F2%2F%2F4%2C%2F0%2F5%2C%2F0%2F1%2F%2F2%2F%2F6%2C%2F0%2F1%2F%2F2%2F%2F7&prev_iu_szs=728x90%7C970x90%2C300x250%7C1x1%2C728x90%7C970x90%7C1x1%2C300x250%7C728x90%2C300x600%7C300x250%7C1x1&ifi=1&adks=1383926192%2C973634497%2C2940569243%2C75530165%2C133609985&sfv=1-0-38&fsapi=false&prev_scp=amznbid%3D2%26amznp%3D2%26sn_adngin%3D1%26sn_cr%3Dnone%26sn_ic%3D1%26sn_adx%3D1%26sn_rm%3D0%26sn_pd%3D0%26sn_tam%3D1%26amznt%3D354%26_adngin_ba%3Dfalse%7Camznbid%3D2%26amznp%3D2%26sn_adngin%3D1%26sn_cr%3Dnone%26sn_ic%3D1%26sn_adx%3D1%26sn_rm%3D0%26sn_pd%3D0%26sn_tam%3D1%26amznt%3D354%26_adngin_ba%3Dfalse%7Camznbid%3D2%26amznp%3D2%26sn_adngin%3D1%26sn_cr%3Dnone%26sn_ic%3D1%26sn_adx%3D1%26sn_rm%3D0%26sn_pd%3D0%26sn_tam%3D1%26amznt%3D354%26sn_stk%3Dbottom%26_adngin_ba%3Dfalse%7Camznbid%3D2%26amznp%3D2%26sn_adngin%3D1%26sn_cr%3Dnone%26sn_ic%3D1%26sn_adx%3D1%26sn_rm%3D0%26sn_pd%3D0%26sn_tam%3D1%26amznt%3D354%26_adngin_ba%3Dfalse%7Camznbid%3D2%26amznp%3D2%26sn_adngin%3D1%26sn_cr%3Dnone%26sn_ic%3D1%26sn_adx%3D1%26sn_rm%3D0%26sn_pd%3D0%26sn_tam%3D1%26amznt%3D354%26sn_stk%3Dvertical%26_adngin_ba%3Dfalse&eri=1&cust_params=sn_ct1%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1663060418266&lmt=1663060418&dlt=1663060416417&idt=244&adxs=657%2C1019%2C436%2C230%2C1057&adys=20%2C294%2C1295%2C1230%2C594&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2%7C0&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wheeloffortunecheats.com%2F&frm=20&vis=1&psz=728x-1%7C360x49%7C1600x-1%7C768x0%7C345x600&msz=728x-1%7C360x0%7C1600x-1%7C768x0%7C300x0&fws=512%2C0%2C512%2C0%2C512&ohw=0%2C0%2C0%2C0%2C0&ga_vid=1243412334.1663060417&ga_sid=1663060418&ga_hid=322267866&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js?cb=31069553

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

cafe /

Resource Hash

328c27449f4ae26ee462212c56e3c7ce2642a1c4279cdd52ec6092d3dfea9f9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.wheeloffortunecheats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 09:13:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 719
x-xss-protection: 0
google-lineitem-id: -2,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wheeloffortunecheats.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a68679edec791171cd3a7410944b51dd.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 95F6 6 KB
4 KB 255ms
38ms Document
text/html 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a68679edec791171cd3a7410944b51dd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js?cb=31069553

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wheeloffortunecheats.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 09:13:38 GMT
expires: Wed, 13 Sep 2023 09:13:38 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amzns2s Show response
rtb.gumgum.com/usync/ Frame E2C2 4 KB
2 KB 16ms
4ms Document
text/html 13.112.124.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.112.124.88 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-112-124-88.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a83d4325be9f77a26646e363b991627b2d06c8cc7ca51209ac9751e922ab5da3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Tue, 13 Sep 2022 09:13:38 GMT
etag: W/"0358cc0f4e73976b7c7512761b2473990"
server: nginx
timing-allow-origin: *

GET
H3

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 28D5
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1

2 KB
1 KB

272ms
261ms

Document
text/html

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 230b0a845fb99d764378ce0d00ad6e5e5553bdae634d068127e8f305f43f1424

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 749fc49faa4b1f57-NRT
content-encoding: br
content-type: text/html
date: Tue, 13 Sep 2022 09:13:38 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hgIhpJ6QM8Afs4SmS2sXlekHZoknXj1MneR60bUdaDCwifuRpzK2f1hxVUlEITN62qniQ%2BoCW0DMkFtm%2BbSZsyTgN%2FEDu245i3Sv%2B2xmERcIq9jJDdr7Fd6jjHMxVLe5KD9Z3MXkzpvAYA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 749fc49efbfb8a4b-NRT
content-length: 0
date: Tue, 13 Sep 2022 09:13:38 GMT
expires: 0
location: /usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lOkj87y5ow5Vz8%2BkGyU0RFddm18wq6do6R9VuajguhIYUp66PjYY3LEBeytEhqnOsT44kl3j5D6rtNnaACqIb5KSMYLxkkq6mIMSGWA3jtdP4y34xGfZuLpYO4tAwH0rcHBqCPqNM3ayhg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 / Show response
match.sharethrough.com/jwumXNuB/v1/ Frame 7F5B 427 B
612 B 398ms
68ms Document
text/html 54.255.75.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.255.75.208 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-255-75-208.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 4404ff409765a97094b98fc1a3dc1d9f194a3f70afc67548e6067f00162a6b24

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

content-length: 427
date: Tue, 13 Sep 2022 09:13:38 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 51AF 15 KB
6 KB 15ms
3ms Document
text/html 23.44.52.240
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.44.52.240 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-52-240.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=30300
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Tue, 13 Sep 2022 09:13:38 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Tue, 13 Sep 2022 17:38:38 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 tamptsync Show response
sync-amz.ads.yieldmo.com/ Frame DD6F 872 B
735 B 369ms
69ms Document
text/html 52.220.183.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.220.183.187 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-220-183-187.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: e64e175d25543787ff83c02f7d8bb636b0cedf48e38291f11becc5363eaefb56

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Tue, 13 Sep 2022 09:13:38 GMT
pragma: no-cache
vary: accept-encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 5062 281 B
573 B 11ms
2ms Document
text/html 104.88.208.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.88.208.33 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-88-208-33.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Sep 2022 09:13:38 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame A0A8
Redirect Chain

https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&gdpr=0
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1NMHJRMDg1RTJ1TFBONXpBdE1zVzRUWHBqZjNwbkZBZ35B&gdpr=0&gdpr_consent=

43 B
479 B

327ms
184ms

Document
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1NMHJRMDg1RTJ1TFBONXpBdE1zVzRUWHBqZjNwbkZBZ35B&gdpr=0&gdpr_consent=

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Tue, 13 Sep 2022 09:13:38 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: 214YMJAV3V2YJMNW9QP8

Redirect headers

age: 0
content-length: 0
date: Tue, 13 Sep 2022 09:13:38 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1NMHJRMDg1RTJ1TFBONXpBdE1zVzRUWHBqZjNwbkZBZ35B&gdpr=0&gdpr_consent=
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.10.25
strict-transport-security: max-age=31536000

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame 5020
Redirect Chain

https://ssbsync-us.smartadserver.com/api/sync?callerId=2&gdpr=0
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1872231576753694999&gdpr=0&gdpr_consent=

43 B
479 B

203ms
183ms

Document
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1872231576753694999&gdpr=0&gdpr_consent=

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Tue, 13 Sep 2022 09:13:38 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: KN58SHW4Q4MSHSNPRHMJ

Redirect headers

content-length: 0
date: Tue, 13 Sep 2022 09:13:38 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1872231576753694999&gdpr=0&gdpr_consent=

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame 5502
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid=%24UID&ex=appnexus.com&gdpr=0
https://s.amazon-adsystem.com/ecm3?id=1768410491449595057&ex=appnexus.com&gdpr=0

43 B
479 B

184ms
184ms

Document
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?id=1768410491449595057&ex=appnexus.com&gdpr=0

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Tue, 13 Sep 2022 09:13:38 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: SJDBVHJER2V34WD0S956

Redirect headers

AN-X-Request-Uuid: a9388cbe-27fc-44ec-ae06-527b0561e4e4
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Tue, 13 Sep 2022 09:13:38 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://s.amazon-adsystem.com/ecm3?id=1768410491449595057&ex=appnexus.com&gdpr=0
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 217.138.252.181; 217.138.252.181; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame 7A78
Redirect Chain

https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3653888948030760734942

43 B
479 B

296ms
183ms

Document
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3653888948030760734942

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Tue, 13 Sep 2022 09:13:38 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: 882PYVJS8G113TSJMN8A

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Tue, 13 Sep 2022 09:13:38 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3653888948030760734942
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 5062 32 KB
10 KB 5ms
5ms Script
text/html 104.88.208.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.88.208.33 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-88-208-33.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: eb940c1d146aea06f890f0efc054b9ecf1cf1c256020934f573b72de8d6b3f9b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 13 Sep 2022 09:13:38 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 16:22:46 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=71355
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9451
Expires: Wed, 14 Sep 2022 05:02:53 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame E2C2
Redirect Chain

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
https://usersync.gumgum.com/usersync?b=apn&i=1768410491449595057

35 B
250 B

7ms
7ms

Image
image/gif

13.112.54.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=apn&i=1768410491449595057
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Server: 13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Sep 2022 09:13:38 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 13 Sep 2022 09:13:38 GMT
X-Proxy-Origin: 217.138.252.181; 217.138.252.181; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 9cc602f3-752e-4ab5-ae1a-69cec2f27af3
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://usersync.gumgum.com/usersync?b=apn&i=1768410491449595057
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame E2C2
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_06a18e43-6b9f-42b8-9128-13044e4fe553&gdpr=0&gdpr_consent=&us_privacy=
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=a_06a18e43-6b9f-42b8-9128-13044e4fe553&gdpr=0&gdpr_consent=&us_privacy=
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=70f53b07-e2bb-49b5-b089-ad9bf93585cd&ssp=gumgum2
https://usersync.gumgum.com/usersync?b=bsw&i=df040c0e-c214-4361-b88e-07a2545f0bc2

35 B
250 B

13ms
13ms

Image
image/gif

13.112.54.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=bsw&i=df040c0e-c214-4361-b88e-07a2545f0bc2
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Server: 13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Sep 2022 09:13:39 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

Location: //usersync.gumgum.com/usersync?b=bsw&i=df040c0e-c214-4361-b88e-07a2545f0bc2
Date: Tue, 13 Sep 2022 09:13:39 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame E2C2
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sta&i=0-f95e373f-4ce4-433e-4f49-8780759f5850$ip$217.138.252.181

35 B
250 B

8ms
8ms

Image
image/gif

13.112.54.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sta&i=0-f95e373f-4ce4-433e-4f49-8780759f5850$ip$217.138.252.181
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Server: 13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Sep 2022 09:13:39 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=sta&i=0-f95e373f-4ce4-433e-4f49-8780759f5850$ip$217.138.252.181
Date: Tue, 13 Sep 2022 09:13:39 GMT
Connection: keep-alive
Content-Length: 129
Content-Type: text/html; charset=utf-8

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame E2C2
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=a_06a18e43-6b9f-42b8-9128-13044e4fe553&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
https://stags.bluekai.com/site/23178?id=rkaFR0Z_FBAg47MKA8bZ&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT24TLMFDFEMC2L5DEEQLHGQ3U2S2BHBRFU
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=rkaFR0Z_FBAg47MKA8bZ

35 B
250 B

8ms
7ms

Image
image/gif

13.112.54.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=rkaFR0Z_FBAg47MKA8bZ
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Server: 13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Sep 2022 09:13:39 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 13 Sep 2022 09:13:39 GMT
P3p: CP="We do not support P3P header."
Location: https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=rkaFR0Z_FBAg47MKA8bZ
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 103
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame E2C2
Redirect Chain

https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1663060418598
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3916562780
https://sync.1rx.io/usersync/tradedesk/25fd5c9c-bab9-421b-969e-7f1456c58397
https://sync.targeting.unrulymedia.com/csync/RX-93c9eb9f-521f-4010-8e39-3c733d582855-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-93c9eb9f-521f-4010-8e39-3c733d582855-004
https://usersync.gumgum.com/usersync?b=rhy&i=RX-93c9eb9f-521f-4010-8e39-3c733d582855-004

35 B
250 B

8ms
8ms

Image
image/gif

13.112.54.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=rhy&i=RX-93c9eb9f-521f-4010-8e39-3c733d582855-004
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Server: 13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Sep 2022 09:13:39 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=rhy&i=RX-93c9eb9f-521f-4010-8e39-3c733d582855-004
date: Tue, 13 Sep 2022 09:13:38 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX93c9eb9f521f40108e393c733d582855004
content-type: text/html

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame E2C2
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://usersync.gumgum.com/usersync?b=pln&i=FJ3M9HeJyZS9&ev=1&pid=558355

35 B
250 B

9ms
8ms

Image
image/gif

13.112.54.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=pln&i=FJ3M9HeJyZS9&ev=1&pid=558355
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Server: 13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Sep 2022 09:13:39 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: jp-JP
location: https://usersync.gumgum.com/usersync?b=pln&i=FJ3M9HeJyZS9&ev=1&pid=558355
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-757659594-ffpld
expires: -1

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame E2C2
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
https://usersync.gumgum.com/usersync?b=obn&i=ENC%28eJVgvr9nk0i8ODoDLsSlYJUIlcTdXYBB6enMsa3-VJpvtUoqAI8i5hI2veeRwbFV%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_06a18e43-6b9f-42b8-9128-13044e4fe553&obuid=ENC(eJVgvr9nk0i8ODoDLsSlYJUIlcTdXYBB6enMsa3-VJpvtUoqAI8i5hI2veeRwbFV)
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D%5Bssb_sync_pid%5...
https://sync.outbrain.com/cookie-sync?p=smart&uid=1872231576753694999&obUid=eJVgvr9nk0i8ODoDLsSlYJUIlcTdXYBB6enMsa3-VJpvtUoqAI8i5hI2veeRwbFV&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING

0
145 B

110ms
109ms

Image
text/plain

38.133.127.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=smart&uid=1872231576753694999&obUid=eJVgvr9nk0i8ODoDLsSlYJUIlcTdXYBB6enMsa3-VJpvtUoqAI8i5hI2veeRwbFV&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Server: 38.133.127.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 13 Sep 2022 09:13:39 GMT
Cache-Control: no-cache
X-TraceId: e45e7f0d67fcd3ffb758976c6e02c6e3
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=smart&uid=1872231576753694999&obUid=eJVgvr9nk0i8ODoDLsSlYJUIlcTdXYBB6enMsa3-VJpvtUoqAI8i5hI2veeRwbFV&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING
date: Tue, 13 Sep 2022 09:13:38 GMT
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame E2C2
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://usersync.gumgum.com/usersync?b=opx&i=d017cf44-d1ed-4e09-83ca-3e1a599f7bc4

35 B
250 B

8ms
6ms

Image
image/gif

13.112.54.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=opx&i=d017cf44-d1ed-4e09-83ca-3e1a599f7bc4
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Server: 13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Sep 2022 09:13:38 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

date: Tue, 13 Sep 2022 09:13:38 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://usersync.gumgum.com/usersync?b=opx&i=d017cf44-d1ed-4e09-83ca-3e1a599f7bc4
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
via: 1.1 google

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame E2C2
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=oth&i=y-23h_F.VE2pfVz7CPZw0EBOyOrLs0hKUscvQJ~A

35 B
250 B

8ms
8ms

Image
image/gif

13.112.54.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=oth&i=y-23h_F.VE2pfVz7CPZw0EBOyOrLs0hKUscvQJ~A
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Server: 13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Sep 2022 09:13:38 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

date: Tue, 13 Sep 2022 09:13:38 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://usersync.gumgum.com/usersync?b=oth&i=y-23h_F.VE2pfVz7CPZw0EBOyOrLs0hKUscvQJ~A
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame E2C2
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync...
https://usersync.gumgum.com/usersync?b=vnt&i=1d58c054-8259-45b6-9473-c853ef54acc3

35 B
250 B

8ms
7ms

Image
image/gif

13.112.54.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=vnt&i=1d58c054-8259-45b6-9473-c853ef54acc3
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Server: 13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Sep 2022 09:13:39 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=vnt&i=1d58c054-8259-45b6-9473-c853ef54acc3
Date: Tue, 13 Sep 2022 09:13:39 GMT
X-CI-RTID: a720e0d3-c7fb-42a1-9de5-875e268893d2
Connection: keep-alive
Content-Length: 108
Content-Type: text/html; charset=utf-8

GET
H2 204 services
sync.technoratimedia.com/ Frame E2C2 0
294 B 590ms
180ms Image
text/plain 141.148.45.191
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.148.45.191 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 09:13:39 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 809168418
access-control-allow-origin: https://rtb.gumgum.com/
access-control-allow-credentials: true

GET
H2 200 142
match.deepintent.com/usersync/ Frame E2C2 0
44 B 540ms
170ms Image
text/plain 169.197.150.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 09:13:38 GMT
content-length: 0
server: b

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame E2C2
Redirect Chain

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://usersync.gumgum.com/usersync?b=idi&i=85cadfbf-e647-43b4-aa6d-e7a5a1bc107b

35 B
250 B

7ms
7ms

Image
image/gif

13.112.54.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=idi&i=85cadfbf-e647-43b4-aa6d-e7a5a1bc107b
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Server: 13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Sep 2022 09:13:39 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=idi&i=85cadfbf-e647-43b4-aa6d-e7a5a1bc107b
date: Tue, 13 Sep 2022 09:13:38 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame E2C2
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sad&i=1872231576753694999

35 B
250 B

8ms
7ms

Image
image/gif

13.112.54.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sad&i=1872231576753694999
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Server: 13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Sep 2022 09:13:39 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=sad&i=1872231576753694999
date: Tue, 13 Sep 2022 09:13:39 GMT
content-length: 0

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame E2C2 43 B
479 B 292ms
183ms Image
image/gif 52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=a_06a18e43-6b9f-42b8-9128-13044e4fe553

Requested by

Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Sep 2022 09:13:39 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: 2SZCD49KBG3GSDN04NHZ
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 7495
Redirect Chain

https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
https://usersync.gumgum.com/usersync?b=inm&i=ID5-ZHMOKmajPa-Ui2x1IydwSy2RkvjkQM0-EaCigzZSnQ

35 B
250 B

8ms
7ms

Document
image/gif

13.112.54.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=inm&i=ID5-ZHMOKmajPa-Ui2x1IydwSy2RkvjkQM0-EaCigzZSnQ
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Tue, 13 Sep 2022 09:13:39 GMT
Expires: 0
Pragma: no-cache

Redirect headers

date: Tue, 13 Sep 2022 09:13:39 GMT
location: https://usersync.gumgum.com/usersync?b=inm&i=ID5-ZHMOKmajPa-Ui2x1IydwSy2RkvjkQM0-EaCigzZSnQ
p3p: CP="CAO PSA OUR"
strict-transport-security: max-age=63072000; includeSubDomains; preload
transfer-encoding: chunked
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 3A11 15 KB
6 KB 5ms
4ms Document
text/html 23.44.52.240
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.44.52.240 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-52-240.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=30300
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Tue, 13 Sep 2022 09:13:38 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Tue, 13 Sep 2022 17:38:38 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame C0AA
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=ttd&i=25fd5c9c-bab9-421b-969e-7f1456c58397

35 B
250 B

85ms
10ms

Document
image/gif

13.112.54.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=ttd&i=25fd5c9c-bab9-421b-969e-7f1456c58397
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Tue, 13 Sep 2022 09:13:38 GMT
Expires: 0
Pragma: no-cache

Redirect headers

cache-control: private,no-cache, must-revalidate
content-length: 193
content-type: text/html
date: Tue, 13 Sep 2022 09:13:38 GMT
location: https://usersync.gumgum.com/usersync?b=ttd&i=25fd5c9c-bab9-421b-969e-7f1456c58397
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 44A3
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://usersync.gumgum.com/usersync?b=mmh&i=90566320-49c2-4600-98d3-6e912e83b4f8&gdpr=0&gdpr_consent=

35 B
250 B

7ms
7ms

Document
image/gif

13.112.54.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=mmh&i=90566320-49c2-4600-98d3-6e912e83b4f8&gdpr=0&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Tue, 13 Sep 2022 09:13:38 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Tue, 13 Sep 2022 09:13:38 GMT
Expires: Tue, 13 Sep 2022 09:13:37 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 4505 5b23575 master hkg-pixel-x17 config:1.0.0
location: https://usersync.gumgum.com/usersync?b=mmh&i=90566320-49c2-4600-98d3-6e912e83b4f8&gdpr=0&gdpr_consent=

GET
H2 503 URnmbSKM Show response
sync-tm.everesttech.net/upi/pid/ Frame 5493 0
177 B 19ms
2ms Document
text/plain 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Tue, 13 Sep 2022 09:13:38 GMT
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-tyo11948-TYO
x-timer: S1663060418.438620,VS0,VE0

GET
H3

200

pixel Show response
cm.g.doubleclick.net/ Frame 873E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV8wNmExOGU0My02YjlmLTQyYjgtOTEyOC0xMzA0NGU0ZmU1NTM=&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV8wNmExOGU0My02YjlmLTQyYjgtOTEyOC0xMzA0NGU0ZmU1NTM=&gdpr=0&gdpr_consent=&google_tc=

170 B
188 B

76ms
40ms

Document
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV8wNmExOGU0My02YjlmLTQyYjgtOTEyOC0xMzA0NGU0ZmU1NTM=&gdpr=0&gdpr_consent=&google_tc=

Requested by

Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 170
content-type: image/png
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 09:13:38 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 364
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 09:13:38 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV8wNmExOGU0My02YjlmLTQyYjgtOTEyOC0xMzA0NGU0ZmU1NTM=&gdpr=0&gdpr_consent=&google_tc=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2 200 um Show response
cs.emxdgt.com/ Frame 7E06 0
67 B 544ms
177ms Document
text/plain 52.55.123.47
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.55.123.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-123-47.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

content-length: 0
content-type: text/plain; charset=utf-8
date: Tue, 13 Sep 2022 09:13:38 GMT
server: awselb/2.0

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame AE3C
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://usersync.gumgum.com/usersync?b=sus&i=YyBJwsCo5r8AAK91HPEAAAAA

35 B
250 B

6ms
6ms

Document
image/gif

13.112.54.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=sus&i=YyBJwsCo5r8AAK91HPEAAAAA
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Tue, 13 Sep 2022 09:13:38 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Cache-Control: private
Connection: keep-alive
Content-Length: 0
Date: Tue, 13 Sep 2022 09:13:38 GMT
Location: https://usersync.gumgum.com/usersync?b=sus&i=YyBJwsCo5r8AAK91HPEAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
Server: nginx
X-SO-Ads-Time: 2
X-SO-Cluster-ID: 48
X-SO-HostName: a-ad40054.dc2p.scaleout.jp
X-SO-IP: 217.138.252.181
X-SO-Key: YyBJwsCo5r8AAK91HPEAAAAA
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":48,"gdpr":false,"ipv4":"217.138.252.181","key":"YyBJwsCo5r8AAK91HPEAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40054"}
X-SO-LB-Hostname: a-tgng40001.dc2p.scaleout.jp
X-SO-Upstream-ID: a-ad40054

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame CFDB
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D&s=189872&C=1
https://usersync.gumgum.com/usersync?b=iex&i=YyBJwqqwyxKGsZ9oGbA8RAAA%264705

35 B
250 B

9ms
9ms

Document
image/gif

13.112.54.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=iex&i=YyBJwqqwyxKGsZ9oGbA8RAAA%264705
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Tue, 13 Sep 2022 09:13:38 GMT
Expires: 0
Pragma: no-cache

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 749fc49fba5b1f57-NRT
content-length: 0
date: Tue, 13 Sep 2022 09:13:38 GMT
expires: 0
location: https://usersync.gumgum.com/usersync?b=iex&i=YyBJwqqwyxKGsZ9oGbA8RAAA%264705
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2Ft6NAm0v9E7jwq205ivDbeMYaPk4uIvnHwTNkDzRz2GtA1o0HSOxVnMfU4dsb6KDIEA2X56Q8c7EDid2UPP3s1gSAYOi5sII16b2IXEiNZ28cBCnkT0R%2BR26OBFf3GD3JPNhoCdFU0CdA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 51EA
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://creativecdn.com/cm-notify?pi=gumgum&tc=1
https://usersync.gumgum.com/usersync?b=rth&i=5lN59A0FPbYGBtwsd71P&pi=gumgum&tc=1

35 B
250 B

7ms
6ms

Document
image/gif

13.112.54.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=rth&i=5lN59A0FPbYGBtwsd71P&pi=gumgum&tc=1
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Tue, 13 Sep 2022 09:13:39 GMT
Expires: 0
Pragma: no-cache

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Tue, 13 Sep 2022 09:13:39 GMT Tue, 13 Sep 2022 09:13:39 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://usersync.gumgum.com/usersync?b=rth&i=5lN59A0FPbYGBtwsd71P&pi=gumgum&tc=1
pragma: no-cache

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame BB81
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
https://eus.rubiconproject.com/usync.html?p=gumgum

281 B
573 B

3ms
2ms

Document
text/html

104.88.208.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.88.208.33 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-88-208-33.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Sep 2022 09:13:38 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Unused62: 8096267
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 13 Sep 2022 09:13:38 GMT
location: https://eus.rubiconproject.com/usync.html?p=gumgum
server: AkamaiGHost

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 51AF 0
42 B 13ms
2ms Script
text/plain 103.231.99.243
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=90070347&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.243 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 09:13:38 GMT
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 5062
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&gdpr=0&us_privacy=1---&khaos=L7ZZ8EOY-Y-DVIC
https://s.amazon-adsystem.com/ecm3?id=L7ZZ8EOY-Y-DVIC&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---

43 B
479 B

220ms
183ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=L7ZZ8EOY-Y-DVIC&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Sep 2022 09:13:39 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: HSR0FSNB0SPK9HG97M7Z
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?id=L7ZZ8EOY-Y-DVIC&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: ace9692b4e77bdf741ff63add80edaca
Expires: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame BB81 32 KB
10 KB 3ms
2ms Script
text/html 104.88.208.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.88.208.33 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-88-208-33.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: eb940c1d146aea06f890f0efc054b9ecf1cf1c256020934f573b72de8d6b3f9b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 13 Sep 2022 09:13:38 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 16:22:46 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=71355
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9451
Expires: Wed, 14 Sep 2022 05:02:53 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame BB81
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&gdpr_consent=undefined&gdpr=0&us_privacy=1---&khaos=L7ZZ8EOY-Y-DVIC
https://usersync.gumgum.com/usersync?b=mag&i=L7ZZ8EOY-Y-DVIC&gdpr=0&gdpr_consent=undefined&us_privacy=1---

35 B
250 B

8ms
8ms

Image
image/gif

13.112.54.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=mag&i=L7ZZ8EOY-Y-DVIC&gdpr=0&gdpr_consent=undefined&us_privacy=1---
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Server: 13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Sep 2022 09:13:38 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://usersync.gumgum.com/usersync?b=mag&i=L7ZZ8EOY-Y-DVIC&gdpr=0&gdpr_consent=undefined&us_privacy=1---
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 6683ee3a8662a9679fcacb9fe223a3f8
Expires: 0

GET
H/1.1 200
OK dcm
aax-eu.amazon-adsystem.com/s/ Frame 5062 43 B
855 B 1092ms
321ms Image
image/gif 52.94.220.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.94.220.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Sep 2022 09:13:39 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: 2QB882KPCASJ7P7DKZFR
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5062
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDZmMDIyOTlkMGM5NTRmMGM4YmUxYmU0MTc2ZmU5NTBiODdhZWVmOA&gdpr=0&us_privacy=1---

170 B
188 B

44ms
40ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDZmMDIyOTlkMGM5NTRmMGM4YmUxYmU0MTc2ZmU5NTBiODdhZWVmOA&gdpr=0&us_privacy=1---

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 09:13:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDZmMDIyOTlkMGM5NTRmMGM4YmUxYmU0MTc2ZmU5NTBiODdhZWVmOA&gdpr=0&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6683ee3a8662a9679fcacb9fe223a3f8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 5062
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=25fd5c9c-bab9-421b-969e-7f1456c58397&gdpr=0&gdpr_consent=&expires=30

42 B
710 B

442ms
112ms

Image
image/gif

8.39.36.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=25fd5c9c-bab9-421b-969e-7f1456c58397&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol: HTTP/1.1
Server: 8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 6683ee3a8662a9679fcacb9fe223a3f8
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 13 Sep 2022 09:13:38 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=25fd5c9c-bab9-421b-969e-7f1456c58397&gdpr=0&gdpr_consent=&expires=30
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 289

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 5062
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1---
https://pr-bh.ybp.yahoo.com/sync/rubicon/6oBeswgSO8Mr82Jf6Tg0lg?csrc=&gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6840844656041498326

42 B
710 B

110ms
110ms

Image
image/gif

8.39.36.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6840844656041498326
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol: HTTP/1.1
Server: 8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 6683ee3a8662a9679fcacb9fe223a3f8
Content-Type: image/gif

Redirect headers

date: Tue, 13 Sep 2022 09:13:39 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6840844656041498326
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5062
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdaWjhFT1ktWS1EVklD&gdpr=0&us_privacy=1---

170 B
188 B

41ms
39ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdaWjhFT1ktWS1EVklD&gdpr=0&us_privacy=1---

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 09:13:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdaWjhFT1ktWS1EVklD&gdpr=0&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6683ee3a8662a9679fcacb9fe223a3f8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 5062
Redirect Chain

https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1---
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L7ZZ8EOY-Y-DVIC&gdpr=0&us_privacy=1---

0
573 B

197ms
178ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L7ZZ8EOY-Y-DVIC&gdpr=0&us_privacy=1---
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 09:13:39 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 9B4ED0A11F64419ABDBD95D426AFE463 Ref B: TYO01EDGE3205 Ref C: 2022-09-13T09:13:39Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXoi22FRxzS5wS3HvJLtg==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L7ZZ8EOY-Y-DVIC&gdpr=0&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6683ee3a8662a9679fcacb9fe223a3f8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 5062
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=r3v35yYlSS-dWvk77BA-Hg&rk=usync-na&gdpr=0
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=r3v35yYlSS-dWvk77BA-Hg&gdpr=0

43 B
479 B

208ms
184ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=r3v35yYlSS-dWvk77BA-Hg&gdpr=0

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Sep 2022 09:13:39 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: Q8CZK0TB6498DT5ANE9S
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=r3v35yYlSS-dWvk77BA-Hg&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6683ee3a8662a9679fcacb9fe223a3f8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 5062
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEG1C_RPWjAWbobPl9EDcUnU&google_cver=1

42 B
710 B

425ms
106ms

Image
image/gif

8.39.36.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEG1C_RPWjAWbobPl9EDcUnU&google_cver=1
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol: HTTP/1.1
Server: 8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 6683ee3a8662a9679fcacb9fe223a3f8
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 13 Sep 2022 09:13:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEG1C_RPWjAWbobPl9EDcUnU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 337
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame DD6F 43 B
479 B 422ms
182ms Image
image/gif 52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=g510932567338b737da6&gdpr=0

Requested by

Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://sync-amz.ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Sep 2022 09:13:39 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: KJSV27TWRGXR95N1FYCJ
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sync
ads.yieldmo.com/ Frame DD6F
Redirect Chain

https://pixel-apac.rubiconproject.com/exchange/sync.php?p=yieldmo
https://ads.yieldmo.com/sync?pn_id=rc&id=L7ZZ8EOY-Y-DVIC

43 B
438 B

69ms
69ms

Image
image/gif

52.74.163.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/sync?pn_id=rc&id=L7ZZ8EOY-Y-DVIC
Requested by: Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol: H2
Server: 52.74.163.173 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-74-163-173.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://sync-amz.ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 13 Sep 2022 09:13:39 GMT
content-type: image/gif
content-length: 43
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://ads.yieldmo.com/sync?pn_id=rc&id=L7ZZ8EOY-Y-DVIC
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 548ddf114c6f6bfbb66a4cdeb6a219f4
Expires: 0

GET
H2

200

sync
ads.yieldmo.com/v000/ Frame DD6F
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=gc631747aaf11d48c19e
https://ads.yieldmo.com/v000/sync?tdid=25fd5c9c-bab9-421b-969e-7f1456c58397

43 B
336 B

320ms
69ms

Image
image/gif

52.74.163.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/sync?tdid=25fd5c9c-bab9-421b-969e-7f1456c58397
Requested by: Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol: H2
Server: 52.74.163.173 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-74-163-173.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://sync-amz.ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 13 Sep 2022 09:13:39 GMT
content-type: image/gif
content-length: 43
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

Redirect headers

pragma: no-cache
date: Tue, 13 Sep 2022 09:13:38 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ads.yieldmo.com/v000/sync?tdid=25fd5c9c-bab9-421b-969e-7f1456c58397
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 181

GET
H2

200

sync
ads.yieldmo.com/ Frame DD6F
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=21
https://ads.yieldmo.com/sync?pn_id=stk&userid=5SMUdNX2Tq1yL4zNIXPZwNmK_LU&gdpr=&gdpr_consent=

43 B
665 B

71ms
70ms

Image
image/gif

52.74.163.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/sync?pn_id=stk&userid=5SMUdNX2Tq1yL4zNIXPZwNmK_LU&gdpr=&gdpr_consent=
Requested by: Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol: H2
Server: 52.74.163.173 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-74-163-173.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://sync-amz.ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 13 Sep 2022 09:13:39 GMT
content-type: image/gif
content-length: 43
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

Redirect headers

Location: https://ads.yieldmo.com/sync?pn_id=stk&userid=5SMUdNX2Tq1yL4zNIXPZwNmK_LU&gdpr=&gdpr_consent=
Date: Tue, 13 Sep 2022 09:13:39 GMT
Connection: keep-alive
Content-Length: 128
Content-Type: text/html; charset=utf-8

GET
H2

200

sync
ads.yieldmo.com/ Frame DD6F
Redirect Chain

https://yieldmo-match.dotomi.com/match/bounce/current?networkId=42851&version=1
https://yieldmo-match.dotomi.com/match/bounce/current?DotomiTest=17f59bc9ea321af6&is_secure=true&networkId=42851&version=1
https://ads.yieldmo.com/sync?pn_id=eps&id=AAALfPXNSGTG7QNWbEVUAAAAAAA&expiration=1663146819&is_secure=true

43 B
551 B

71ms
70ms

Image
image/gif

52.74.163.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/sync?pn_id=eps&id=AAALfPXNSGTG7QNWbEVUAAAAAAA&expiration=1663146819&is_secure=true
Requested by: Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol: H2
Server: 52.74.163.173 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-74-163-173.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://sync-amz.ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 13 Sep 2022 09:13:39 GMT
content-type: image/gif
content-length: 43
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

Redirect headers

pragma: no-cache
date: Tue, 13 Sep 2022 09:13:39 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://ads.yieldmo.com/sync?pn_id=eps&id=AAALfPXNSGTG7QNWbEVUAAAAAAA&expiration=1663146819&is_secure=true
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame DD6F 43 B
235 B 68ms
5ms Image
image/gif 35.213.12.39
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=yieldmo
Requested by: Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 39.12.213.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://sync-amz.ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 13 Sep 2022 09:13:38 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 28D5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YyBJwrLsyE8QionNFyTJWwAAEl4AAAIB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESED6DRZU6Gg4d18MHPwst-DQ&google_cver=1

43 B
843 B

101ms
100ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESED6DRZU6Gg4d18MHPwst-DQ&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 749fc4a1ec371f57-NRT
pragma: no-cache
date: Tue, 13 Sep 2022 09:13:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AkmRDOa8ndAibH8Hn9mFezY4pqhun39PyPL7Ty4FOCG1tw9%2BndM3B%2FJpxlrd7qWDsaXsxUp4hi3wdQXgPBjFJdtasMdvKZdiWg1IHg7kjM8wvkE4DXSlgg%2FocFrSu67KDcKxhKF5lqGfGw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Sep 2022 09:13:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESED6DRZU6Gg4d18MHPwst-DQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 28D5
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YyBJwrLsyE8QionNFyTJWwAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFP27zG9M7J2DFeN0h8Otn8&google_cver=1

43 B
848 B

128ms
126ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFP27zG9M7J2DFeN0h8Otn8&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 749fc4a49a6c34ff-NRT
pragma: no-cache
date: Tue, 13 Sep 2022 09:13:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rs7kR8ijCTIlxiWVn%2FAApLawgMWOgzaAIM%2BzGTNZ8F4RUJUyFemu1U6I7Ic%2F6yFAW4jt%2Bu4YXhNbTxz%2FuBcwJNfwfJZtmJ5SkMwPgFbG9h1Kzqx3VKKbfZfo2OD2BqTb%2BlUDVviatGWsFA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Sep 2022 09:13:39 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFP27zG9M7J2DFeN0h8Otn8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame 28D5 43 B
855 B 437ms
180ms Image
image/gif 52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YyBJwrLsyE8QionNFyTJWwAAEl4AAAIB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Sep 2022 09:13:39 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: WT5TR8NXFGESX1NAZ572
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 28D5
Redirect Chain

https://match.adsrvr.org/track/cmf/casale
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=25fd5c9c-bab9-421b-969e-7f1456c58397&expiration=1665652418&gdpr=0&gdpr_consent=

43 B
885 B

272ms
93ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=25fd5c9c-bab9-421b-969e-7f1456c58397&expiration=1665652418&gdpr=0&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol: H2
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 749fc4a2caa08a63-NRT
pragma: no-cache
date: Tue, 13 Sep 2022 09:13:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yPiYz6aZ4v6obJwDlwi5M%2FsMlTBpmN30j8PmeQJyx12S6BCEcdGkaEEL5ffZX965qOTuLU1r%2BgzvP%2Ba%2FJJ%2B5WHfHFwc7h4TL12NdUgG3U3x%2FU3c7MiDpLLIobZwltcazuNMdbLFhMRhlCA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Sep 2022 09:13:38 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=25fd5c9c-bab9-421b-969e-7f1456c58397&expiration=1665652418&gdpr=0&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 323

GET
H2

200

YyBJwrLsyE8QionNFyTJWwAAEl4AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 28D5
Redirect Chain

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YyBJwrLsyE8QionNFyTJWwAAEl4AAAIB&gdpr_consent=&us_privacy=&gdpr=
https://pr-bh.ybp.yahoo.com/sync/casale/YyBJwrLsyE8QionNFyTJWwAAEl4AAAIB

43 B
1 KB

74ms
74ms

Image
image/gif

2406:da18:929:5a00:9a2c:8e82:ae9c:de5c
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YyBJwrLsyE8QionNFyTJWwAAEl4AAAIB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1

Protocol

Server

2406:da18:929:5a00:9a2c:8e82:ae9c:de5c Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 09:13:38 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
content-length: 43
x-content-type-options: nosniff

Redirect headers

location: https://pr-bh.ybp.yahoo.com/sync/casale/YyBJwrLsyE8QionNFyTJWwAAEl4AAAIB
date: Tue, 13 Sep 2022 09:13:38 GMT
server: ATS/9.1.10.25
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 28D5
Redirect Chain

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=BdXaRgffi0Ue19FAAoLFQVCC2BAe3o5BANYRueB3

43 B
875 B

154ms
149ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=BdXaRgffi0Ue19FAAoLFQVCC2BAe3o5BANYRueB3
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 749fc4a3a98f34ff-NRT
pragma: no-cache
date: Tue, 13 Sep 2022 09:13:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rZmuwkNhRKFssxOtmeE36V4zM623haGmTIEGqN0xZpJTjSUOoBxppgGmhuta2bkdoicLTuQ1MvqxCf8c6jS%2BUHOpyoPjeSLsO9YKUIf4XstfYVomYzZbnPrMb9VIlYDUFR4bj3v80dSE2A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Sep 2022 09:13:39 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=BdXaRgffi0Ue19FAAoLFQVCC2BAe3o5BANYRueB3
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 28D5
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=793f1314-115f-4324-9df8-065b48a20f9e&us_privacy=null&gdpr_consent=null&gdpr=null

43 B
421 B

247ms
246ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=793f1314-115f-4324-9df8-065b48a20f9e&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol: H2
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 749fc4a33b228a63-NRT
pragma: no-cache
date: Tue, 13 Sep 2022 09:13:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NDwi64YhMwawRk0XdHwlyMkOejgiNbHsfiny80GG3vIkdHfqa%2F3eF2%2Fy9p1UyZZKSYsy5F0et3CMW9MAh7NcFCPq9qLTZKpkoMa8YA4fKjaVTCZvIwnXoxvJW9WL%2F2kT6%2BSEfML%2FhQOihQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=793f1314-115f-4324-9df8-065b48a20f9e&us_privacy=null&gdpr_consent=null&gdpr=null
date: Tue, 13 Sep 2022 09:13:39 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 749fc4a1ab54afee-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 28D5
Redirect Chain

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
https://stags.bluekai.com/site/23178?id=JREQaHfK3z08cTJ-9gIN&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2SSSIVIWC...
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=JREQaHfK3z08cTJ-9gIN

43 B
841 B

115ms
115ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=JREQaHfK3z08cTJ-9gIN
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 749fc4a61c6634ff-NRT
pragma: no-cache
date: Tue, 13 Sep 2022 09:13:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FVC3cWDLUx%2BWPZ7uWs5Bhz36OIKLI0MFWRPeuEzcLfTrHtwSoW7C8ockiahhcXgK01GmGsnV6GvhYV6Mjn5iYOFjjTAh9h8S0i1uWyDdnhb8hBP816wkWsi9VwUqHmgbYVO85C1pGTFPAw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 13 Sep 2022 09:13:39 GMT
P3p: CP="We do not support P3P header."
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=JREQaHfK3z08cTJ-9gIN
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 115
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame 28D5 43 B
479 B 443ms
181ms Image
image/gif 52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=index.com&id=YyBJwrLsyE8QionNFyTJWwAAEl4AAAIB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Sep 2022 09:13:39 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: 8WTHYMN49VKZ13XGNGG4
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame 7F5B 43 B
479 B 405ms
179ms Image
image/gif 52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=7f014d33-82f2-439b-b618-ee5b117602a1

Requested by

Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://match.sharethrough.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Sep 2022 09:13:39 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: 3XZJ9MZ0HHPNZ0233F8B
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

v1
match.sharethrough.com/sync/ Frame 7F5B
Redirect Chain

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=25fd5c9c-bab9-421b-969e-7f1456c58397&gdpr=0&gdpr_consent=

68 B
279 B

71ms
69ms

Image
image/png

54.255.75.208
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=25fd5c9c-bab9-421b-969e-7f1456c58397&gdpr=0&gdpr_consent=
Requested by: Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol: H2
Server: 54.255.75.208 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-255-75-208.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://match.sharethrough.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 09:13:38 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Tue, 13 Sep 2022 09:13:38 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=25fd5c9c-bab9-421b-969e-7f1456c58397&gdpr=0&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 323

GET
H2

204

pixelSync
pixel-sync.sitescout.com/dmp/ Frame 7F5B
Redirect Chain

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=97&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DgBgkxrVErPj9wqivTDd2AmVY%26source_user_id%3D%7BuserId%7D&gdpr=0&gdpr_consent=

0
191 B

750ms
250ms

Image
text/plain

66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=97&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DgBgkxrVErPj9wqivTDd2AmVY%26source_user_id%3D%7BuserId%7D&gdpr=0&gdpr_consent=
Requested by: Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol: H2
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://match.sharethrough.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 09:13:38 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=97&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DgBgkxrVErPj9wqivTDd2AmVY%26source_user_id%3D%7BuserId%7D&gdpr=0&gdpr_consent=
date: Tue, 13 Sep 2022 09:13:38 GMT
content-length: 0

GET
H2

200

v1
match.sharethrough.com/sync/ Frame 7F5B
Redirect Chain

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=25fd5c9c-bab9-421b-969e-7f1456c58397&gdpr=0&gdpr_consent=

68 B
279 B

73ms
70ms

Image
image/png

54.255.75.208
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=25fd5c9c-bab9-421b-969e-7f1456c58397&gdpr=0&gdpr_consent=
Requested by: Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol: H2
Server: 54.255.75.208 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-255-75-208.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://match.sharethrough.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 09:13:38 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Tue, 13 Sep 2022 09:13:38 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=25fd5c9c-bab9-421b-969e-7f1456c58397&gdpr=0&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 323

GET
H2

200

v1
match.sharethrough.com/sync/ Frame 7F5B
Redirect Chain

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=25fd5c9c-bab9-421b-969e-7f1456c58397&gdpr=0&gdpr_consent=

68 B
279 B

74ms
72ms

Image
image/png

54.255.75.208
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=25fd5c9c-bab9-421b-969e-7f1456c58397&gdpr=0&gdpr_consent=
Requested by: Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol: H2
Server: 54.255.75.208 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-255-75-208.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://match.sharethrough.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 09:13:38 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Tue, 13 Sep 2022 09:13:38 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=25fd5c9c-bab9-421b-969e-7f1456c58397&gdpr=0&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 323

POST
H2 200 auction Show response
argus-fra1.snigelweb.com/ingress/v1/ 0
94 B 278ms
259ms XHR
text/plain 2606:4700:10::6816:184a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://argus-fra1.snigelweb.com/ingress/v1/auction?id=2529996716
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/argus/argus.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:184a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wheeloffortunecheats.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 13 Sep 2022 09:13:39 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 749fc4a39902b00f-NRT
content-length: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 101ms
52ms XHR
application/json 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022091201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js?cb=31069553

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a273d77e4d1243d36185c10ab9061f9d743bd402514df099942caa8e4716357f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.wheeloffortunecheats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Sep 2022 09:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11067
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 138ms
51ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091201.js?cb=31069553

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.wheeloffortunecheats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 09:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 13 Sep 2022 09:13:41 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3BD5 13 KB
5 KB 48ms
4ms Document
text/html 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wheeloffortunecheats.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 2284
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 08:35:37 GMT
expires: Wed, 13 Sep 2023 08:35:37 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C687 783 B
1 KB 100ms
43ms Document
text/html 2404:6800:4004:821::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

77dbd77226dff37c26037b9cccc9d05ed316d07ac63a683faaedc16dca3fda2a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_BwGS0Ghra1ieBLn3E2F9w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wheeloffortunecheats.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-_BwGS0Ghra1ieBLn3E2F9w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 09:13:41 GMT
expires: Tue, 13 Sep 2022 09:13:41 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 JRDtgcUl_7OUjJ4QO8bVbwNuRTRqDUxuSBYCwiPHS6U.js Show response
pagead2.googlesyndication.com/bg/ Frame 3BD5 36 KB
16 KB 43ms
3ms Script
text/javascript 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JRDtgcUl_7OUjJ4QO8bVbwNuRTRqDUxuSBYCwiPHS6U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2510ed81c525ffb3948c9e103bc6d56f036e45346a0d4c6e481602c223c74ba5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 20:17:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 564993
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15893
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Sep 2023 20:17:08 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C687 0
0 51ms
40ms Image
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022091201&jk=4170612928635940&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3BD5 0
10 B 3ms
2ms Image
text/plain 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Uj9-6g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 09:13:41 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 40ms
39ms Image
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022091201&jk=4170612928635940&bg=!sLOls_fNAAZTikH4c4o7ACkAdvg8Wu-63NocQ4EGilRxaGqI3TjRnbOzMOy5JqTCcktWcWOq-3SOUwIAAABJUgAAAAdoAQeZAv2SkQ5N50Vt4RHa1k4mwinXQfN8e5FZbvA0827faqe6opUzB3-EPHiMQ65WgdU4kZoF4x1uYWpWIF2ygjDPyLqwXpGCgVZsSVIgSxR-E9Ig7fT7nNvwiQ0xboJAE38khYGfgeEHrOyhYFuK7PrWpt5pZQWd1ouOyATnVhmTW0t-iJW2Bf4BmQFOEpr6OEq8ahI4t_Qigsc8fmKWw43AXIt65noCQNVs0hmGnwS-tlsamIkO1YPwuZ5VMlpzNRnrj0_n9eCKm1vP_5oRihf15D1NqvFFNxjbMo-x449e_94pSgG-aM1eavSL3ZwGSKNQEWD7kqnDcbWg2R2abI55E5EplaIBxPqb--ZdZZLledD_AAnnYgTLquhIFUCqx8aVq-zqsvvymEzcnOAPFwvvfw_wbFnlI5HNxgqPhabi3m6dBamaLwhSOs86tBA1X8L_KQY4zQQ5HPUlW-87mIi3aP6dg7ywux6o2PgYzxMFFg8l3OCcAdKG9FEyaj_GiIVdueI2KRaB1c4W28J76zPsVQxOnEUtPPNNCoFLM-DUzahaGYnYYq8FuIUB9ERUOCNRehl0mOYxvHsKt3P2Efk744Bn4A_1THT2bUQbPdBMNTwqHRPg869Vk0rurocaSa3Ep8lAYhOw-sDPRG6bSO_jiNLgGAPvL2Igcw5T-5D0ZFY2OeLB7SL_WfO3pmEMXyEzQYIhXy92ueuCBHr8Ut9JWc0xbxG6330031St01gMP9_oLKm_JWDXRj0lbkleWJRpXHPhKoGkphwL1zfa_b668NV_38_itTBSR0rH-Zs8no_TDwb4Qj-0rLqkI_aMSw0RfIVOZ5eTecx10s_zNi7lEOgqpo0E1BVGnRDViFEZblKWM2SLFDGtjoOOvQ5GkmGw7JbQbum_wwyld7t_i4d-TEE9sUVRcFXevlisni2LZbTuNzPyMPykAGjQ3Ico4mzw6E6EVK6ctf0M0gTbKCeX1tY50RtHxw-NTWSdSnX2wEM94MRdKoe6wtt3-GYhX1o
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.wheeloffortunecheats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 471A 52 KB
17 KB 172ms
3ms Document
text/html 23.207.172.231

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/5.20.2/prebid.js?v=4665-1662990105556
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.207.172.231 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.wheeloffortunecheats.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 13 Sep 2022 09:13:43 GMT
ETag: "623de86a-cf34"
Expires: Wed, 14 Sep 2022 09:13:45 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET /
onetag-sys.com/usync/ Frame C4BC 0
0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 8D92 281 B
573 B 7ms
3ms Document
text/html 104.88.208.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/5.20.2/prebid.js?v=4665-1662990105556
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.88.208.33 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-88-208-33.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.wheeloffortunecheats.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Sep 2022 09:13:43 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame EF04 3 KB
2 KB 11ms
3ms Document
text/html 23.207.173.53

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/5.20.2/prebid.js?v=4665-1662990105556
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.207.173.53 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.wheeloffortunecheats.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1387
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Sep 2022 09:13:43 GMT
ETag: "e20015-b68-5e4a60c97afb7"
Last-Modified: Mon, 25 Jul 2022 19:18:30 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET get_user_agent_id
cookie-matching.mediarithmics.com/v1/ 0
0

GET genericusersync.ashx
sync.tidaltv.com/ 0
0

GET

/
rtb-csync.smartadserver.com/redir/
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=FJ3M9HeJyZS9&ev=1&pid=560288&gdpr_consent=&gdpr=0

0
0

GET /
rtb-csync.smartadserver.com/redir/ 0
0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 8D92 32 KB
10 KB 4ms
3ms Script
text/html 104.88.208.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.88.208.33 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-88-208-33.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: eb940c1d146aea06f890f0efc054b9ecf1cf1c256020934f573b72de8d6b3f9b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 13 Sep 2022 09:13:43 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 16:22:46 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=71350
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9451
Expires: Wed, 14 Sep 2022 05:02:53 GMT

GET async_usersync
ib.adnxs.com/ Frame 471A 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=107

Domain: prg.smartadserver.com
URL: https://prg.smartadserver.com/prebid/v1

Domain: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1663060418075&us_privacy=1---

Domain: cookie-matching.mediarithmics.com
URL: https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=smart17&gdpr=0&gdpr_consent=

Domain: sync.tidaltv.com
URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=

Domain: rtb-csync.smartadserver.com
URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=FJ3M9HeJyZS9&ev=1&pid=560288&gdpr_consent=&gdpr=0

Domain: rtb-csync.smartadserver.com
URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent=

Domain: rtb-csync.smartadserver.com
URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent=

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

89 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.wheeloffortunecheats.com/	1970-01-20 15:33:40	Name: _ga Value: GA1.2.1243412334.1663060417
.wheeloffortunecheats.com/	1970-01-20 05:59:06	Name: _gid Value: GA1.2.876009790.1663060417
.wheeloffortunecheats.com/	1970-01-20 05:57:40	Name: _gat_gtag_UA_104704225_1 Value: 1
www.wheeloffortunecheats.com/	1970-01-20 06:40:52	Name: _pbjs_userid_consent_data Value: 6683316680106290
www.wheeloffortunecheats.com/	1970-01-20 05:57:44	Name: _lr_retry_request Value: true
www.wheeloffortunecheats.com/	1970-01-20 06:40:52	Name: _lr_env_src_ats Value: false
.adsrvr.org/	1970-01-20 14:43:16	Name: TDID Value: 25fd5c9c-bab9-421b-969e-7f1456c58397
www.wheeloffortunecheats.com/	1970-01-20 15:19:16	Name: cto_bundle Value: bgLzPV9BNzhnNTMxTUVKSCUyQnpRbDhVa1dvU3ExVkFKMGFnZkwxVHNIbko2S0tjVkJueTBTbnpoWSUyQkFCM1RQR0RzSFdXJTJCUHhIc2UzNDhSbjNFUVBhd01SQm8zUDhzcTZXYzU1bUVQN2xwRXhha2ljTTJNbk5LWXhLTldKJTJCT0I2NCUyRmJRNWhObEZ1WldVOFlPZ1ptV3Z0cFhybVpnJTNEJTNE
www.wheeloffortunecheats.com/	1970-01-20 15:19:16	Name: cto_bidid Value: UDb01V9tUFl2TFFZM2lOdlZ5NE16Tjk4d3dlbHc3T25zZUVvbk9mRFA2b0g4VElwU0wyN3VpZVlkMzFRbEFKbXRwbmlGZnZycXJuOFE1OVZCVmdOeVpDVG1pbDJUU3pmREZwUWYlMkZvb0NkUmNqZUZFJTNE
.adnxs.com/	1970-01-20 08:07:16	Name: icu Value: ChgI_b1WEAoYASABKAEwwZOBmQY4AUABSAEQwZOBmQYYAA..
.adnxs.com/	1970-01-20 08:07:16	Name: uuid2 Value: 1768410491449595057
.yahoo.com/	1970-01-20 14:43:38	Name: A3 Value: d=AQABBMFJIGMCEBMjAbrEsrXveZ40ysi-RnYFEgEBAQGbIWMqYwAAAAAA_eMAAA&S=AQAAAvou1Tvvq5ihY6ECtFcf4Vw
.rubiconproject.com/	1970-01-20 14:43:16	Name: khaos Value: L7ZZ8EOY-Y-DVIC
.smartadserver.com/	1970-01-20 14:43:16	Name: pbw Value: %24b%3d16999%3b%24o%3d11100
.smartadserver.com/	1969-12-31 23:59:59	Name: vs Value: 272427=5101033
.smartadserver.com/	1969-12-31 23:59:59	Name: TestIfCookie Value: ok
.smartadserver.com/	1970-01-20 14:43:16	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 05:59:06	Name: sasd Value: %24qc%3D1311284246%3B%24ql%3DHigh%3B%24qpc%3D162-0843%3B%24qt%3D36_1721_129814t%3B%24dma%3D0
.smartadserver.com/	1970-01-20 14:43:16	Name: pid Value: 1872231576753694999
.smartadserver.com/	1970-01-20 05:59:06	Name: sasd2 Value: q=%24qc%3D1311284246%3B%24ql%3DHigh%3B%24qpc%3D162-0843%3B%24qt%3D36_1721_129814t%3B%24dma%3D0&c=1&l=-669273157&lo=1739943965&lt=637986572179271329&o=1
.id5-sync.com/	1970-01-20 05:57:40	Name: callback Value:
.amazon-adsystem.com/	1970-01-20 10:45:40	Name: ad-id Value: A-KDTo6O90YzrGlZCBV6c60
.amazon-adsystem.com/	1970-01-20 15:33:40	Name: ad-privacy Value: 0
.gumgum.com/	1970-01-20 14:43:16	Name: vst Value: a_06a18e43-6b9f-42b8-9128-13044e4fe553
.casalemedia.com/	1970-01-20 08:07:16	Name: CMPS Value: 4705
.openx.net/	1970-01-20 14:43:16	Name: i Value: f486546d-507f-49a8-be67-e61ff5e8497f\|1663060418
.doubleclick.net/	1970-01-20 15:33:40	Name: IDE Value: AHWqTUnBJ_mR8By1z434qz9HmIPTAzLjzGEnumwnvFKeREApacwqMqPUu3aO_uLiCXY
.socdm.com/	1970-01-20 15:33:40	Name: SOC Value: YyBJwsCo5r8AAK91HPEAAAAA
.doubleclick.net/	1970-01-20 05:57:41	Name: test_cookie Value: CheckForPermission
.wheeloffortunecheats.com/	1970-01-20 15:19:16	Name: __gads Value: ID=1e0612cc31d485a1:T=1663060418:S=ALNI_MZndUA-k2pUC8kmGzmn9sFxWK_BmQ
.wheeloffortunecheats.com/	1970-01-20 15:19:16	Name: __gpi Value: UID=000009c6e7a2a761:T=1663060418:RT=1663060418:S=ALNI_MYsq0pUiEEx73QynNuR--zWOnsdwQ
.mathtag.com/	1970-01-20 15:23:35	Name: uuid Value: e1ab6320-49c2-4500-bafc-1591abdb9e7c
.3lift.com/	1970-01-20 08:07:16	Name: tluid Value: 3653888948030760734942
.yieldmo.com/	1970-01-20 14:43:16	Name: yieldmo_id Value: g510932567338b737da6%7C1663060418718%7C0%7C
.casalemedia.com/	1970-01-20 14:43:16	Name: CMID Value: YyBJwrLsyE8QionNFyTJWwAA
.casalemedia.com/	1970-01-20 08:07:16	Name: CMPRO Value: 4702
.1rx.io/	1970-01-20 14:43:16	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-93c9eb9f-521f-4010-8e39-3c733d582855-004%22%7D
.sharethrough.com/	1970-01-20 06:40:52	Name: stx_user_id Value: 7f014d33-82f2-439b-b618-ee5b117602a1
.analytics.yahoo.com/	1970-01-20 14:43:16	Name: IDSYNC Value: "18y3~274x:175w~274x"
.bidswitch.net/	1970-01-20 14:43:16	Name: tuuid Value: df040c0e-c214-4361-b88e-07a2545f0bc2
.bidswitch.net/	1970-01-20 14:43:16	Name: c Value: 1663060418
.bidswitch.net/	1970-01-20 14:43:16	Name: tuuid_lu Value: 1663060418
.adsrvr.org/	1970-01-20 14:43:16	Name: TDCPM Value: CAESFgoHcnViaWNvbhILCOrUpe7I3Io7EAUSFQoGY2FzYWxlEgsI9Kna8MjcijsQBRIbCgxzaGFyZXRocm91Z2gSCwi6jYPzyNyKOxAFGAEgASgCMgsIuoWGoN_cijsQBTgBWgxzaGFyZXRocm91Z2hgAg..
.outbrain.com/	1970-01-20 08:07:16	Name: obuid Value: c0efd637-2254-455b-a1cd-c066d9083c8f
.360yield.com/	1970-01-20 08:07:16	Name: tuuid Value: 85cadfbf-e647-43b4-aa6d-e7a5a1bc107b
.360yield.com/	1970-01-20 08:07:16	Name: tuuid_lu Value: 1663060418
.sportradarserving.com/	1970-01-20 14:43:16	Name: zuuid Value: 70f53b07-e2bb-49b5-b089-ad9bf93585cd
.sportradarserving.com/	1970-01-20 14:43:16	Name: c Value: 1663060418
.targeting.unrulymedia.com/	1970-01-20 14:43:16	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-93c9eb9f-521f-4010-8e39-3c733d582855-004%22%7D
.csync.loopme.me/	1970-01-20 08:08:42	Name: viewer_token Value: 793f1314-115f-4324-9df8-065b48a20f9e
.sportradarserving.com/	1970-01-20 14:43:16	Name: zuuid_lu Value: 1663060419
.sportradarserving.com/	1970-01-20 14:43:16	Name: zuuid_k Value: 1
.sportradarserving.com/	1970-01-20 14:43:16	Name: zuuid_k_lu Value: 1663060419
.creativecdn.com/	1970-01-20 14:43:16	Name: u Value: 5lN59A0FPbYGBtwsd71P
.creativecdn.com/	1970-01-20 14:43:16	Name: ts Value: 1663060419
.quantserve.com/	1970-01-20 08:07:16	Name: d Value: EFcBDQGLJ7jvsQA
.quantserve.com/	1970-01-20 15:27:54	Name: mc Value: 632049c3-1961d-7cd0f-8f730
.ads.yieldmo.com/	1970-01-20 14:43:16	Name: ptrt Value: 25fd5c9c-bab9-421b-969e-7f1456c58397
.ipredictive.com/	1970-01-20 14:43:16	Name: cu Value: 1d58c054-8259-45b6-9473-c853ef54acc3\|1663060419070
.technoratimedia.com/	1970-01-20 15:33:40	Name: tads_uid Value: GDPR
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 14:43:16	Name: bcookie Value: "v=2&06ce3ef7-a43d-4134-8edb-6d4d0c215c30"
.linkedin.com/	1970-01-20 05:59:06	Name: lidc Value: "b=VGST08:s=V:r=V:a=V:p=V:g=2398:u=1:x=1:i=1663060419:t=1663146819:v=2:sig=AQF4AcsRc40fpYcmOEDCO8dWD4ybwLvV"
.zemanta.com/	1970-01-20 14:43:16	Name: zuid Value: JREQaHfK3z08cTJ-9gIN
.ads.yieldmo.com/	1970-01-20 14:43:16	Name: ptrrc Value: L7ZZ8EOY-Y-DVIC
.tapad.com/	1970-01-20 07:24:04	Name: TapAd_TS Value: 1663060419232
.tapad.com/	1970-01-20 07:24:04	Name: TapAd_DID Value: 7114302c-62ab-4cdb-8257-e5609aa56b75
.ads.yieldmo.com/	1970-01-20 14:43:16	Name: ptreps Value: AAALfPXNSGTG7QNWbEVUAAAAAAA
.tapad.com/	1970-01-20 07:24:04	Name: TapAd_3WAY_SYNCS Value:
sync.srv.stackadapt.com/	1970-01-20 14:43:16	Name: sa-user-id Value: s%3A0-e5231474-d5f6-4ead-722f-8ccd2173d9c0.P4nTvYSEPytpB%2FvXfWcWg160OYLOwdP75ZMFHaESwms
.srv.stackadapt.com/	1970-01-20 14:43:16	Name: sa-user-id-v2 Value: s%3A5SMUdNX2Tq1yL4zNIXPZwNmK_LU.4n7yWkHop%2BKKgvnKRtPu949Ob3DjB3PuvVLtFOtAlg0
.ads.yieldmo.com/	1970-01-20 14:43:16	Name: ptrstk Value: 5SMUdNX2Tq1yL4zNIXPZwNmK_LU
.casalemedia.com/	1970-01-20 08:07:16	Name: CMTS Value: 5317
.contextweb.com/	1970-01-20 14:36:04	Name: V Value: FJ3M9HeJyZS9
.contextweb.com/	1970-01-20 14:43:16	Name: pb_rtb_ev Value: 3-1g2s\|7bq.0.1
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: d63d09940749b480
.crwdcntrl.net/	1970-01-20 12:26:27	Name: _cc_dc Value: 2
.crwdcntrl.net/	1970-01-20 12:26:27	Name: _cc_id Value: c2e41a70a8fc200273dbfe484af0260c
.id5-sync.com/	1970-01-20 08:07:16	Name: id5 Value: ed81c4c1-ac62-433e-abc5-5f6eb259f350#1663060417801#3
.bidr.io/	1970-01-20 15:26:14	Name: bito Value: AAHJnk7GQJQAAA6MWOLTvQ
.bidr.io/	1970-01-20 15:26:14	Name: bitoIsSecure Value: ok
.rubiconproject.com/	1970-01-20 14:43:16	Name: audit Value: 1\|WD0cx+9RTMJC83ZRAfzQp1qbBgMWySGKid6DeFnocd9KJss5t3zfP+lwrCjUjGlyFKrxEwC9qp2qIqvI98jtLBegUaP4Ri5nndiMgMLiTObMboWaW1ii7ddAgbQqottv
.dotomi.com/	1970-01-20 05:57:40	Name: DotomiTest Value: 2e1c4a9e79192262
.id5-sync.com/	1970-01-20 08:07:16	Name: 3pi Value: 2#1663060418381#-18097735#1768410491449595057\|3#1663060418766#-1320412212#e1ab6320-49c2-4500-bafc-1591abdb9e7c\|19#1663060420021#-1721074298#c2e41a70a8fc200273dbfe484af0260c\|822#1663060421106#-1810491713\|264#1663060419024#-747817305#25fd5c9c-bab9-421b-969e-7f1456c58397\|155#1663060420324#1098556586#AAHJnk7GQJQAAA6MWOLTvQ\|108#1663060419439#882246287\|285#1663060420697#-243676117
.id5-sync.com/	1970-01-20 05:57:40	Name: cf Value:
.id5-sync.com/	1970-01-20 05:57:40	Name: cip Value:
.id5-sync.com/	1970-01-20 05:57:40	Name: cnac Value:
.id5-sync.com/	1970-01-20 05:57:40	Name: car Value:
.id5-sync.com/	1970-01-20 05:57:40	Name: gdpr Value:

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.wheeloffortunecheats.com/ Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=107' from origin 'https://www.wheeloffortunecheats.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=107 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 503 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.sportradarserving.com
a68679edec791171cd3a7410944b51dd.safeframe.googlesyndication.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.360yield.com
ad.doubleclick.net
adengine.snigelweb.com
ads.pubmatic.com
ads.yieldmo.com
adservice.google.co.jp
adservice.google.com
api.btloader.com
api.rlcdn.com
argus-fra1.snigelweb.com
b1sync.zemanta.com
bh.contextweb.com
btloader.com
c.amazon-adsystem.com
c2shb.ssp.yahoo.com
cdn.id5-sync.com
cdn.snigelweb.com
cm.g.doubleclick.net
cookie-matching.mediarithmics.com
creativecdn.com
cs.emxdgt.com
csync.loopme.me
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
gum.criteo.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
inmobi-match.dotomi.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
pixel-apac.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prg.smartadserver.com
px.ads.linkedin.com
rtb-csync.smartadserver.com
rtb.gumgum.com
s.amazon-adsystem.com
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
snigelweb-com.videoplayerhub.com
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stags.bluekai.com
stats.g.doubleclick.net
sync-amz.ads.yieldmo.com
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.inmobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
sync.tidaltv.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.wheeloffortunecheats.com
x.bidswitch.net
yieldmo-match.dotomi.com
api.rlcdn.com
cookie-matching.mediarithmics.com
ib.adnxs.com
onetag-sys.com
prg.smartadserver.com
rtb-csync.smartadserver.com
sync.tidaltv.com
103.229.206.241
103.231.99.243
103.43.90.117
103.43.90.21
104.18.18.126
104.18.19.126
104.88.208.33
107.178.244.193
13.112.124.88
13.112.54.241
130.211.23.194
139.99.49.250
141.148.45.191
141.95.33.111
142.250.196.102
142.251.42.130
142.251.42.194
15.197.193.217
151.101.66.49
162.19.138.119
169.197.150.7
18.136.50.156
18.140.149.174
18.178.22.21
18.180.125.109
18.224.87.21
18.65.175.23
182.161.74.11
185.184.8.90
185.86.137.17
199.187.193.179
20.127.253.7
202.241.208.57
23.10.5.240
23.106.127.53
23.207.172.231
23.207.173.53
23.39.13.202
23.44.52.240
2404:6800:4004:80a::2001
2404:6800:4004:810::2002
2404:6800:4004:81c::2002
2404:6800:4004:821::2004
2404:6800:4004:821::2008
2404:6800:4004:822::200e
2404:6800:4004:826::2001
2404:6800:4004:826::2002
2404:6800:4008:c07::9d
2406:2600:4::b
2406:da18:929:5a00:9a2c:8e82:ae9c:de5c
2600:9000:2219:b400:13:ed78:1200:93a1
2602:803:c006:158::65
2606:4700:10::6816:184a
2606:4700:10::6816:194a
2606:4700:10::ac43:266a
2606:4700:20::681a:246
2606:4700:20::681a:78b
2606:4700:20::681a:932
2606:4700:20::ac43:4bf1
2606:4700::6813:ac6c
2620:116:800e:21:c338:3a39:7c0b:1a51
2620:1ec:21::14
2a02:fa8:c411:12::1050
3.234.131.203
35.213.12.39
35.213.93.179
35.244.159.8
38.133.127.95
52.220.183.187
52.223.2.229
52.46.128.147
52.55.123.47
52.74.163.173
52.77.152.198
52.94.220.185
54.255.75.208
54.83.100.212
64.202.112.191
66.155.71.25
69.173.158.64
74.118.186.45
74.214.196.131
8.39.36.141
8.43.72.98
0177a9487ee76570e920b2f9a113057dc04a620369e77ad270eafba1d45dc58d
03566ff71ce881e1ddb2e85238471acc2fcaadc990ba0f4d99418944e810d822
0608c789269ed4beb1de125c1b967161a30dade0d81f7522690183abf805d9a6
065d1fcdc4df18f1ff2d1fb755c897710eb98ac762b580be5cdd90a624de3f70
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f7243be102ec27af4b7a84ad9e13bfbd0d540b49ba25ff50c5e6e2163f8fd5a
19ede48bc51809b2c106a5f0b6919863e189e5e16975bc2217f8aaa2019ef305
1ff3fe0013040ea627968a7df3cc5bcd75c59c8198213fb674cadd7ae8b66d28
229537d7b68d119c7de7405aed57ca1145310b9cf2a37e86efc06dc753f8fd23
230b0a845fb99d764378ce0d00ad6e5e5553bdae634d068127e8f305f43f1424
2510ed81c525ffb3948c9e103bc6d56f036e45346a0d4c6e481602c223c74ba5
328c27449f4ae26ee462212c56e3c7ce2642a1c4279cdd52ec6092d3dfea9f9b
368787afcc20e375fe47132a852e1f09b27381102dab05bb2fb012b83ee6299f
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
425328ed7a60e35938fa92fc7ba5f5af96b53f9608bb41b8a07c0f91e8bdefcd
43477afc4ae4ce50cf0c4b9c5a574da6683bd600ce8e4433b5eb71d902892d2a
4404ff409765a97094b98fc1a3dc1d9f194a3f70afc67548e6067f00162a6b24
45877403f3c1932bbdbf87c7f02f250b9ddd3d5ed4dc59b30ac9c4f876d83d4b
4850322fc47f56c582d28fc8490cb669f4603bf7f00020e7abba15edbbe18872
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b875e818fa10efa63bf5d7d598210ca261ecf06a81a694310b170d5cefc150a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58da13e3e2a48d44eead1f3b3bd302c5916964dfe7494dc85f8417228494307d
5b9283171237dacdb34331a5d76977c8e68c04a50e9e930000cf219a46d27695
5ba6b182bb231ff1fe1feece1e2cae9038d06ca91704f0f30fdd323aadd265e7
5bbb09900fc5db06e7575d8c6fc806b41afb7a51e7a4d53126dcd8550239b4c9
5bd7288e07ec42d93d2109b944502e611c7d09e4c27865c4d535e3163d58db73
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65910d9ad85211ab3195d9d6947901ca337e779f404344bc7209b5809d70e18c
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
678d501a0601f791f17c82e85965b60cb6a8f915c9bd64e0b05d74fa50de9bf8
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e6551dedeeb4fb2ea88c400231e97f49a09b8d2d194ff301486e99042ad2a75
75c3c27288e75d0770575221ea4729bccb90a71fd7c169f022d55f29b4b52bae
776768838c267cfa3556be9b575081f8533968e088e23a9fafc730e67705d842
77dbd77226dff37c26037b9cccc9d05ed316d07ac63a683faaedc16dca3fda2a
811352d3c8c2611bb28dfad7f26ff9d0a44e6c006cea3dca18524bbc83c8e1fc
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8686541c494497486a912074151c6d232c538e34f83a22fdf8982da8dadb04b0
8d40c1ab3a72d60f7cdc89dfb3a7e60bdb6c26d01ee2b34477f1d1c670902ad2
95bf28be35ea86a3b53ed331053a201a1e959b2d0e504cecf665a62d9d7ca56c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1d944c26df4360da647384c84a5442f1ec2a1f53a268482810a4b6c4335fe6d
a24c7bf53a125eebda09ddd5d0fad85a11874962f397926102830f9289743315
a273d77e4d1243d36185c10ab9061f9d743bd402514df099942caa8e4716357f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a83d4325be9f77a26646e363b991627b2d06c8cc7ca51209ac9751e922ab5da3
ae05f6a96540b6e8607bc23466939dbd972babf10403f1fd57d290b7ab9c1d0e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b7b6c4712b5e56be6158a10147537514ded56d75514cdd4ad9ac2a4e1e83dde3
ba8fb17078ed4ce106f6d13954d859546ca19e78b21338fd8d113c744206d7fb
c1166316acff1d7e6302ce32b3ee2453f0f36aadfa1b2fdb682b0162f1ee2411
c122cd664c0df6796112e3d1b62a7ce313cde19615433ff68dc55fd870ff9232
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c571a8b2995d5c32a7e3ac48db3836f93261c037281ddff03a2a593f5b076fa1
cc123fa72bf4b7018e474ff8678e095ca7c2caa3dc722eec9d8d5f9fa5d9aa71
ce3254364d43ed9e515a28aa368900ca2cc939490054935195b9eb9ea4edcfdb
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1d4c66676320a20a448f13e24dbbb8957f030fd16c43e4bf22913e39354a8b1
d1db1d74c915911182b91320b1f4c9cb305b67a5954e0bcea363eb314ac2a6a5
d6d5ee7f80e0dbe37702933eb6acfb8cbc455b2c9d2dbeec2298e5b48d93e4c3
d80b9ba4d9ed354519644fd9d90aa446ec818d52a9b98395c80a43159dc0e887
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dd9aef615cdfe297f8f1d3f618bf063c588f79fe02486a8939daf5bd6c4803fd
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e59cf575f7203ec6d1dd5baf20ea5038898f5d8d1bc6a63217da212ce7f94700
e64e175d25543787ff83c02f7d8bb636b0cedf48e38291f11becc5363eaefb56
e85815908064ec7977f13468af609ac980317a21b5b519cfa107948cf76b8ce9
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ea0825f76cec254711dee6cd35cb0dd7ed5bcab7dc4503c1b8e79fbebf6ff348
eb940c1d146aea06f890f0efc054b9ecf1cf1c256020934f573b72de8d6b3f9b
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7299ebe9aff132e33f05f8b3b4698ade1411ecfd67ffd416e4069ce7737f8c2
feb6fb7964ff50524c107524c1773ae1fa2a13d37c9c2c81a9a7c87da8c970b8

www.wheeloffortunecheats.com Open in urlscan Pro 18.224.87.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

157 Requests

69 %HTTPS

29 %IPv6

61 Domains

94 Subdomains

58 IPs

12 Countries

964 kBTransfer

2415 kBSize

89 Cookies

0 Outgoing links

Page URL History

Redirected requests

157 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.wheeloffortunecheats.com Open in urlscan Pro
18.224.87.21 Public Scan

Screenshot
Live screenshot

Full Image

157
Requests

69 %
HTTPS

29 %
IPv6

61
Domains

94
Subdomains

58
IPs

12
Countries

964 kB
Transfer

2415 kB
Size

89
Cookies

157 HTTP transactions
0 data transactions