go.reference.com Open in urlscan Pro
2600:9000:214f:3800:11:62b2:fb00:93a1  Public Scan

Submitted URL: http://go.reference.com/
Effective URL: https://go.reference.com/
Submission: On January 06 via manual from US — Scanned from DE

Summary

This website contacted 86 IPs in 12 countries across 73 domains to perform 318 HTTP transactions. The main IP is 2600:9000:214f:3800:11:62b2:fb00:93a1, located in United States and belongs to AMAZON-02, US. The main domain is go.reference.com. The Cisco Umbrella rank of the primary domain is 82686.
TLS certificate: Issued by Amazon RSA 2048 M02 on April 12th 2023. Valid for: a year.
This is the only time go.reference.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2600:9000:214... 16509 (AMAZON-02)
23 2600:9000:214... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:223... 16509 (AMAZON-02)
13 2606:4700::68... 13335 (CLOUDFLAR...)
2 34.95.69.49 396982 (GOOGLE-CL...)
7 2606:4700:e6:... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
11 2606:4700:10:... 13335 (CLOUDFLAR...)
29 2606:4700:303... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 108.138.37.209 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.102 15169 (GOOGLE)
2 2a02:2638:3::c 44788 (ASN-CRITE...)
1 3.160.196.11 16509 (AMAZON-02)
1 35.244.193.51 396982 (GOOGLE-CL...)
2 52.211.129.108 16509 (AMAZON-02)
3 141.95.98.65 16276 (OVH)
1 54.171.10.251 16509 (AMAZON-02)
8 35.71.131.137 16509 (AMAZON-02)
1 2620:116:800d... 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 108.138.9.235 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 162.19.138.118 16276 (OVH)
2 94.130.203.123 24940 (HETZNER-AS)
1 2600:9000:20c... 16509 (AMAZON-02)
1 147.182.176.100 14061 (DIGITALOC...)
1 3.121.101.248 16509 (AMAZON-02)
1 34.149.50.64 396982 (GOOGLE-CL...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 34.149.20.76 15169 (GOOGLE)
1 173.237.69.4 7979 (SERVERS-COM)
5 50.16.49.158 14618 (AMAZON-AES)
4 7 208.93.169.131 46244 (WEBMD-IDC...)
1 23.52.123.144 16625 (AKAMAI-AS)
1 52.19.77.216 16509 (AMAZON-02)
1 199.212.255.178 25948 (FHMNET)
1 77.245.57.72 36057 (WEBAIR-IN...)
1 34.120.63.153 396982 (GOOGLE-CL...)
5 18.200.183.234 16509 (AMAZON-02)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 18.245.86.113 16509 (AMAZON-02)
1 2607:f350:3:2... 27630 (AS-XFERNET)
1 45.76.4.232 20473 (AS-CHOOPA)
1 2602:803:c003... 26667 (RUBICONPR...)
1 3.65.92.53 16509 (AMAZON-02)
1 54.93.147.185 16509 (AMAZON-02)
5 35.186.253.211 15169 (GOOGLE)
8 12 37.252.171.21 29990 (ASN-APPNEX)
2 54.84.92.154 14618 (AMAZON-AES)
4 5 34.98.64.218 396982 (GOOGLE-CL...)
1 159.203.185.21 14061 (DIGITALOC...)
4 6 52.72.177.11 14618 (AMAZON-AES)
22 2606:4700:e4:... 13335 (CLOUDFLAR...)
4 23.211.9.91 16625 (AKAMAI-AS)
5 67.202.105.24 32748 (STEADFAST)
1 151.101.193.108 54113 (FASTLY)
10 23.211.9.109 16625 (AKAMAI-AS)
3 5 13.248.245.213 16509 (AMAZON-02)
1 23.52.120.27 16625 (AKAMAI-AS)
1 137.184.28.190 14061 (DIGITALOC...)
4 7 142.250.186.66 15169 (GOOGLE)
4 7 18.159.7.44 16509 (AMAZON-02)
1 198.47.127.19 62713 (AS-PUBMATIC)
3 3 147.75.84.158 54825 (PACKET)
4 4 104.18.36.155 13335 (CLOUDFLAR...)
1 1 35.214.190.18 15169 (GOOGLE)
4 198.47.127.18 3257 (GTT-BACKB...)
4 4 23.212.211.47 16625 (AKAMAI-AS)
4 34.252.55.170 16509 (AMAZON-02)
1 52.213.175.104 16509 (AMAZON-02)
3 69.173.144.137 26667 (RUBICONPR...)
5 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2a02:fa8:8806... 41041 (VCLK-EU-SE)
3 2607:f350:3:2... 27630 (AS-XFERNET)
8 8 46.228.174.117 56396 (AMOBEE)
2 2 2001:678:cb4:... 56396 (AMOBEE)
3 3.71.149.231 16509 (AMAZON-02)
3 51.89.9.253 16276 (OVH)
3 52.17.111.107 16509 (AMAZON-02)
3 3.65.6.17 16509 (AMAZON-02)
2 2 5.196.111.68 16276 (OVH)
2 2 216.200.232.249 30419 (MEDIAMATH...)
2 2 23.212.88.20 16625 (AKAMAI-AS)
27 52.210.15.1 16509 (AMAZON-02)
1 1 35.210.239.72 15169 (GOOGLE)
3 3 54.146.35.99 14618 (AMAZON-AES)
3 2a05:d018:d29... 16509 (AMAZON-02)
3 3 54.158.172.237 14618 (AMAZON-AES)
3 169.197.150.7 398989 (DEEPINTENT)
3 3 50.31.142.255 23352 (SERVERCEN...)
3 3 81.17.55.171 60781 (LEASEWEB-...)
4 4 37.157.6.233 198622 (ADFORM)
3 3 211.120.53.203 4694 (IDCF IDC ...)
5 5 185.184.8.90 204995 (RTB-HOUSE...)
5 69.173.144.165 26667 (RUBICONPR...)
2 2 35.210.53.219 19527 (GOOGLE-2)
3 2a06:98c1:312... 13335 (CLOUDFLAR...)
318 86
Apex Domain
Subdomains
Transfer
32 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 2297
rtb.gumgum.com — Cisco Umbrella Rank: 2293
usersync.gumgum.com — Cisco Umbrella Rank: 3044
11 KB
29 posts.market
cdn.posts.market — Cisco Umbrella Rank: 77193
5 MB
24 reference.com
go.reference.com — Cisco Umbrella Rank: 82686
376 KB
23 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 791
eus.rubiconproject.com — Cisco Umbrella Rank: 951
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1520
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1222
token.rubiconproject.com — Cisco Umbrella Rank: 744
79 KB
22 0cf.io
s.0cf.io — Cisco Umbrella Rank: 18256
268 KB
13 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 356
acdn.adnxs.com — Cisco Umbrella Rank: 957
secure.adnxs.com — Cisco Umbrella Rank: 793
27 KB
13 kueezrtb.com
static.kueezrtb.com — Cisco Umbrella Rank: 9995
u.kueezrtb.com — Cisco Umbrella Rank: 17036
track.kueezrtb.com — Cisco Umbrella Rank: 14903
gtrack.kueezrtb.com — Cisco Umbrella Rank: 14884
exchange.kueezrtb.com — Cisco Umbrella Rank: 7623
sync.kueezrtb.com — Cisco Umbrella Rank: 9385
90 KB
13 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 625
262 KB
12 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
ad.doubleclick.net — Cisco Umbrella Rank: 199
cm.g.doubleclick.net — Cisco Umbrella Rank: 338
171 KB
11 nextmillmedia.com
pbs.nextmillmedia.com — Cisco Umbrella Rank: 4293
cookies.nextmillmedia.com — Cisco Umbrella Rank: 4166
6 KB
10 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1007
ask-media-group-d.openx.net — Cisco Umbrella Rank: 106424
us-u.openx.net — Cisco Umbrella Rank: 930
2 KB
10 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 766
ads.pubmatic.com — Cisco Umbrella Rank: 811
image6.pubmatic.com — Cisco Umbrella Rank: 1215
image8.pubmatic.com — Cisco Umbrella Rank: 1098
24 KB
8 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1632
x.bidswitch.net — Cisco Umbrella Rank: 590
2 KB
8 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 594
2 KB
7 contextweb.com
bid.contextweb.com — Cisco Umbrella Rank: 5810
bh.contextweb.com — Cisco Umbrella Rank: 881
4 KB
7 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 2501
ssc.33across.com — Cisco Umbrella Rank: 6391
ssc-cms.33across.com — Cisco Umbrella Rank: 1511
570 B
7 ay.delivery
k8svkbknrqzgecxff.ay.delivery — Cisco Umbrella Rank: 97807
286 KB
6 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 505
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 819
1 KB
6 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 857
4 KB
6 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 991
eb2.3lift.com — Cisco Umbrella Rank: 731
2 KB
5 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 809
2 KB
5 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 2541
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1167
870 B
5 connectad.io
cdn.connectad.io — Cisco Umbrella Rank: 6431
sync-eu.connectad.io — Cisco Umbrella Rank: 6210
2 KB
5 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 359
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 925
aax.amazon-adsystem.com — Cisco Umbrella Rank: 464
75 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 1001
2 KB
4 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 998
4 casalemedia.com
ssum.casalemedia.com — Cisco Umbrella Rank: 2058
3 KB
4 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1894
match.sharethrough.com — Cisco Umbrella Rank: 797
158 B
4 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 4534
sync.go.sonobi.com — Cisco Umbrella Rank: 1696
3 KB
4 media.net
prebid.media.net — Cisco Umbrella Rank: 1682
contextual.media.net — Cisco Umbrella Rank: 1093
hbx.media.net — Cisco Umbrella Rank: 1982
9 KB
4 dblks.net
prebid.dblks.net — Cisco Umbrella Rank: 53680
dblksync.dblks.net — Cisco Umbrella Rank: 22647
24 KB
3 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 2129
2 KB
3 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 994
927 B
3 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1629
76 B
3 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1536
1 KB
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1274
4 KB
3 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 3421
871 B
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1105
283 B
3 dotomi.com
prebid-match.dotomi.com — Cisco Umbrella Rank: 3315
3 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1119
609 B
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2287
mp.4dex.io — Cisco Umbrella Rank: 3130
25 KB
3 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 658
2 KB
3 google.com
google.com — Cisco Umbrella Rank: 1
www.google.com — Cisco Umbrella Rank: 6
817 B
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
223 KB
3 vidazoo.com
static.vidazoo.com — Cisco Umbrella Rank: 4005
63 KB
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 7847
747 B
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 2123
1 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 2399
955 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 1449
868 B
2 brainlyads.com
report2.hb.brainlyads.com — Cisco Umbrella Rank: 5672
1 KB
2 cootlogix.com
prebid.cootlogix.com — Cisco Umbrella Rank: 6397
sync.cootlogix.com — Cisco Umbrella Rank: 4443
710 B
2 assertcom.de
api.assertcom.de — Cisco Umbrella Rank: 12819
617 B
2 google.de
www.google.de — Cisco Umbrella Rank: 4002
563 B
2 flashtalking.com
d9.flashtalking.com — Cisco Umbrella Rank: 3209
12 KB
2 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 597
375 B
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 2057
104 B
1 metadsp.co.uk
u.ipw.metadsp.co.uk — Cisco Umbrella Rank: 10101
238 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 1057
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1467
286 B
1 yellowblue.io
hb.yellowblue.io — Cisco Umbrella Rank: 3550
608 B
1 qortex.ai
cpm.qortex.ai — Cisco Umbrella Rank: 30433
237 B
1 minutemedia-prebid.com
hb.minutemedia-prebid.com — Cisco Umbrella Rank: 5013
428 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1674
381 B
1 colossusssp.com
colossusssp.com — Cisco Umbrella Rank: 2206
sync.colossusssp.com Failed
138 B
1 seedtag.com
s.seedtag.com — Cisco Umbrella Rank: 2270
370 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1945
641 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1338
276 B
1 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 2137
9 KB
1 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 4038
317 B
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 950
319 B
1 adgarden.market
adgarden.market — Cisco Umbrella Rank: 66715
8 KB
1 script.ac
cadmus.script.ac — Cisco Umbrella Rank: 3813
45 KB
0 avct.cloud Failed
ads.avct.cloud Failed
318 73
Domain Requested by
29 cdn.posts.market go.reference.com
cadmus.script.ac
27 usersync.gumgum.com rtb.gumgum.com
24 go.reference.com 1 redirects go.reference.com
22 s.0cf.io cadmus.script.ac
s.0cf.io
rtb.gumgum.com
13 cdn.cookielaw.org go.reference.com
cdn.cookielaw.org
cadmus.script.ac
10 eus.rubiconproject.com cadmus.script.ac
eus.rubiconproject.com
cookies.nextmillmedia.com
rtb.gumgum.com
9 ib.adnxs.com 5 redirects cadmus.script.ac
8 match.adsrvr.org cadmus.script.ac
s.0cf.io
rtb.gumgum.com
7 x.bidswitch.net 4 redirects rtb.gumgum.com
7 cm.g.doubleclick.net 4 redirects rtb.gumgum.com
7 k8svkbknrqzgecxff.ay.delivery cadmus.script.ac
go.reference.com
k8svkbknrqzgecxff.ay.delivery
6 sync.1rx.io 6 redirects
6 cookies.nextmillmedia.com 4 redirects cadmus.script.ac
cookies.nextmillmedia.com
6 bh.contextweb.com 4 redirects cadmus.script.ac
s.0cf.io
5 token.rubiconproject.com eus.rubiconproject.com
5 creativecdn.com 5 redirects
5 eb2.3lift.com 3 redirects cadmus.script.ac
cookies.nextmillmedia.com
s.0cf.io
5 ssc-cms.33across.com cadmus.script.ac
cookies.nextmillmedia.com
s.0cf.io
5 rtb.openx.net cadmus.script.ac
cookies.nextmillmedia.com
s.0cf.io
5 pbs.nextmillmedia.com cadmus.script.ac
cookies.nextmillmedia.com
4 c1.adform.net 4 redirects
4 us-u.openx.net 4 redirects
4 rtb.gumgum.com s.0cf.io
rtb.gumgum.com
4 ap.lijit.com cookies.nextmillmedia.com
s.0cf.io
4 secure-assets.rubiconproject.com 4 redirects
4 image8.pubmatic.com cookies.nextmillmedia.com
s.0cf.io
4 ssum.casalemedia.com 4 redirects s.0cf.io
4 ads.pubmatic.com cadmus.script.ac
rtb.gumgum.com
4 gtrack.kueezrtb.com go.reference.com
4 track.kueezrtb.com go.reference.com
3 dblksync.dblks.net s.0cf.io
3 tg.socdm.com 3 redirects
3 ssbsync.smartadserver.com 3 redirects
3 b1sync.zemanta.com 3 redirects
3 match.deepintent.com rtb.gumgum.com
3 sync.ipredictive.com 3 redirects
3 pr-bh.ybp.yahoo.com rtb.gumgum.com
3 sync.srv.stackadapt.com 3 redirects
3 secure.adnxs.com 3 redirects
3 match.sharethrough.com s.0cf.io
3 ads.servenobid.com s.0cf.io
3 onetag-sys.com s.0cf.io
3 ups.analytics.yahoo.com s.0cf.io
3 sync.go.sonobi.com s.0cf.io
3 prebid-match.dotomi.com s.0cf.io
3 cdn.connectad.io s.0cf.io
3 prebid-server.rubiconproject.com s.0cf.io
3 prebid.a-mo.net 3 redirects s.0cf.io
3 id5-sync.com cadmus.script.ac
3 c.amazon-adsystem.com go.reference.com
c.amazon-adsystem.com
3 www.googletagmanager.com cadmus.script.ac
3 static.vidazoo.com cadmus.script.ac
2 pool.admedo.com 2 redirects
2 sync-eu.connectad.io cdn.connectad.io
2 hbx.media.net 2 redirects s.0cf.io
2 sync.mathtag.com 2 redirects s.0cf.io
2 ssbsync-global.smartadserver.com 2 redirects s.0cf.io
2 sync.targeting.unrulymedia.com 2 redirects
2 ad.turn.com 2 redirects
2 report2.hb.brainlyads.com go.reference.com
2 api.assertcom.de k8svkbknrqzgecxff.ay.delivery
2 www.google.de go.reference.com
2 www.google.com go.reference.com
2 script.4dex.io cadmus.script.ac
2 d9.flashtalking.com cadmus.script.ac
d9.flashtalking.com
2 gum.criteo.com cadmus.script.ac
2 googleads.g.doubleclick.net cadmus.script.ac
2 securepubads.g.doubleclick.net go.reference.com
cadmus.script.ac
2 static.kueezrtb.com cadmus.script.ac
2 i.clean.gg cadmus.script.ac
1 u.ipw.metadsp.co.uk 1 redirects
1 ads.yieldmo.com cookies.nextmillmedia.com
1 csync.loopme.me 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 sync.cootlogix.com cadmus.script.ac
1 contextual.media.net cadmus.script.ac
1 acdn.adnxs.com cadmus.script.ac
1 sync.kueezrtb.com cadmus.script.ac
1 ask-media-group-d.openx.net cadmus.script.ac
1 btlr.sharethrough.com cadmus.script.ac
1 tlx.3lift.com cadmus.script.ac
1 fastlane.rubiconproject.com cadmus.script.ac
1 exchange.kueezrtb.com cadmus.script.ac
1 apex.go.sonobi.com cadmus.script.ac
1 hb.yellowblue.io cadmus.script.ac
1 hbopenbid.pubmatic.com cadmus.script.ac
1 g2.gumgum.com cadmus.script.ac
1 prebid.media.net cadmus.script.ac
1 cpm.qortex.ai cadmus.script.ac
1 prebid.dblks.net cadmus.script.ac
1 hb.minutemedia-prebid.com cadmus.script.ac
1 a.teads.tv cadmus.script.ac
1 bid.contextweb.com cadmus.script.ac
1 colossusssp.com cadmus.script.ac
1 ssc.33across.com cadmus.script.ac
1 mp.4dex.io cadmus.script.ac
1 s.seedtag.com cadmus.script.ac
1 grid.bidswitch.net cadmus.script.ac
1 prebid.cootlogix.com cadmus.script.ac
1 rules.quantcount.com cadmus.script.ac
1 lb.eu-1-id5-sync.com cadmus.script.ac
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 secure.quantserve.com cadmus.script.ac
1 id.crwdcntrl.net cadmus.script.ac
1 lexicon.33across.com cadmus.script.ac
1 config.aps.amazon-adsystem.com cadmus.script.ac
1 u.kueezrtb.com static.kueezrtb.com
1 ad.doubleclick.net go.reference.com
1 google.com www.googletagmanager.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 adgarden.market go.reference.com
1 cadmus.script.ac go.reference.com
0 ads.avct.cloud Failed rtb.gumgum.com
0 sync.colossusssp.com Failed cadmus.script.ac
318 114

This site contains links to these domains. Also see Links.

Domain
www.reference.com
www.ask.com
www.onetrust.com
Subject Issuer Validity Valid
go.reference.com
Amazon RSA 2048 M02
2023-04-12 -
2024-05-11
a year crt.sh
script.ac
E1
2023-12-29 -
2024-03-28
3 months crt.sh
*.adgarden.market
Amazon RSA 2048 M01
2023-02-08 -
2024-03-08
a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3
2023-04-01 -
2024-03-31
a year crt.sh
i.clean.gg
GTS CA 1D4
2023-11-14 -
2024-02-12
3 months crt.sh
ay.delivery
GTS CA 1P5
2023-12-26 -
2024-03-25
3 months crt.sh
vidazoo.com
Cloudflare Inc ECC CA-3
2023-12-24 -
2024-12-22
a year crt.sh
kueezrtb.com
GTS CA 1P5
2023-12-16 -
2024-03-15
3 months crt.sh
posts.market
GTS CA 1P5
2024-01-02 -
2024-04-01
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3
2023-11-13 -
2024-11-12
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-02-28 -
2024-02-17
a year crt.sh
*.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-12-01 -
2024-03-01
3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02
2023-02-20 -
2024-03-20
a year crt.sh
lexicon.33across.com
GTS CA 1D4
2023-11-27 -
2024-02-25
3 months crt.sh
tag.device9.com
Go Daddy Secure Certificate Authority - G2
2023-07-19 -
2024-08-19
a year crt.sh
*.id5-sync.com
R3
2024-01-01 -
2024-03-31
3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02
2023-10-08 -
2024-11-06
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh
quantserve.com
R3
2023-12-27 -
2024-03-26
3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3
2023-10-23 -
2024-10-22
a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01
2023-03-16 -
2024-03-08
a year crt.sh
www.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
www.google.de
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.eu-1-id5-sync.com
R3
2024-01-01 -
2024-03-31
3 months crt.sh
api.assertcom.de
R3
2023-12-15 -
2024-03-14
3 months crt.sh
*.cootlogix.com
Sectigo RSA Domain Validation Secure Server CA
2023-10-19 -
2024-11-17
a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2023-03-23 -
2024-03-23
a year crt.sh
*.seedtag.com
Sectigo RSA Domain Validation Secure Server CA
2023-03-29 -
2024-04-15
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-08-01 -
2024-07-31
a year crt.sh
ssc.33across.com
GTS CA 1D4
2023-12-25 -
2024-03-24
3 months crt.sh
*.colossusssp.com
Go Daddy Secure Certificate Authority - G2
2023-09-08 -
2024-10-09
a year crt.sh
pbs.nextmillmedia.com
Amazon RSA 2048 M01
2023-06-13 -
2024-07-12
a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1
2023-04-10 -
2024-05-09
a year crt.sh
teads.tv
R3
2023-11-03 -
2024-02-01
3 months crt.sh
*.minutemedia-prebid.com
Amazon ECDSA 256 M01
2023-04-18 -
2024-05-16
a year crt.sh
*.dblks.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-15 -
2024-08-14
a year crt.sh
qortex.ai
R3
2023-11-14 -
2024-02-12
3 months crt.sh
prebid.media.net
GTS CA 1D4
2023-12-24 -
2024-03-23
3 months crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M01
2023-07-17 -
2024-08-14
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2023-04-20 -
2024-05-20
a year crt.sh
*.yellowblue.io
Amazon RSA 2048 M01
2023-03-24 -
2024-04-21
a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2
2023-12-07 -
2025-01-07
a year crt.sh
*.kueezrtb.com
Sectigo RSA Domain Validation Secure Server CA
2023-08-17 -
2024-09-14
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-05 -
2024-04-03
a year crt.sh
*.3lift.com
Amazon RSA 2048 M02
2023-04-13 -
2024-05-11
a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01
2023-06-14 -
2024-07-12
a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1
2023-08-18 -
2024-08-18
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
report2.hb.brainlyads.com
R3
2023-12-21 -
2024-03-20
3 months crt.sh
cookies.nextmillmedia.com
Amazon RSA 2048 M02
2023-06-13 -
2024-07-11
a year crt.sh
0cf.io
Cloudflare Inc ECC CA-3
2023-12-26 -
2024-12-25
a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA
2023-09-06 -
2024-09-30
a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1
2023-03-27 -
2024-04-26
a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1
2023-02-10 -
2024-02-18
a year crt.sh
*.lijit.com
Amazon RSA 2048 M02
2023-11-21 -
2024-12-19
a year crt.sh
*.yieldmo.com
Amazon RSA 2048 M01
2023-04-04 -
2024-05-02
a year crt.sh
connectad.io
Cloudflare Inc ECC CA-3
2023-03-16 -
2024-03-15
a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018
2023-08-15 -
2024-09-15
a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-12-26 -
2024-06-19
6 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-12-28 -
2024-01-28
a year crt.sh
ads.servenobid.com
Amazon RSA 2048 M01
2023-04-29 -
2024-05-27
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-08-29 -
2024-02-21
6 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2
2023-12-01 -
2025-01-01
a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02
2023-12-18 -
2025-01-16
a year crt.sh
dblks.net
GTS CA 1P5
2023-12-19 -
2024-03-18
3 months crt.sh

This page contains 114 frames:

Primary Page: https://go.reference.com/
Frame ID: 65C155A7C690EA6BBDF8D13941414BBF
Requests: 151 HTTP requests in this frame

Frame: https://ask-media-group-d.openx.net/w/1.0/pd
Frame ID: 2E44E8951868E559C6C4A99ACCB5E32D
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch
Frame ID: 45009F43304B5722C61D0DF6CBCCD887
Requests: 1 HTTP requests in this frame

Frame: https://sync.kueezrtb.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 77E327E017BCABC7BB6D5F8AE53BB2EF
Requests: 1 HTTP requests in this frame

Frame: https://cookies.nextmillmedia.com/sync?type=iframe
Frame ID: 72C5CB80AA7BCD74F8B8CBCFB8955D8B
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=315692723-8443561-7147-1&id=2164baaad843254&uid=
Frame ID: F054AD2CE6E41525FBE1C3CF042762E2
Requests: 5 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=163714
Frame ID: A6D2CABECAFCA99278D7A54516E1F417
Requests: 2 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bZnMmSbVGr7R8XrkHcnlKl&gdpr_consent=undefined&us_privacy=undefined&gpp=&gpp_sid=
Frame ID: 9891E34D421F896A9BBFF10B2A4D0AFC
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3A37C454F63FA89003DF604A58758820
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 2E75370959ACCA5DDE9621B1CCC6E1D0
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 20E2C9BDA2DBC9B1B2FD88BCB9122456
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUFXJ2G5&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 214F9421A6468D01116B9043953D96E1
Requests: 1 HTTP requests in this frame

Frame: https://sync.cootlogix.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: E47673176516F86475F7410EDA5D2D1A
Requests: 1 HTTP requests in this frame

Frame: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Frame ID: AA6FF602EE07C5B47086A77B6778E32B
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz
Frame ID: 736808391F2487E5B2B9D588086FDB31
Requests: 1 HTTP requests in this frame

Frame: https://cookies.nextmillmedia.com/setuid?bidder=amx&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=&gpp_sid=%7B%7B.GPPSID%7D%7D&gpp=%7B%7B.GPP%7D%7D
Frame ID: C7A430672552392E0B6BD9F09AD10527
Requests: 1 HTTP requests in this frame

Frame: https://pbs.nextmillmedia.com/setuid?bidder=appnexus&uid=6241680270365964486
Frame ID: 1B10A5CEFC91DDC5544FCAED73ADFDCE
Requests: 1 HTTP requests in this frame

Frame: https://pbs.nextmillmedia.com/setuid?bidder=grid&uid=00b9d0ef-cdf3-4958-b731-562f8da30b68
Frame ID: 2275130C3BF2FFAB6D5890BA6A9A8A8B
Requests: 1 HTTP requests in this frame

Frame: https://pbs.nextmillmedia.com/setuid?bidder=ix&uid=ZZjPq0UqzPfZbB8OJFI9vgAA&5199
Frame ID: 4B79D4F49FA944BB546AE7517346372B
Requests: 1 HTTP requests in this frame

Frame: https://pbs.nextmillmedia.com/setuid?bidder=loopme&uid=e09056bf-75fa-4fad-b8b8-f9ecd331dd94
Frame ID: 3058A8174FA54DE58C75EC06848F0171
Requests: 1 HTTP requests in this frame

Frame: https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&r=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dopenx%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24%7BUID%7D
Frame ID: 76A994A3B3D3D27D051D0D798BAEAE58
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?p=157577&gdpr=&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dpubmatic%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%23PMUID
Frame ID: 41F06EC596DA9C8BD4DA98E3A07BACE0
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
Frame ID: E735A00758D97F93C1215B5235803227
Requests: 3 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dsovrn%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Frame ID: 4638CAD26D1CB360C3F005B9BB5F742E
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&gpp={{.GPP}}&gpp_sid={{.GPPSID}}&redir=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dtriplelift%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Frame ID: B117224B3F3890F158F559986574ACB5
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dyieldmo%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Frame ID: DE228C6F57CA31AE2BDB2D6D63AFAB38
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: 9F2EC179C59925D08BD222E3B7450324
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D
Frame ID: B9A77E2241AE3E7BA8D8A3590DA07B27
Requests: 1 HTTP requests in this frame

Frame: https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D10%26uid%3D
Frame ID: 27669AF3F8A35A7603601BF5D7058A04
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Frame ID: FC2AEA5DC7616DF17A879950CF4B003F
Requests: 11 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: 37325FFE03761A55C54C2B72229A040B
Requests: 1 HTTP requests in this frame

Frame: https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D19%26uid%3D%24%7BUID%7D
Frame ID: 56ADA68BDB9B2BF332C43E4E179BC34E
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D25%26uid%3D%24UID
Frame ID: FD7A6B4955BD688D862A83F718FBA496
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D26%26uid%3D%5BUID%5D
Frame ID: D2D31863EE03BE92AAE01F120B1227A6
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: FE7EB39E528C8E435947089A72D1A2D8
Requests: 1 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58448/occ?uid=2164baaad84325477%26uid%3D
Frame ID: FADD89EB37FB5424546DA21DBCE02683
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: E29CEF61BD70913BD08DA556F65F041E
Requests: 5 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D
Frame ID: 686B561A4040B52662A8035CA9C5BABB
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D1%26uid%3D33XUSERID33X
Frame ID: FEE7F9F1BFF146FEED52E1B5D0369ACF
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID
Frame ID: 8FD51736882AA229C2D68537DF602E99
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: 46E1BC25ACF64545301D2966BFB13EE5
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=Uj448boa
Frame ID: 870ED1E57BF281B43249F0E48D2BD2C2
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: 7143C59308265FC50FC04E18144036A4
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/ps/?dbid=2164baaad843254
Frame ID: 1A9299602951D35641CC7546ECD59A3C
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: 45D0E02B0CF6FECB88E16D277061D0B0
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: 0881F72A9F02B4C189EB47BE015E6565
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=adf&i=6880871995993698701&gdpr=0&gdpr_consent=0
Frame ID: F4B011D8E3F2CF4728BE654EB55D1280
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8wNGY4MGU0YS1iOTM4LTRiOTMtOTkwNy05YzIzODY5ZjhiNmQ=&gdpr=0&gdpr_consent=0&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 48A88F05CBF803D768C5C97E1668C868
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=0
Frame ID: 231EA0E61BD7745F90CAD36299A81FC9
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0
Frame ID: 0202745B4A2B2CC229F861343F0B956D
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZZjPrMCo5sAAAAfQgYwAAAAA
Frame ID: 3253DAC5B867AC930DBD49429DE2AACB
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=x4RqQwkmpMLLbvxCirlf5iVesk90GM5lrw6tdgrRUJY&pi=gumgum&tc=1
Frame ID: B01EE4E0729CE0884240484CE31A74A1
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 35F3F85AECE1A746FFE953A60D4BFEF3
Requests: 3 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: C466C0BE35BAE4CEC33F63AFB0819D1B
Requests: 1 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D
Frame ID: 72CEC0A4A11356BA9C5FAB70AEA84C4A
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: D2F2C148D630651E2205BB6E4C108B17
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D
Frame ID: 3D0F282173CDB7D578D37A6560989C4B
Requests: 1 HTTP requests in this frame

Frame: https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D10%26uid%3D
Frame ID: 2040FD1C9011A2018E949F9E5FA6CFB4
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Frame ID: 788F5195AE034CAD224A4E3FDC5629F2
Requests: 10 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: F12B1335C3989F74D4E582093EDB03BA
Requests: 1 HTTP requests in this frame

Frame: https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D19%26uid%3D%24%7BUID%7D
Frame ID: 26338D35A02DF9746998619CA7A76B76
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D25%26uid%3D%24UID
Frame ID: C10418F9F614D0344EA1CA58480A6303
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D26%26uid%3D%5BUID%5D
Frame ID: 22F6080A04F920FD22886913760ED683
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: D88BA1D8A23A54914705CAE394DF3C8D
Requests: 1 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58448/occ?uid=2164baaad84325477%26uid%3D
Frame ID: 9879A0CE8C8928580AB4F3359483A120
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: 130D86BE3C07483195F8FA000BCFF192
Requests: 5 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D
Frame ID: D2159968D0E3E7A60EFD29E05D148630
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D1%26uid%3D33XUSERID33X
Frame ID: 411A5DF1C15E2C654AE03DDCFB86B0A8
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID
Frame ID: 3AC62A4C403E413316A5057EF486C2B7
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: CCDF28D56ED27E80C5E4D79E8AAF3C79
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=Uj448boa
Frame ID: 4FB43661F1B3A63B42A333706B7917C2
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: FFBC7E44658DFBAD8AC079A56AAD1641
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/ps/?dbid=2164baaad843254
Frame ID: 0636DF1AE82A9FB6F07F77F012B087EC
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: 4977AC93461D7D0A311AEC68F271AFF6
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: 89810F1FEE5BA31C178358EA4E72293A
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=adf&i=3600685581935743263&gdpr=0&gdpr_consent=0
Frame ID: DD8B8A8F396FCE4F877454063B03E573
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8wNGY4MGU0YS1iOTM4LTRiOTMtOTkwNy05YzIzODY5ZjhiNmQ=&gdpr=0&gdpr_consent=0&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: F801A910AA553D212F98232ED5A059FC
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=0
Frame ID: D9A4A07B3372D7F6A8B2F05E6C317B08
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0
Frame ID: 8EA7F633C2F28D8F111172911DEB45F2
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZZjPrMCo5ukAAG3xuHMAAAAA
Frame ID: 9E58834A325A7F024D03CE5548CA40AF
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=uHaivwvLBJ5YPIj1n0ONwgiu9hEkT8HIrk0y2_36kRA&pi=gumgum&tc=1
Frame ID: 3EB70D994D5AEF1501631061B9859511
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: AD40EC87F3B6B995A4454BEAC27A5F4B
Requests: 3 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: 3C50A77873D51516EA452B90CBFE252C
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D76%26uid%3D%24UID
Frame ID: ED97556E96DB7AA0BBBBF770C2158121
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D
Frame ID: 317D0133872F414A6CC6FAF387B81A78
Requests: 1 HTTP requests in this frame

Frame: https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D10%26uid%3D
Frame ID: F3844EF7758D977CD70058547DFB682F
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Frame ID: 4894A8FB874E28BCA26A5AC7DE7AE703
Requests: 10 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D74%26uid%3D
Frame ID: 4DF1C8C39AAB94CA6CD17603CCE0D43C
Requests: 1 HTTP requests in this frame

Frame: https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D19%26uid%3D%24%7BUID%7D
Frame ID: 136507055CCC06ABF79193F1DE48A3C1
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D25%26uid%3D%24UID
Frame ID: 2B5FD2BE5CB6ABDFEECC8B4803CDB23C
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D26%26uid%3D%5BUID%5D
Frame ID: 95D8776352DA6A8466335FA5224DBCD5
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=459972833
Frame ID: 4A8C46E5119D0EBA1683828F2B0FA0C1
Requests: 1 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58448/occ?uid=2164baaad84325477%26uid%3D
Frame ID: 6EFB34BCC53D7C356F4C16A30C3B7EFF
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D81%26uid%3D
Frame ID: 11AA34B51C3839682157094A7B419B21
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D
Frame ID: 6323A4497DE194119C3FD9F12EE55341
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D1%26uid%3D33XUSERID33X
Frame ID: CE0CE9CC67D8DBBB8C505121622750C0
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID
Frame ID: 85EFEDDDA887697B12462FCD7FEF8D4D
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D21%26uid%3D%25%25VGUID%25%25
Frame ID: 452886A15EC326E0F9A8142C723EF649
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=Uj448boa
Frame ID: 711B7C6DF241186E2359D7C72362F003
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D82%26uid%3D%5Bssb_sync_pid%5D
Frame ID: BFF8F905FE490394971D5EFA6B18EA4F
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/ps/?dbid=2164baaad843254
Frame ID: 764714CE42E57F13A0761F30BAD46839
Requests: 1 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D61%26uid%3D%5BMM_UUID%5D
Frame ID: 2A9E2EF855101FC464C0DA5156A30440
Requests: 1 HTTP requests in this frame

Frame: https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D88%26uid%3D%3Cvsid%3E
Frame ID: 8E9C9149F077109682177931166321DB
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=adf&i=3600685581935743263&gdpr=0&gdpr_consent=0
Frame ID: 6AA8C050D9F3588FF90F1EA1E8CCEE11
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8wNGY4MGU0YS1iOTM4LTRiOTMtOTkwNy05YzIzODY5ZjhiNmQ=&gdpr=0&gdpr_consent=0&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 4F5C6C6102BA6B0EDF4F839794D9B23E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=0
Frame ID: D45C8DC6863726615F6CF5C97655BFA1
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0
Frame ID: 67FF392188EEB48A88E1073AF88A5C38
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZZjPrMCo5swAAPrP1iIAAAAA
Frame ID: 1BBDDD0BA0F8EAB4411894A37BF36CA2
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=uHaivwvLBJ5YPIj1n0ONwgiu9hEkT8HIrk0y2_36kRA&pi=gumgum
Frame ID: FB76F89772FA6BAA7FD3702F4A94DDCC
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 65D66F859C247848C9B7E8912ADD92F8
Requests: 3 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D
Frame ID: F9C6B33F6099598AA163A7C1B120188A
Requests: 1 HTTP requests in this frame

Frame: https://dblksync.dblks.net/dblksync/
Frame ID: 2717DC0CFF3533D9669F2D1BF31B2028
Requests: 1 HTTP requests in this frame

Frame: https://dblksync.dblks.net/dblksync/
Frame ID: DBB56C89A0BE056797F15FB975299103
Requests: 1 HTTP requests in this frame

Frame: https://dblksync.dblks.net/dblksync/
Frame ID: 35BBBA24A230805FAB758C9EC508F308
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

ReferenceBack ButtonFilter Button

Page URL History Show full URLs

  1. http://go.reference.com/ HTTP 301
    https://go.reference.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /_nuxt/

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

318
Requests

89 %
HTTPS

29 %
IPv6

73
Domains

114
Subdomains

86
IPs

12
Countries

7184 kB
Transfer

11927 kB
Size

64
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://go.reference.com/ HTTP 301
    https://go.reference.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 162
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=fb2d1f27-d30e-4875-bd33-cbe720e6a157&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=UURacVZNLWRnREtJS19ad2haLTVKUQ&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEB2_32kKVej-Ho7M55JOglU&google_cver=1
Request Chain 168
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&gpp={{.GPP}}&gpp_sid={{.GPPSID}}&s=pbs&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Damx%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID HTTP 302
  • https://cookies.nextmillmedia.com/setuid?bidder=amx&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=&gpp_sid=%7B%7B.GPPSID%7D%7D&gpp=%7B%7B.GPP%7D%7D
Request Chain 169
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dappnexus%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fcookies.nextmillmedia.com%252Fsetuid%253Fbidder%253Dappnexus%2526nmuid%253D%2526gdpr%253D%2526gdpr_consent%253D%2526us_privacy%253D%2526uid%253D%2524UID HTTP 302
  • https://cookies.nextmillmedia.com/setuid?bidder=appnexus&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=6241680270365964486 HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=appnexus&uid=6241680270365964486
Request Chain 170
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dgrid%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dgrid%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://cookies.nextmillmedia.com/setuid?bidder=grid&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=00b9d0ef-cdf3-4958-b731-562f8da30b68 HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=grid&uid=00b9d0ef-cdf3-4958-b731-562f8da30b68
Request Chain 171
  • https://ssum.casalemedia.com/usermatchredir?s=194962&gdpr=&gdpr_consent=&us_privacy=&gpp={{.GPP}}&gppsid={{.GPPSID}}&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dix%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fgpp%3D%257B%257B.GPP%257D%257D%26bidder%3Dix%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D&gdpr=&gdpr_consent=&gpp=%7B%7B.GPP%7D%7D&gppsid=%7B%7B.GPPSID%7D%7D&s=194962&us_privacy=&C=1 HTTP 302
  • https://cookies.nextmillmedia.com/setuid?gpp=%7B%7B.GPP%7D%7D&bidder=ix&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=ZZjPq0UqzPfZbB8OJFI9vgAA%265199 HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=ix&uid=ZZjPq0UqzPfZbB8OJFI9vgAA&5199
Request Chain 172
  • https://csync.loopme.me/?pubid=11364&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dloopme%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%7Bviewer_token%7D HTTP 307
  • https://cookies.nextmillmedia.com/setuid?bidder=loopme&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=e09056bf-75fa-4fad-b8b8-f9ecd331dd94&gdpr_consent=null&gdpr=null HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=loopme&uid=e09056bf-75fa-4fad-b8b8-f9ecd331dd94
Request Chain 175
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17888&endpoint=us-east&nmuid= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
Request Chain 179
  • https://ib.adnxs.com/getuid?https://ib.adnxs.com/getuidj HTTP 302
  • https://ib.adnxs.com/getuidj
Request Chain 180
  • https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D76%26uid%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D76%26uid%3D%24UID HTTP 302
  • https://s.0cf.io/
Request Chain 186
  • https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D74%26uid%3D HTTP 302
  • https://s.0cf.io/
Request Chain 190
  • https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D22%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D22%26uid%3D%5BRX_UUID%5D&cb=1704513451673 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=5666793734 HTTP 302
  • https://sync.1rx.io/usersync/turn/7002654825162653195?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-32fa614d-2a1d-4521-b76c-b84aa0a674a5-003?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D22%26uid%3DRX-32fa614d-2a1d-4521-b76c-b84aa0a674a5-003 HTTP 302
  • https://s.0cf.io/
Request Chain 192
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D81%26uid%3D HTTP 302
  • https://s.0cf.io/
Request Chain 197
  • https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D21%26uid%3D%25%25VGUID%25%25 HTTP 302
  • https://s.0cf.io/
Request Chain 199
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D82%26uid%3D%5Bssb_sync_pid%5D HTTP 302
  • https://s.0cf.io/
Request Chain 200
  • https://cm.g.doubleclick.net/pixel?google_cm&google_nid=datablocks_inc&google_hm=2164baaad843254&dbid=2164baaad843254 HTTP 302
  • https://s.0cf.io/ps/?dbid=2164baaad843254
Request Chain 201
  • https://sync.mathtag.com/sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D61%26uid%3D%5BMM_UUID%5D HTTP 302
  • https://s.0cf.io/
Request Chain 202
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D88%26uid%3D%3Cvsid%3E HTTP 302
  • https://s.0cf.io/
Request Chain 204
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=6241680270365964486
Request Chain 205
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_04f80e4a-b938-4b93-9907-9c23869f8b6d&gdpr=0&gdpr_consent=0&us_privacy= HTTP 302
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=00b9d0ef-cdf3-4958-b731-562f8da30b68&gdpr=0&gdpr_consent=0&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=0&user_group=0&user_id=&ssp=gumgum2&bsw_param=00b9d0ef-cdf3-4958-b731-562f8da30b68
Request Chain 206
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=0&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=0&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=ddab835f-76c6-4b07-b58d-5ebbce6fd516&gdpr=0&gdpr_consent=0
Request Chain 207
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=0 HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-d5c470bd-3156-5bab-7650-933f58eef2af$ip$193.32.248.212
Request Chain 209
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=4d5e7385-4b88-4178-8e68-480db3577b86
Request Chain 211
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_04f80e4a-b938-4b93-9907-9c23869f8b6d&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0
Request Chain 212
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=mIOyCSO6jsys&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Request Chain 213
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0 HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=6502715438851894600
Request Chain 214
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0 HTTP 302
  • https://usersync.gumgum.com/usersync?b=adf&i=6880871995993698701&gdpr=0&gdpr_consent=0
Request Chain 218
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZZjPrMCo5sAAAAfQgYwAAAAA
Request Chain 219
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=x4RqQwkmpMLLbvxCirlf5iVesk90GM5lrw6tdgrRUJY&pi=gumgum&tc=1
Request Chain 220
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 224
  • https://ib.adnxs.com/getuid?https://ib.adnxs.com/getuidj HTTP 302
  • https://ib.adnxs.com/getuidj
Request Chain 225
  • https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D76%26uid%3D%24UID HTTP 302
  • https://s.0cf.io/
Request Chain 231
  • https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D74%26uid%3D HTTP 302
  • https://s.0cf.io/
Request Chain 235
  • https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D22%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=1728500877 HTTP 302
  • https://sync.1rx.io/usersync/turn/3976517350546390539?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-32fa614d-2a1d-4521-b76c-b84aa0a674a5-003?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D22%26uid%3DRX-32fa614d-2a1d-4521-b76c-b84aa0a674a5-003 HTTP 302
  • https://s.0cf.io/
Request Chain 237
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D81%26uid%3D HTTP 302
  • https://s.0cf.io/
Request Chain 242
  • https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D21%26uid%3D%25%25VGUID%25%25 HTTP 302
  • https://s.0cf.io/
Request Chain 244
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D82%26uid%3D%5Bssb_sync_pid%5D HTTP 302
  • https://s.0cf.io/
Request Chain 245
  • https://cm.g.doubleclick.net/pixel?google_cm&google_nid=datablocks_inc&google_hm=2164baaad843254&dbid=2164baaad843254 HTTP 302
  • https://s.0cf.io/ps/?dbid=2164baaad843254
Request Chain 246
  • https://sync.mathtag.com/sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D61%26uid%3D%5BMM_UUID%5D HTTP 302
  • https://s.0cf.io/
Request Chain 247
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D88%26uid%3D%3Cvsid%3E HTTP 302
  • https://s.0cf.io/
Request Chain 249
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=6241680270365964486
Request Chain 250
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_04f80e4a-b938-4b93-9907-9c23869f8b6d&gdpr=0&gdpr_consent=0&us_privacy= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2
Request Chain 251
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=0&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=ddab835f-76c6-4b07-b58d-5ebbce6fd516&gdpr=0&gdpr_consent=0
Request Chain 252
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=0 HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-d5c470bd-3156-5bab-7650-933f58eef2af$ip$193.32.248.212
Request Chain 254
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=15ff2319-7f3f-4591-bbd9-6f9f40671337
Request Chain 256
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_04f80e4a-b938-4b93-9907-9c23869f8b6d&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0
Request Chain 257
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0 HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=8485525874604977624
Request Chain 258
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0 HTTP 302
  • https://usersync.gumgum.com/usersync?b=adf&i=3600685581935743263&gdpr=0&gdpr_consent=0
Request Chain 262
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZZjPrMCo5ukAAG3xuHMAAAAA
Request Chain 263
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=uHaivwvLBJ5YPIj1n0ONwgiu9hEkT8HIrk0y2_36kRA&pi=gumgum&tc=1
Request Chain 264
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 267
  • https://ib.adnxs.com/getuid?https://ib.adnxs.com/getuidj HTTP 302
  • https://ib.adnxs.com/getuidj
Request Chain 278
  • https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D22%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=459972833
Request Chain 288
  • https://cm.g.doubleclick.net/pixel?google_cm&google_nid=datablocks_inc&google_hm=2164baaad843254&dbid=2164baaad843254 HTTP 302
  • https://s.0cf.io/ps/?dbid=2164baaad843254
Request Chain 291
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=6241680270365964486
Request Chain 292
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_04f80e4a-b938-4b93-9907-9c23869f8b6d&gdpr=0&gdpr_consent=0&us_privacy= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=00b9d0ef-cdf3-4958-b731-562f8da30b68 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=00b9d0ef-cdf3-4958-b731-562f8da30b68 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=a5e28a07-3f27-4287-8a1c-805dc1377fc7&user_group=1&ssp=gumgum2&bsw_param=00b9d0ef-cdf3-4958-b731-562f8da30b68
Request Chain 293
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=0&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=ddab835f-76c6-4b07-b58d-5ebbce6fd516&gdpr=0&gdpr_consent=0
Request Chain 294
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=0 HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-d5c470bd-3156-5bab-7650-933f58eef2af$ip$193.32.248.212
Request Chain 296
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=d193aa07-8faa-4e98-949f-2865561e19a1
Request Chain 298
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_04f80e4a-b938-4b93-9907-9c23869f8b6d&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0
Request Chain 299
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0 HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=6502715438851894600
Request Chain 300
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0 HTTP 302
  • https://usersync.gumgum.com/usersync?b=adf&i=3600685581935743263&gdpr=0&gdpr_consent=0
Request Chain 304
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZZjPrMCo5swAAPrP1iIAAAAA
Request Chain 305
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=uHaivwvLBJ5YPIj1n0ONwgiu9hEkT8HIrk0y2_36kRA&pi=gumgum
Request Chain 306
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum

318 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
go.reference.com/
Redirect Chain
  • http://go.reference.com/
  • https://go.reference.com/
179 KB
30 KB
Document
General
Full URL
https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:3800:11:62b2:fb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
75e4299df364d12098a40fe5ec56e6d1fc67a2f896f8e27a5d1240762e74f4c3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 06 Jan 2024 03:57:28 GMT
etag
"2ca67-MEv8E6j8BBJaL6F8qyCXRGVNgoU"
server
nginx/1.20.1
server-timing
total;dur=70;desc="Nuxt Server Time"
vary
Accept-Encoding
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-amz-cf-id
4B082D8z5Pri94naN9VO6LTVkC3-8NE5dlGmwGpia4a8yzKT0T4vBQ==
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
x-proxy-cache
MISS

Redirect headers

Connection
keep-alive
Content-Length
167
Content-Type
text/html
Date
Sat, 06 Jan 2024 03:57:27 GMT
Location
https://go.reference.com/
Server
CloudFront
Via
1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
X-Amz-Cf-Id
FxqgWYtahiMUQare01ibPzU_mH4GZUmvlCicbszGKiwD_x-bgTDXVA==
X-Amz-Cf-Pop
FRA53-C1
X-Cache
Redirect from cloudfront
script.js
cadmus.script.ac/d34r0d5k7jlda2/
130 KB
45 KB
Script
General
Full URL
https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1791 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9e51f61bafe255a4ef3d409d9aeb0631b4602d9cc5ab0e0e78eadf80cf60286

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:28 GMT
content-encoding
gzip
last-modified
Fri, 05 Jan 2024 17:59:17 GMT
server
cloudflare
age
0
etag
W/"71732e94ad9af046ee31e8ba0030ded08f3b93cb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray
8411097b38fdaca7-TXL
adgarden.js
adgarden.market/js/
7 KB
8 KB
Script
General
Full URL
https://adgarden.market/js/adgarden.js
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:3600:3:6d3c:dac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
56939e06ab2cb38895d26a98e53f13e4fa8507be612ac0d2537b7f1c68988087
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:28 GMT
strict-transport-security
max-age=15768000
via
1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
last-modified
Fri, 15 Dec 2023 17:57:57 GMT
server
nginx/1.20.2
x-amz-cf-pop
FRA56-P5
etag
W/"1dc4-657c93a5.108651eb"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
7620
x-amz-cf-id
sCZTa6hb8NujMd9v5sO3IfwZbyE6Tgl1vFGLhklfRCHA8DEHf8hDzw==
otSDKStub.js
cdn.cookielaw.org/scripttemplates/
21 KB
7 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98bc0753b3f7392176a4af252bfae9bcd1f2804b73dee374119899d8f52ae3d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 06 Jan 2024 03:57:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
FWT01iLvZ++xUAz3aesSug==
age
69496
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6841
x-ms-lease-status
unlocked
last-modified
Thu, 04 Jan 2024 21:06:28 GMT
server
cloudflare
etag
0x8DC0D69051ECA4A
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
cdf020d4-701e-0068-5a84-3f5f13000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8411097b2a5358ea-TXL
cc780d1.js
go.reference.com/_nuxt/
4 KB
3 KB
Script
General
Full URL
https://go.reference.com/_nuxt/cc780d1.js
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:3800:11:62b2:fb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
8c0d3228be4abb1a4da59f6043369b9ab3689bd7c5ef180743fe2b31be76fc63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 03:22:52 GMT
content-encoding
gzip
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Thu, 04 Jan 2024 01:34:56 GMT
server
nginx/1.20.1
x-amz-cf-pop
FRA53-C1
age
174876
etag
W/"fd3-18cd21bf31d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
x-amz-cf-id
bsSoaeawKEtnzO_XKAO1safmyJUQCGFbPliNBVjE_5ELpLDc0CVsWw==
x-proxy-cache
HIT
4fa4106.js
go.reference.com/_nuxt/
191 KB
66 KB
Script
General
Full URL
https://go.reference.com/_nuxt/4fa4106.js
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:3800:11:62b2:fb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
03ef31ff26a973db8d113e2874fa7c93f8f327813c15cd25af3807c4d2fd8058

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 03:22:52 GMT
content-encoding
gzip
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Thu, 04 Jan 2024 01:34:56 GMT
server
nginx/1.20.1
x-amz-cf-pop
FRA53-C1
age
174876
etag
W/"2fa64-18cd21bf31d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
x-amz-cf-id
5lVRKnBHQdQmQubAguDgSYg-di7Pwdy3rDFkaIfpbE9nhgnvZo9-kw==
x-proxy-cache
HIT
b33633d.js
go.reference.com/_nuxt/
401 KB
105 KB
Script
General
Full URL
https://go.reference.com/_nuxt/b33633d.js
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:3800:11:62b2:fb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
a76a44122979efa2aaca191cd8e399ea1e4fb075279df14a0cce85438ac20bae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 03:22:52 GMT
content-encoding
gzip
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Thu, 04 Jan 2024 01:34:56 GMT
server
nginx/1.20.1
x-amz-cf-pop
FRA53-C1
age
174876
etag
W/"6439f-18cd21bf31d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
x-amz-cf-id
O_tt18NQfqqzxK9s6FfBKgxW8AHOaCAyUE9_UMC_ke8nz-E_Pq20lQ==
x-proxy-cache
HIT
cd7ae78.js
go.reference.com/_nuxt/
126 KB
36 KB
Script
General
Full URL
https://go.reference.com/_nuxt/cd7ae78.js
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:3800:11:62b2:fb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
53624e034782b3925dddb799566379791a82563b9ac24fb45e3cea7d5f80946b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 03:22:52 GMT
content-encoding
gzip
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Thu, 04 Jan 2024 01:34:56 GMT
server
nginx/1.20.1
x-amz-cf-pop
FRA53-C1
age
174876
etag
W/"1f6b8-18cd21bf31d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
x-amz-cf-id
SmoRhuHyyG7z57jennAqG1RxHa9VI5SmHYHrp2m2D0n2VxeMsnTTIQ==
x-proxy-cache
HIT
09ec2bd.js
go.reference.com/_nuxt/
7 KB
3 KB
Script
General
Full URL
https://go.reference.com/_nuxt/09ec2bd.js
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:3800:11:62b2:fb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
a146d5aa256e147ca24a08768d0fa4b55dcd6d88b9b64cb9e331c1977ad985e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 03:48:08 GMT
content-encoding
gzip
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Thu, 04 Jan 2024 01:34:56 GMT
server
nginx/1.20.1
x-amz-cf-pop
FRA53-C1
age
173360
etag
W/"1a75-18cd21bf31d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
x-amz-cf-id
dNR0-rpnlVUWukuLQ9OUJfeYxYA5PC2tdcfmiCNMmYa0NNxAnKnAiw==
x-proxy-cache
MISS
541fabd.js
go.reference.com/_nuxt/
15 KB
6 KB
Script
General
Full URL
https://go.reference.com/_nuxt/541fabd.js
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:3800:11:62b2:fb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
74670299daa23699978132210d004c876acd892133e60aa9221599cb578af069

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 03:22:56 GMT
content-encoding
gzip
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Thu, 04 Jan 2024 01:34:19 GMT
server
nginx/1.20.1
x-amz-cf-pop
FRA53-C1
age
174872
etag
W/"3d7a-18cd21b6397"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
x-amz-cf-id
TFS6OoxVBvdNnPy0kehsaY6kQFdi6z9H3_xAGBTaUWCf6e95JM-c8w==
x-proxy-cache
MISS
6e2a157.js
go.reference.com/_nuxt/
2 KB
1 KB
Script
General
Full URL
https://go.reference.com/_nuxt/6e2a157.js
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:3800:11:62b2:fb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
54579700dc29a4e3c35e620a28f6a5c3f20d6c98c58639d37be24d4b202b815e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 03:48:08 GMT
content-encoding
gzip
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Thu, 04 Jan 2024 01:34:56 GMT
server
nginx/1.20.1
x-amz-cf-pop
FRA53-C1
age
173360
etag
W/"627-18cd21bf325"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
x-amz-cf-id
rzMgLhCDUgXA3cAdh0YZ7tOBTiTDwxZW0GFJMSDD8AC9xDNVcjviPA==
x-proxy-cache
MISS
2ca9d1e.js
go.reference.com/_nuxt/
19 KB
6 KB
Script
General
Full URL
https://go.reference.com/_nuxt/2ca9d1e.js
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:3800:11:62b2:fb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
71f7a5b6446504c72e00f71977d8480fdae99b6f0e96cd25c90ea6c33c55dde8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 03:48:08 GMT
content-encoding
gzip
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Thu, 04 Jan 2024 01:34:56 GMT
server
nginx/1.20.1
x-amz-cf-pop
FRA53-C1
age
173360
etag
W/"4c2e-18cd21bf321"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
x-amz-cf-id
99KBi1kntQeN8CSQ9OoHxERBD43jO91GIjLscVIxQZkFhbt_3XKM5w==
x-proxy-cache
MISS
6b0a68b.js
go.reference.com/_nuxt/
19 KB
6 KB
Script
General
Full URL
https://go.reference.com/_nuxt/6b0a68b.js
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:3800:11:62b2:fb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
279540792670cb145b13fe4de17eb117a35aa237e5af9833e83504350ed72341

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 03:48:08 GMT
content-encoding
gzip
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Thu, 04 Jan 2024 01:34:56 GMT
server
nginx/1.20.1
x-amz-cf-pop
FRA53-C1
age
173360
etag
W/"4b06-18cd21bf321"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
x-amz-cf-id
FvaZzD_D0bhAMe8rHEKToiJ2bHq3UtSAsIiXQjdnhn8mQ3vXjIUCTA==
x-proxy-cache
MISS
7c13e8c.js
go.reference.com/_nuxt/
6 KB
3 KB
Script
General
Full URL
https://go.reference.com/_nuxt/7c13e8c.js
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:3800:11:62b2:fb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
deff08124b439bd4b16ee4437210ffe66621ec6a8cad0a49fb9eab779cbac99f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 03:48:08 GMT
content-encoding
gzip
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Thu, 04 Jan 2024 01:34:56 GMT
server
nginx/1.20.1
x-amz-cf-pop
FRA53-C1
age
173360
etag
W/"16ea-18cd21bf31d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
x-amz-cf-id
02UIUkG-R55ubF6vM-dD_lEXYPNkRntTMKYx0mDo1Mn9DSJIJ53HEw==
x-proxy-cache
MISS
2678799.js
go.reference.com/_nuxt/
19 KB
6 KB
Script
General
Full URL
https://go.reference.com/_nuxt/2678799.js
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:3800:11:62b2:fb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
fa78aff1e5c7b84208f4b879f5cbc42427677fc6272287648162029640beda40

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 03:48:08 GMT
content-encoding
gzip
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Thu, 04 Jan 2024 01:34:56 GMT
server
nginx/1.20.1
x-amz-cf-pop
FRA53-C1
age
173360
etag
W/"4bce-18cd21bf321"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
x-amz-cf-id
OkpZrTyRYwgsPBcsqYvwH9ws_NjNVPVIf40AG0gzWvzBPm9zllCp6A==
x-proxy-cache
MISS
6ea09ed.js
go.reference.com/_nuxt/
3 KB
2 KB
Script
General
Full URL
https://go.reference.com/_nuxt/6ea09ed.js
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:3800:11:62b2:fb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
7c7605424b0c46f1e644cc0b794ddf92a7275f67d1d59a7480c7f318fc26c970

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 03:48:08 GMT
content-encoding
gzip
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Thu, 04 Jan 2024 01:34:56 GMT
server
nginx/1.20.1
x-amz-cf-pop
FRA53-C1
age
173360
etag
W/"ae2-18cd21bf321"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
x-amz-cf-id
1cTttDdzeQnNPvpcp3zHzzzz0QmXFOzumhSWtQooUiJim_pmnLmSZw==
x-proxy-cache
MISS
dc62f10.js
go.reference.com/_nuxt/
7 KB
3 KB
Script
General
Full URL
https://go.reference.com/_nuxt/dc62f10.js
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:3800:11:62b2:fb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
89c9536b57c05759c2793f73085a0db086e2f6d7f14c59421a6129ede9928f67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 03:48:08 GMT
content-encoding
gzip
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Thu, 04 Jan 2024 01:34:56 GMT
server
nginx/1.20.1
x-amz-cf-pop
FRA53-C1
age
173360
etag
W/"1ac4-18cd21bf321"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
x-amz-cf-id
VEsqGel0nt_btd4oto8fnvNiCWwTkdqLYwKt9_YjwCu4aRZk3LCAcw==
x-proxy-cache
MISS
5f2c2c1.js
go.reference.com/_nuxt/
2 KB
2 KB
Script
General
Full URL
https://go.reference.com/_nuxt/5f2c2c1.js
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:3800:11:62b2:fb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
d01ce99874720d69770b536b48a19df5666b5c72df23eeb804ec4b4ff9e65999

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 03:22:52 GMT
content-encoding
gzip
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Thu, 04 Jan 2024 01:34:56 GMT
server
nginx/1.20.1
x-amz-cf-pop
FRA53-C1
age
174876
etag
W/"9ba-18cd21bf325"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
x-amz-cf-id
zWCsCWqGblJge2eKbwh6Ya_AdbalYx4XfchFRIaekU1nODuuT2fm9A==
x-proxy-cache
HIT
baf91bc.js
go.reference.com/_nuxt/
7 KB
3 KB
Script
General
Full URL
https://go.reference.com/_nuxt/baf91bc.js
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:3800:11:62b2:fb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
57ad84e54bfb9323e46905c2cfcc0fbed505e3139080160c3e2fc019e1091c94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 03:48:08 GMT
content-encoding
gzip
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Thu, 04 Jan 2024 01:34:56 GMT
server
nginx/1.20.1
x-amz-cf-pop
FRA53-C1
age
173360
etag
W/"1bd3-18cd21bf31d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
x-amz-cf-id
t3XUnQ2nJZD0W5t6xr1bDY6_LXbk9_cBkrU09kHYS_jC_NsCUfPBeQ==
x-proxy-cache
HIT
4ade9d2.js
go.reference.com/_nuxt/
5 KB
3 KB
Script
General
Full URL
https://go.reference.com/_nuxt/4ade9d2.js
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:3800:11:62b2:fb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
14e417ff1eae7ddb33c0a2b75c5d0fa5f1b1d1b7e4d22009b75370178860c83a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 03:48:08 GMT
content-encoding
gzip
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Thu, 04 Jan 2024 01:34:56 GMT
server
nginx/1.20.1
x-amz-cf-pop
FRA53-C1
age
173360
etag
W/"139a-18cd21bf31d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
x-amz-cf-id
6X8x0_VUx-ifJxC_QNdxp4j0SVAIUAgk4X7kMJMWTS1_4pkUQ0xQhg==
x-proxy-cache
HIT
reference.e5b43a5.png
go.reference.com/_nuxt/img/
21 KB
22 KB
Image
General
Full URL
https://go.reference.com/_nuxt/img/reference.e5b43a5.png
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:3800:11:62b2:fb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
dfbd71a5a027bc33e862e8a0bbfacf51cf3eac7dcd0baebfe82c584d3e3da281

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 02:00:53 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Thu, 04 Jan 2024 01:34:19 GMT
server
nginx/1.20.1
x-amz-cf-pop
FRA53-C1
age
179795
etag
W/"53d0-18cd21b6393"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
21456
x-amz-cf-id
Ajfz_ajfssE2ss2md5FX7orBwQogsPL2FbOvBzaKiP3i0QdgwpkCTg==
x-proxy-cache
HIT
1a
i.clean.gg/ Frame
0
0
Preflight
General
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://go.reference.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Sat, 06 Jan 2024 03:57:28 GMT
server
nginx/1.21.6
via
1.1 google
1a
i.clean.gg/
0
104 B
XHR
General
Full URL
https://i.clean.gg/1a
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://go.reference.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 06 Jan 2024 03:57:28 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
8e7e0ed9-a705-4981-a740-569e3f7871ee.json
cdn.cookielaw.org/consent/8e7e0ed9-a705-4981-a740-569e3f7871ee/
5 KB
2 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/8e7e0ed9-a705-4981-a740-569e3f7871ee/8e7e0ed9-a705-4981-a740-569e3f7871ee.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc1d292cf7cd44b97a504cd2efbb51fbb370eb8614487b90b1aaf1e4437d4e02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 06 Jan 2024 03:57:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
sqTFj3yNLSTFA3BYM3oHuQ==
content-length
1845
x-ms-lease-status
unlocked
last-modified
Mon, 18 Dec 2023 15:36:36 GMT
server
cloudflare
etag
0x8DBFFDF1F106971
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
feb11f51-d01e-004e-46c8-31170b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8411097c0996aca7-TXL
expires
Sun, 07 Jan 2024 03:57:28 GMT
91588f9ee5c294d344df4b0dcaa1ac22.svg
go.reference.com/_nuxt/
14 KB
7 KB
Other
General
Full URL
https://go.reference.com/_nuxt/91588f9ee5c294d344df4b0dcaa1ac22.svg
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:3800:11:62b2:fb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
34246fca390db5a6e53a827dd31c29963a0e96b1a13aef99fb58f5ad30c5c261

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 01:51:11 GMT
content-encoding
gzip
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Thu, 04 Jan 2024 01:34:19 GMT
server
nginx/1.20.1
x-amz-cf-pop
FRA53-C1
age
180377
etag
W/"39b5-18cd21b6393"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=31536000
x-amz-cf-id
1JZQpLsZe7Nf9F4F5A8FdhqLQ4YOVfwABkFeuLYpEIEGws_aFRy1_A==
x-proxy-cache
MISS
K8SvkBkNRQzGECxFf
k8svkbknrqzgecxff.ay.delivery/manager/
169 KB
14 KB
Script
General
Full URL
https://k8svkbknrqzgecxff.ay.delivery/manager/K8SvkBkNRQzGECxFf
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cc02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af79ac2b5e926d361973f4c7d4d271ddc3d37d72ef69e6ddbb8b8444cc7ae039

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:28 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"cdc950d679eb4850bdaf1238"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wu2Fmu34prIgItfaIg4goVkpga0qs609T8YJrAA7GTo%2FHaJ%2BUgdmug4zpXIWJgjgiCV7Fo8n3rDMUivXbbaizDYy3zevg0Ii78a5Bqpe7GB0NyNXc9vooG9xawoPyNoq1yoKKSeUNPgFPH4RtHoQ4lRrsHB6XfGTBfw5GQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
cf-ray
8411097d2d866630-AMS
link
<https://securepubads.g.doubleclick.net/tag/js/gpt.js>; rel=preload; as=script, <https://K8SvkBkNRQzGECxFf.ay.delivery/manager-script/yield-manager-script-v2.2.16-prod>; rel=preload; as=script, <https://c.amazon-adsystem.com/aax2/apstag.js>; rel=preload; as=script, <https://K8SvkBkNRQzGECxFf.ay.delivery/manager-script/K8SvkBkNRQzGECxFf.deploy?v=3x4B7QenwA7pjmAKN>; rel=preload; as=script
alt-svc
h3=":443"; ma=86400
vwpt.js
static.vidazoo.com/basev/
229 KB
56 KB
Script
General
Full URL
https://static.vidazoo.com/basev/vwpt.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:751 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e605414c5d690913c053ec344fd3fd58b19ecd5f111fb05e4e912bc52a77fa66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:28 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
FYK9C5AE9F0Z392J
age
6694
x-amz-server-side-encryption
AES256
content-length
56429
x-amz-id-2
067WgrQU5db2illwymlJ7atxaQdMorRuXVWUX5PuqsRWQJ0E9Gx93En/SztSVSlVQittdORRyDw=
last-modified
Tue, 07 Nov 2023 11:26:12 GMT
server
cloudflare
etag
"576a1e0bb56226dbd3a2a239a03e01ae"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8411097d1f6d44f8-TXL
access-control-allow-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
expires
Sun, 07 Jan 2024 03:57:28 GMT
latest.js
static.kueezrtb.com/
439 B
761 B
Script
General
Full URL
https://static.kueezrtb.com/latest.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:237b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fbee40d848d6df79b375ca87bdb53f4e97bfb3c6dc2a1d03cb8fd74a395eca4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:28 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
VSGYE324H247SDW9
age
500067
x-amz-id-2
gvIvZJXlWux8FizpZ1GJpItInnODQ0lP8+UXOdryGHQzPXkg3NZJdK2ALhxsFDpmxUzEWK56jdU=
last-modified
Sun, 08 Oct 2023 15:41:30 GMT
server
cloudflare
etag
W/"f89c5fc5dc377ecc028df3e7a69bce1d"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
x-amz-meta-access-control-allow-origin, x-amz-meta-access-control-allow-methods
cache-control
max-age=31536000
cf-ray
8411097c6b6d71c4-FRA
Maldives-v3-1.jpg
cdn.posts.market/content/images/2023/08/
184 KB
184 KB
Image
General
Full URL
https://cdn.posts.market/content/images/2023/08/Maldives-v3-1.jpg
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:89a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
563439a9e9bb0dad3b4d41eda3098615b021371f3551ff6255a20e355503e812

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:28 GMT
via
1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-P7
x-powered-by
Express
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
187911
last-modified
Tue, 15 Aug 2023 21:45:25 GMT
server
cloudflare
etag
W/"2de07-189fb292862"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WSm36W%2Fm1xT2BCvO6co1Q6s1xSawn%2B3DZBaSZ6i0da4F3Ud6kPAXh9wvPiA0Sw7vFeF781AntIE%2FWw6229ZXirDxVDm5XWNMsGI%2FlQgkLkTusf%2BEhS2DcZnzWualYbSq5uFJl0eCS7SFYv1ozV3a"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8411097d4f76364d-FRA
x-amz-cf-id
JGjOC5Db4N1jKQudh3KXWRwLa0sjRMQMPV55OOCya9r_AIkVbDg2iA==
x-proxy-cache
MISS
Venice--Italy-1.jpg
cdn.posts.market/content/images/2023/08/
187 KB
187 KB
Image
General
Full URL
https://cdn.posts.market/content/images/2023/08/Venice--Italy-1.jpg
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:89a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
18d46aa15525e75f9d27d0b3d4efcc8ef99e530984651d8766249682c18d30bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:28 GMT
via
1.1 56317bf75183e752b06c880e8a1e502a.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-P7
x-powered-by
Express
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
191220
last-modified
Wed, 16 Aug 2023 00:01:21 GMT
server
cloudflare
etag
W/"2eaf4-189fba59a91"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e3zMewciHGQZ4Dj%2FGPVEmfoBgTWrZGrEwJVuY%2Fnyrb5Tk8EKZBll2pTB%2Fbd5gY0v4KYY1cck8uV2fgLKQBgaIutkRl5Mr0geO2Me3rAFw7cOFH4QDLp7V7x6C6NsfAkBSSR9SR17bC2t5HfgsI63"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8411097d4f73364d-FRA
x-amz-cf-id
zdc3A_ElbVhS44jSiIxsuF5tzJOY2wF_dZZawgXxQ2xvUUqtOYaH1w==
x-proxy-cache
MISS
Banff-Canada-1.jpg
cdn.posts.market/content/images/2023/08/
167 KB
167 KB
Image
General
Full URL
https://cdn.posts.market/content/images/2023/08/Banff-Canada-1.jpg
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:89a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
4976b54e7ea72aa3991edcff214781c018be382b1e94cdfdcaa3e29c7d287975

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:28 GMT
via
1.1 602c4232f2a46df23c54a6eec1d7e048.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
AMS1-P3
x-powered-by
Express
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
170585
last-modified
Tue, 15 Aug 2023 23:50:29 GMT
server
cloudflare
etag
W/"29a59-189fb9ba694"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YX96wrl3Eh46LTC4n9woFCCbiecLqUku34%2FZLZDK9cpcX%2Bw1hP5hlKAA4jMNetbYN3HdoYK4UUuQvXVOIh0EyQSofTTKOLFbDuZsNdjl7ZRiMzhziAu6LznOzgaoJnjRHgjIi1A53XJ5YHpPkBIu"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8411097d4f74364d-FRA
x-amz-cf-id
kf1ZopM4yl7o8HajlOdEFEr1lcl03I68dNd38psnJnOceyFup2_F5g==
x-proxy-cache
MISS
Tuscany-Italy-1.jpg
cdn.posts.market/content/images/2023/08/
129 KB
129 KB
Image
General
Full URL
https://cdn.posts.market/content/images/2023/08/Tuscany-Italy-1.jpg
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:89a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ca38ec443ae3c304531de562c46634ba2dc46d7d8ea510cc5e9462d48e6c5ade

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:28 GMT
via
1.1 054609fe51831eb8825d39133f1a4c84.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
AMS1-P3
x-powered-by
Express
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
131912
last-modified
Tue, 15 Aug 2023 23:47:41 GMT
server
cloudflare
etag
W/"20348-189fb9918c5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A4OqluD%2F5MBDmCi1x%2F0v6IPmWzdeAcCESASVRjo8cVINQb6s54gR1Uf2Xy3lCP1XJpsPz5R7GbfyNeylv%2FxiGHeQ68jokZvtL9KpnpkB87vcVSyVoJ4RXYg3IBUuG6Zhk53wIxs3aMyVeOmZpunL"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8411097d6f8e364d-FRA
x-amz-cf-id
w06MxDurqC7vFqb-zOYCSItKF-JwlqucRNs_P0-pM4YVm16x27jaSg==
x-proxy-cache
MISS
Dubai--UAE-1.jpg
cdn.posts.market/content/images/2023/08/
192 KB
193 KB
Image
General
Full URL
https://cdn.posts.market/content/images/2023/08/Dubai--UAE-1.jpg
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:89a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
3f64810042b6c86a795eea830d9078bb792e171408bec6f1b5874b3ede687c30

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:28 GMT
via
1.1 52bf0b7935ffde0b5e26a7e27e5fe4ce.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
AMS1-P3
x-powered-by
Express
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
196817
last-modified
Tue, 15 Aug 2023 22:27:46 GMT
server
cloudflare
etag
W/"300d1-189fb4fec2e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2BFogN63MwB%2BlXJnJMo5WxuYYvI6bZgVaGWner2p20865stMl8kP9uUC8T%2BOO%2Fcp9b0xp0ijTpIncLW3m6vHa4xLidIL27QqolKR92llzbFJoMzlk62P%2Bpy7D6M%2FeKSn5WHdrxsO6sNU3QqiWZtg"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8411097d4f7d364d-FRA
x-amz-cf-id
tWVBsMSYKDL6f7XgLHOuA-6QAC_p4NkxO01CAF16sxlwjz2TDO05rQ==
x-proxy-cache
MISS
Halong-Bay--Vietnam-1.jpg
cdn.posts.market/content/images/2023/08/
171 KB
172 KB
Image
General
Full URL
https://cdn.posts.market/content/images/2023/08/Halong-Bay--Vietnam-1.jpg
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:89a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
df05a2636a9922f5575c2ef8712daa7e6fcae15d9bb74828298903697b08f9f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:28 GMT
via
1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-P7
x-powered-by
Express
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
175427
last-modified
Wed, 16 Aug 2023 00:00:50 GMT
server
cloudflare
etag
W/"2ad43-189fba521bd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lcsYs144jOZK90gCdsQ%2FcwHYx2xZpHeMpp8XjjAQh%2FkiOd4R0CgD2E1Sb86%2BrjlJicrLe0HJy5mhnsqVohDKpQwPNhbl1WOLYZnEMWrNM5IdIu3TQEsvUgiNv98Kb9TzVWp3HaqmahHlUGuJGy7t"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8411097d6f8d364d-FRA
x-amz-cf-id
0nvwKmHQH-KNfNGp34ww6KxNQwYpZEcUosdL-NIpNSdC8uWXXIIb_Q==
x-proxy-cache
MISS
Tulum-Mexico-1.jpg
cdn.posts.market/content/images/2023/08/
145 KB
145 KB
Image
General
Full URL
https://cdn.posts.market/content/images/2023/08/Tulum-Mexico-1.jpg
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:89a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
5850647bd1bce91c55b146a43f330dd3c177828b73dcf0cdb2d4f18c99f44441

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:28 GMT
via
1.1 78720628b37ebf3e33c42dc098252ee8.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-P7
x-powered-by
Express
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
148104
last-modified
Tue, 15 Aug 2023 22:02:12 GMT
server
cloudflare
etag
W/"24288-189fb388355"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ro8q3BSFFM2zQ8Ui%2BHj96PIwb2QDDH7UyWflhd2otjo3b7bOWPC8xrL7Revqg0%2B6l%2BCL6P5idKsQWFhUGmjOeX2DjWA29jiG4Swj7Ncib9bzgOnhs48WdLOb4L%2BS5KkcmahXEXbGeVD%2FHMwkQ4lS"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8411097d6f90364d-FRA
x-amz-cf-id
mE8Z7AU00JNyfyzNjUnpqJxbtut1rODi7G-nnHNe0a1p7m1VOV3k6A==
x-proxy-cache
MISS
Swiss-Alps--Switzerland-1.jpg
cdn.posts.market/content/images/2023/08/
149 KB
150 KB
Image
General
Full URL
https://cdn.posts.market/content/images/2023/08/Swiss-Alps--Switzerland-1.jpg
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:89a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
316c28acd7a183bd98a850091c18885b64638c38a53a5d83355b9bf491892ac1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:28 GMT
via
1.1 3f2f1c546e63f10a66abd1c978af36f6.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
AMS1-P3
x-powered-by
Express
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
152566
last-modified
Tue, 15 Aug 2023 23:50:07 GMT
server
cloudflare
etag
W/"253f6-189fb9b50dc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2FJ1R5FDNqljL2BBIcz2TL91171oYho076pO%2F9iWC2DYpRc8bBirl269Mol5z%2BR8%2BAwjedeRkNKayi%2BisQQaLwr5S8QtkFjx%2BXzkPWDu8bxWGyIZ5N3YamEtt7C%2BnpYuOGmQ24T5os1bD%2FYECg4K"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8411097d6f92364d-FRA
x-amz-cf-id
hclkXnzbnynHeRk4HZFsdeeEDcDDeoym_vaorrqLMc8oTkdVbwKpCA==
x-proxy-cache
MISS
Paris-France-1.jpg
cdn.posts.market/content/images/2023/08/
221 KB
222 KB
Image
General
Full URL
https://cdn.posts.market/content/images/2023/08/Paris-France-1.jpg
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:89a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
1ebbfbc542fa2ebfd7e9ea646dde4e52fbc9f373be977e847e57ce67d24df2f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:28 GMT
via
1.1 7cbec639ed3557aac04425ec5a5f177a.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
AMS1-P3
x-powered-by
Express
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
226798
last-modified
Tue, 15 Aug 2023 22:25:31 GMT
server
cloudflare
etag
W/"375ee-189fb4dde97"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fXlYz7b8HWh5gr3jfj6OL17lLf7gEUKyjlV04%2FPINV5CW%2FlUS%2FIdfnWax7EvminEAlkG%2FI%2ByyHFMbXu8clBa2hqtVTtCycv1XUOJIWRYbU23Ond0rj26ty1xg%2FDdHDs6TXS0oiSesIqxiE6lvWKL"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8411097d6f94364d-FRA
x-amz-cf-id
-TmkCLkmOhagwQdK9_lKwxmyOadRThdAqf2lg4jvILahnnNKZZKhQA==
x-proxy-cache
MISS
Top-5-Cruise---Water-Destinations--The-Ultimate-Waterborne-Escapes.jpg
cdn.posts.market/content/images/2023/08/
145 KB
146 KB
Image
General
Full URL
https://cdn.posts.market/content/images/2023/08/Top-5-Cruise---Water-Destinations--The-Ultimate-Waterborne-Escapes.jpg
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:89a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
8f6ab9c093ecaf741874aed939025a9c71ad0f10acd4d8e060232d8fb0e20ae9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:28 GMT
via
1.1 6f32a39163a1e36ace7a71a85e2d2884.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-P7
x-powered-by
Express
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
148751
last-modified
Wed, 16 Aug 2023 00:00:33 GMT
server
cloudflare
etag
W/"2450f-189fba4de79"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xSwzOM2nYjixF6zxbpm2sHYIBhICEqP8B0brW8pT3THREa8%2B3sc%2BIC8DjrDmOuSG%2BYXaMryG%2FjPxs8jRwr6eQAzOPdXwoLDJLgPHVSXewiQZedO6nj9l0IAHlnOwoKF9JI39d8P1vPd4zM0SEoRf"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8411097d4f79364d-FRA
x-amz-cf-id
Ckl0oSazNDOej7Ii7Zmk4736ba_1g0NCjla6qG_TZn5iZGA_GnjP_A==
x-proxy-cache
MISS
Top-5-Countryside---Villages.jpg
cdn.posts.market/content/images/2023/08/
164 KB
164 KB
Image
General
Full URL
https://cdn.posts.market/content/images/2023/08/Top-5-Countryside---Villages.jpg
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:89a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
b6036c20cac3a3fa83d32247581f9c02b52bad39ce02a673761c46777f3d9554

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:28 GMT
via
1.1 3f2f1c546e63f10a66abd1c978af36f6.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
AMS1-P3
x-powered-by
Express
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
167544
last-modified
Tue, 15 Aug 2023 23:28:22 GMT
server
cloudflare
etag
W/"28e78-189fb87683a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qB1OCSspJfXY2c%2Bbn25K6Pi6dXzEj3EVJpqlNJgFvAeqgcyA8jn7TPCfa8hLF0S7jG4%2FmDsAV6ir5%2F9oPb8%2F%2FkDxHNxLqf7qweKd1Pp1vQDmdNgRgRQYFEYFYj2vXur3AXOapVH%2Bmk%2FpftK3GQk%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8411097d4f7c364d-FRA
x-amz-cf-id
iJD6e0i7J5FNyWcX15eKvBaZVHeCA6qWFM5t37HmyVvqr5aQ2KgV2A==
x-proxy-cache
MISS
Top-5-Beach-Getaways--Dive-into-Paradise-v2.jpg
cdn.posts.market/content/images/2023/08/
167 KB
168 KB
Image
General
Full URL
https://cdn.posts.market/content/images/2023/08/Top-5-Beach-Getaways--Dive-into-Paradise-v2.jpg
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:89a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a37f0e5b8d70415f6d7a8e29b64f70c2c528b3c61b6b53395da257b834c61d8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:28 GMT
via
1.1 0ce4e0ab92519d33ff3c6cca42806b7e.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
AMS1-P3
x-powered-by
Express
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
171020
last-modified
Tue, 15 Aug 2023 21:29:39 GMT
server
cloudflare
etag
W/"29c0c-189fb1ab60e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ncS2Pz3iwR0zUL7iFVrYPVLiWvcGG8nWWaRG7UOOiEmsjAry6ScHCP7fA5Gu3JO3ooSVOuzqyIGlcRd2HLOPM1yoB4xG4SydDjKODmFj5Qyl4Mrq76FGYcsa5ucX2sqJjOHX9gtvwLn7amuZPK06"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8411097d4f77364d-FRA
x-amz-cf-id
cCuWR_MYKWKP3FsJOwGwPUhl2ASoNXGgYv-1hPijpVe9JimK-D0k0A==
x-proxy-cache
MISS
Top-5-City-Breaks.jpg
cdn.posts.market/content/images/2023/08/
193 KB
193 KB
Image
General
Full URL
https://cdn.posts.market/content/images/2023/08/Top-5-City-Breaks.jpg
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:89a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
068e563a3e23f7e5d68ea38d212bafbba0ffa23c616f3c8e9d4e3057b7bdebb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:28 GMT
via
1.1 78720628b37ebf3e33c42dc098252ee8.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-P7
x-powered-by
Express
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
197319
last-modified
Tue, 15 Aug 2023 22:23:36 GMT
server
cloudflare
etag
W/"302c7-189fb4c1e27"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mB%2FHML1Kg4YFsQkciRzb1dxh6CqDetXBfor%2FtQSU67TbPn6%2FjOyslI29CxwIIvzMrKJe4cqu3lezbdIz8zb5bNcnBrxO9LiLM7pxkiC%2FkTAQ56Zm4rqDblvRwSIcU5FluMnRJ4oKMMrHpes%2F3CQr"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8411097d4f7a364d-FRA
x-amz-cf-id
axhEMzdGviJLJiioU59nfd_49_lsyuYRbw2p2IT7PkQmgd_Q71jtBQ==
x-proxy-cache
MISS
Top-5-Mountain-Retreats.jpg
cdn.posts.market/content/images/2023/08/
179 KB
180 KB
Image
General
Full URL
https://cdn.posts.market/content/images/2023/08/Top-5-Mountain-Retreats.jpg
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:89a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
afa02ef08663ef376aa8e2cb4035cfc818d601d0daef6f58d66f532f5ea4c8e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:28 GMT
via
1.1 78720628b37ebf3e33c42dc098252ee8.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-P7
x-powered-by
Express
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
183420
last-modified
Tue, 15 Aug 2023 23:49:40 GMT
server
cloudflare
etag
W/"2cc7c-189fb9ae91c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IY8jrlTdz%2BmzGsro8rddmzQzlSwF9wwVaKxsY7WrDac7aBGrxDAe5DCNzufglazncc%2B78Bp%2BYq%2FjgpZvXYF1yU9fPDDOj%2FVefwqFWANJ%2FxyekwKHT0U%2Bfkwhdh8ZhlHdfMvlvylvp6uIOauOkDBk"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8411097d6f96364d-FRA
x-amz-cf-id
FvL58ALk5wjot5IxF4757WkZ7Lo7kj91aU7rfl4fW1rz6OyxlAFw9A==
x-proxy-cache
MISS
roboto-v29-latin-regular.woff2
go.reference.com/fonts/
15 KB
16 KB
Font
General
Full URL
https://go.reference.com/fonts/roboto-v29-latin-regular.woff2
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:3800:11:62b2:fb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Request headers

Referer
https://go.reference.com/
Origin
https://go.reference.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 02:30:27 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Thu, 14 Apr 2022 00:02:34 GMT
server
nginx/1.20.1
x-amz-cf-pop
FRA53-C1
age
5221
etag
W/"3d48-1802560fc83"
x-cache
Hit from cloudfront
content-type
font/woff2
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
15688
x-amz-cf-id
z6rwuw-jvxpIFeSKxejTdlWmagEn5isxkpy7SBi1FHa8cMp01kijSQ==
x-proxy-cache
HIT
roboto-v29-latin-700.woff2
go.reference.com/fonts/
15 KB
16 KB
Font
General
Full URL
https://go.reference.com/fonts/roboto-v29-latin-700.woff2
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:3800:11:62b2:fb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Request headers

Referer
https://go.reference.com/
Origin
https://go.reference.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 16:24:21 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Thu, 14 Apr 2022 00:02:34 GMT
server
nginx/1.20.1
x-amz-cf-pop
FRA53-C1
age
41587
etag
W/"3dd4-1802560fc7f"
x-cache
Hit from cloudfront
content-type
font/woff2
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
15828
x-amz-cf-id
IjpG4IznVhmCBTbV74SNpsW5Nf6PxcwtzBm_MamliV84Kz13tXXd4Q==
x-proxy-cache
MISS
roboto-v29-latin-500.woff2
go.reference.com/fonts/
16 KB
16 KB
Font
General
Full URL
https://go.reference.com/fonts/roboto-v29-latin-500.woff2
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:3800:11:62b2:fb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Request headers

Referer
https://go.reference.com/
Origin
https://go.reference.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 04:18:58 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Thu, 14 Apr 2022 00:02:34 GMT
server
nginx/1.20.1
x-amz-cf-pop
FRA53-C1
age
85110
etag
W/"3e30-1802560fc7f"
x-cache
Hit from cloudfront
content-type
font/woff2
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
15920
x-amz-cf-id
slmok4p-gvmEOEfaAEhrL6dN8vOEEvGpus-V9bmoxs3FhAyQGUNjww==
x-proxy-cache
MISS
roboto-v29-latin-900.woff2
go.reference.com/fonts/
15 KB
16 KB
Font
General
Full URL
https://go.reference.com/fonts/roboto-v29-latin-900.woff2
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:3800:11:62b2:fb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f

Request headers

Referer
https://go.reference.com/
Origin
https://go.reference.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 04:18:58 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Thu, 14 Apr 2022 00:02:34 GMT
server
nginx/1.20.1
x-amz-cf-pop
FRA53-C1
age
85110
etag
W/"3d6c-1802560fc7f"
x-cache
Hit from cloudfront
content-type
font/woff2
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
15724
x-amz-cf-id
vLZzTEf3YNc5Bwh_Vz2N90ElKTAw_60JQ4ENzp-WoUuz5CXqSzMSjA==
x-proxy-cache
MISS
js
www.googletagmanager.com/gtag/
234 KB
81 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-10897832764&l=dataLayer
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f6f58e87644de346814d774672a874319a01273b89221b1e7e5ec124bebbbaf8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
82842
x-xss-protection
0
last-modified
Sat, 06 Jan 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 06 Jan 2024 03:57:28 GMT
Norwegian-Fjords--Norway-1.jpg
cdn.posts.market/content/images/2023/08/
215 KB
216 KB
Image
General
Full URL
https://cdn.posts.market/content/images/2023/08/Norwegian-Fjords--Norway-1.jpg
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:89a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ad5865729750c521eca63fffbeb4688502584e27301bd380a4465e352d41531f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:28 GMT
via
1.1 8ac1a27a8fede22f241f081ad0edec42.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
AMS1-P3
x-powered-by
Express
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
220224
last-modified
Wed, 16 Aug 2023 00:01:00 GMT
server
cloudflare
etag
W/"35c40-189fba54a29"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yBmNek11U1ww2daUJ9fDtaAQc7yWgv3gGFseVW7IS%2B8nlIaURv8C6mIKo3cW%2Fl348rSZJOz2exD2QbA9i12iRs%2BPQOECiB7nmxq%2FU96Wi3swBFvkoiIfscBQKpTV7cUVeuyr1F8RCB13m3sczJjo"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8411097d6f97364d-FRA
x-amz-cf-id
6f1QqKVfCG-m-YEVVkUwiG-mr32lDi0yOmPp8TkbVjhZoGlK5st7Mg==
x-proxy-cache
MISS
Bali-Indonesia-1.jpg
cdn.posts.market/content/images/2023/08/
179 KB
180 KB
Image
General
Full URL
https://cdn.posts.market/content/images/2023/08/Bali-Indonesia-1.jpg
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:89a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d943e1f814571171633d63d210d7e87074ee0d6f94a146a528eb43df38bcce10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:28 GMT
via
1.1 054609fe51831eb8825d39133f1a4c84.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
AMS1-P3
x-powered-by
Express
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
183217
last-modified
Tue, 15 Aug 2023 22:01:47 GMT
server
cloudflare
etag
W/"2cbb1-189fb382209"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V48ixnwjo9bLrkRwYarxPbwOARroQiKq1UbjfuNZNKF%2FceVRbHFhN%2FWGdJ6%2FBNBD2azTus4WoCklehGikrnjSAhBInpEG9LgU9AcohqtlUbR2uu7QQFoSI%2FzjJ3OpmI%2FKTMDGIe4XpXGmil6B4QL"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8411097d6f98364d-FRA
x-amz-cf-id
HTsHsTYSZR6nvSdXX0LrjzNyv0B8LmolJKFKSyLYjOqFqqXrdjQZ8g==
x-proxy-cache
MISS
Aspen-Colorado-1.jpg
cdn.posts.market/content/images/2023/08/
212 KB
213 KB
Image
General
Full URL
https://cdn.posts.market/content/images/2023/08/Aspen-Colorado-1.jpg
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:89a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
6078f478b76efc2515f201fcae446ab53c55a6e0ea438824f82b4d22c1ae5f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:28 GMT
via
1.1 8c92bd4fd6a606ee9b09d4fd234f7ca8.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
AMS1-P3
x-powered-by
Express
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
217468
last-modified
Tue, 15 Aug 2023 23:50:55 GMT
server
cloudflare
etag
W/"3517c-189fb9c0bf8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pDJraEoeuROB2yM%2BHtz0d35Z%2BOEBMde4ZKkjzHz3z9dN3sAD7Z9mg32FMgXGlebI9M6P4hdPa5vqfQR%2FC5EPHNGHAe%2BGacWEaFdk4RzPrej2k58O7wfdEXz6S0bfFQOGVIls0nIAC5adohPZS7NR"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8411097d6f9a364d-FRA
x-amz-cf-id
PtIvDE1r1g5q0z3VXv5rxIlQKAkzjvMT1eaC3d80ld_9T0fNAT_pZg==
x-proxy-cache
MISS
Provence-France-1.jpg
cdn.posts.market/content/images/2023/08/
184 KB
184 KB
Image
General
Full URL
https://cdn.posts.market/content/images/2023/08/Provence-France-1.jpg
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:89a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
9a32ba4aeee3a0a938b96770c6eeb2c47fb91f779a9b45b127adaab290ec3f1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:28 GMT
via
1.1 1cd1c24523b61d46b093d317bb196d92.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
AMS1-P3
x-powered-by
Express
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
187911
last-modified
Tue, 15 Aug 2023 23:50:17 GMT
server
cloudflare
etag
W/"2de07-189fb9b771c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1AKaU6S50XthrYGmk4m4w7Nq8NyKCasXB9gtItn4JL3WoNtKrNh4gisX6cw7nHKPLkJKMP0ASu2yNu1oofBILLPquOH%2FqArMgBtKX9%2BUztikUxibSy0tBtj%2B4Jg2CCkcmLKHlH7qqbmmeKKjDnRO"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8411097d6f9b364d-FRA
x-amz-cf-id
z_BgBTjxA7u2wfhjQE1aPc4CXOi2qmJonMvCnpv4AoPJKKC5bddgPw==
x-proxy-cache
MISS
Rome-Italy-1.jpg
cdn.posts.market/content/images/2023/08/
201 KB
202 KB
Image
General
Full URL
https://cdn.posts.market/content/images/2023/08/Rome-Italy-1.jpg
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:89a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a91532e0dc6d9d732e35d521294df677ed37586afb1d6b986c698957c228e0da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:28 GMT
via
1.1 fde85e7daa13f95cf6b8f5fa09c62ef6.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-P7
x-powered-by
Express
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
206089
last-modified
Tue, 15 Aug 2023 22:27:23 GMT
server
cloudflare
etag
W/"32509-189fb4f9422"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JjKTaq82OWdywr7fru1LzV6zF9C7wU5lrJDJk%2B%2FibEEujmu9R9P3tA4iD0yKsr3aKa8nITzud3tlBIeHXS%2B5DG93Si7yboM%2FUhQ2WCICdkc%2FN2JJ4t23huSQ8%2FamFRPOxnU%2FUSXQQBPQ4BzdKKA8"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8411097d6f9c364d-FRA
x-amz-cf-id
B_txGCqDQQvafZRUy5IWMhW_8uNVi0XPCEJw0YTWf4z5B2psB0BMVQ==
x-proxy-cache
MISS
Caribbean-Islands-1.jpg
cdn.posts.market/content/images/2023/08/
185 KB
186 KB
Image
General
Full URL
https://cdn.posts.market/content/images/2023/08/Caribbean-Islands-1.jpg
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:89a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e71c3f082f3def747def0df816b07b0406c8621637cedff4d36b824d09f29616

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:28 GMT
via
1.1 af33674114d993e3d216d91a5599afba.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
AMS1-P3
x-powered-by
Express
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
189431
last-modified
Wed, 16 Aug 2023 00:01:37 GMT
server
cloudflare
etag
W/"2e3f7-189fba5da81"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rD3eoWrYrm4fcRP4BDa8LU4K2EdCTvuEfbVESLSsG59WOeohRDJ7ufZjrOwfZfqv%2BKMO85zJwvwlwff6KIGKzHsgwn4MXPWtUJBtf95stOiZAl2TUSkIqbu163M%2BnmBCpanDwne5sv3bR%2BVio48O"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8411097d6f9d364d-FRA
x-amz-cf-id
5FsGt90ikF96hMbjo88lln5cGzUbmQsOxX-CnH-sZn3f3XUKABB7KQ==
x-proxy-cache
MISS
Queenstown--New-Zealand-1.jpg
cdn.posts.market/content/images/2023/08/
144 KB
144 KB
Image
General
Full URL
https://cdn.posts.market/content/images/2023/08/Queenstown--New-Zealand-1.jpg
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:89a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
71b95f59f4816029797d4eb3f751edc41cdfb4e1ea266bbb07e80abfbdbe7c8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:28 GMT
via
1.1 e07bd6386c24c4e98bde2dc8881304ee.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
AMS1-P3
x-powered-by
Express
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
147198
last-modified
Tue, 15 Aug 2023 23:50:43 GMT
server
cloudflare
etag
W/"23efe-189fb9bde50"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PrrGGu40Ql%2Fx370EaDQO0QZOfBqclYc0RENZGOaGmMZKPOWxu12MQ51tYK%2F9fjBSqUV2lcL2MILXPfjTRaDjJGtffpu%2BMv6%2BvsAkl2rEADOPSSbnkvjKCw%2BzBbCf6Bsy1oaTpHHSof2Bb9nu994r"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8411097d6f9e364d-FRA
x-amz-cf-id
6oEu1ehqVwVnTA4pQBdrpdEWOSC1Git8yW0eXuFKpwz6o66ZekBz1A==
x-proxy-cache
MISS
Kyoto-Japan-1.jpg
cdn.posts.market/content/images/2023/08/
164 KB
165 KB
Image
General
Full URL
https://cdn.posts.market/content/images/2023/08/Kyoto-Japan-1.jpg
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:89a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
eef530200aac4c70cfc31d3b960fc588fd3121ca9a2caa4a3a9d70007dc913ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:28 GMT
via
1.1 400be015a105355a3fb16d2aa2a6d926.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
AMS1-P3
x-powered-by
Express
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
168031
last-modified
Wed, 16 Aug 2023 00:00:09 GMT
server
cloudflare
etag
W/"2905f-189fba48159"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hlTrqh5Tb7VtxExPbDSmtYoV%2BUlOOE4hzLbBfTgK%2B1dgEsz02Y4u7SnxICdHOFNWbUfTJ5vUU%2B%2Fv%2BvMFGEEk1FTgeLIf6Htj6%2BiltxQCzwQDlJDYbKNX0UB%2Fw%2FsUI8782mSKMZH4K4Vhn6T3Jr6w"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8411097d6f9f364d-FRA
x-amz-cf-id
VTX8Ryi7FxSccYT-_qodfK4BDnha-oucQjq3Jgh1FYZT4N7hw2lP7g==
x-proxy-cache
EXPIRED
New-York-City-USA-4.jpg
cdn.posts.market/content/images/2023/08/
138 KB
139 KB
Image
General
Full URL
https://cdn.posts.market/content/images/2023/08/New-York-City-USA-4.jpg
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:89a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
498e37b1ccd45b158e7bd11277497e6575a1763c025a8cc98ace473a558d3fe6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:28 GMT
via
1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-P7
x-powered-by
Express
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
141071
last-modified
Tue, 15 Aug 2023 22:38:27 GMT
server
cloudflare
etag
W/"2270f-189fb59b36b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z9uv1ufbn5U9rODeSZDP%2BtqWbxQoxzm1qSmTxCKQPFC%2BudX4bG4Oddfab%2F%2B4xG9zI3OmokNMwF1OtGZ59eI6muCHp8HnL9kxm1BecGon24JtIVSZtTc6j40zBd6ClQnO6r0Vt5b0GzzItZZ7kPXT"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8411097d6fa0364d-FRA
x-amz-cf-id
1qTBWPQHkY_BZyY54eqimGcpQIRBuJWj8FIWTNpB8_FZMCaeJncrYA==
x-proxy-cache
EXPIRED
bora-bora-1.jpg
cdn.posts.market/content/images/2023/08/
185 KB
185 KB
Image
General
Full URL
https://cdn.posts.market/content/images/2023/08/bora-bora-1.jpg
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:89a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e5e76b9d614485a093f0a1104e76f5b9a2b14e01e0aaf7dff1e9cb6f7cd8b9f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:28 GMT
via
1.1 316c3f6f9514dc45c45cd1b2385757cc.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
AMS1-P3
x-powered-by
Express
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
188937
last-modified
Tue, 15 Aug 2023 22:01:00 GMT
server
cloudflare
etag
W/"2e209-189fb37698a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uD09aF8ubixAN9loKGus1w4%2BuSREML6opRLrr1VCz9kFG%2Fiz3e1BtruDJ%2BAgOb%2Bjnq9Q0DZu%2B%2BgW4x0Sv%2BzytiB3rO9kOLOCXUwbWemEdXVROsCEvW5bdm7FeIRues4Q9UBBj4sg%2BIFipeGiRoOR"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8411097d6fa1364d-FRA
x-amz-cf-id
FNt1l6oQ29TCCB6j6NPC898Rj-8M6VUHJJK8zZ0fm-_HpVHqF2qfaw==
x-proxy-cache
MISS
Santorini--Greece-1.jpg
cdn.posts.market/content/images/2023/08/
148 KB
149 KB
Image
General
Full URL
https://cdn.posts.market/content/images/2023/08/Santorini--Greece-1.jpg
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:89a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
c8f50f724ad30e191903ad83c190b2c20d44fbc0668eb5708ad7630ef91e5ae7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:28 GMT
via
1.1 8dc3ccc34d68ee81173fff2a80f72bde.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-P7
x-powered-by
Express
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
151948
last-modified
Tue, 15 Aug 2023 23:51:30 GMT
server
cloudflare
etag
W/"2518c-189fb9c9690"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fXCqtCtadwDe2WPsb0U1Hy9H%2FZxTkwcS8wXf09LjMM8wXEEgG50zowuA%2F6toJm%2FS3sIaBMyfsCPeUyw5BovwJ7o6mWNB1BAyS8kL3zWr4Y8VRUZ7F7Ic3tS3Go8EOxH9PDzWJGVUyKAACoho57vz"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8411097d6fa2364d-FRA
x-amz-cf-id
RjlrfrRCfRA50bcpD4Q4CKBO-iHxtb2Jtm3p6c1Ef4FNnRhUCU81Wg==
x-proxy-cache
EXPIRED
Gala-pagos-Islands--Ecuador-1.jpg
cdn.posts.market/content/images/2023/08/
158 KB
159 KB
Image
General
Full URL
https://cdn.posts.market/content/images/2023/08/Gala-pagos-Islands--Ecuador-1.jpg
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:89a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
5f1b3971c31ad70362fc258c3c7a193ada0e10f4d6f6905812eeb5deb0e5a16c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:28 GMT
via
1.1 ff78b299270b99e41cda1a1252610524.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
AMS1-P3
x-powered-by
Express
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
161729
last-modified
Wed, 16 Aug 2023 00:01:51 GMT
server
cloudflare
etag
W/"277c1-189fba60e7d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P1TolanMHHIyLuYlCQz3oZFtXJrM7QicWcXP6hhXyrCO%2BSTPsL7emTCRo1d7m%2BshvXdsuGkShNu1UVnR2nB7XvM%2BM8U%2FnHjcshXpLJZPZoWgxjTsTOemAm06kGFCBHpcis6mrZT0OZTkKS3MctOW"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8411097d6fa3364d-FRA
x-amz-cf-id
PjSm4ErfSWvrZ2fJCSNmSB9Ey2E_cCtVC1-Y_QjLD1taRRc1weinVw==
x-proxy-cache
EXPIRED
Shimla-India-1.jpg
cdn.posts.market/content/images/2023/08/
190 KB
190 KB
Image
General
Full URL
https://cdn.posts.market/content/images/2023/08/Shimla-India-1.jpg
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:89a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e61e11651e11b4cbdb352652fa721b8c391a67e2b749cea43e5b2deb6390e004

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:28 GMT
via
1.1 2efef6dd9770b3981ddd7a213ccc0dda.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
AMS1-P3
x-powered-by
Express
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
194286
last-modified
Tue, 15 Aug 2023 23:50:17 GMT
server
cloudflare
etag
W/"2f6ee-189fb9b77c8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0mf%2Bk1okfhzBXuKTB3TtMshplSk56gieNYviH3q6smsjSxuQeJoG%2FXK78k3vHAWA6NUlROZRzmlOkP%2FEUnt2P5wCzPxh7X1%2BND35HyBlZHOY2mp%2B9UDYg%2BCKBISok83MwklKg4zUUzYdEW4RkjSs"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8411097d6fa4364d-FRA
x-amz-cf-id
f5CI1OalSMWuNekglxNk61GU7RaLOzsgMfpV2KAK7Mpn2MzFGoJyfw==
x-proxy-cache
EXPIRED
Seychelles-1.jpg
cdn.posts.market/content/images/2023/08/
168 KB
169 KB
Image
General
Full URL
https://cdn.posts.market/content/images/2023/08/Seychelles-1.jpg
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:89a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
04799964068159c51a303b8039a7d16535d1d932d2aa248e43ecf64e478e3b75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:28 GMT
via
1.1 3199fed6c4260c9448326645d333530a.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-P7
x-powered-by
Express
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
171916
last-modified
Tue, 15 Aug 2023 22:01:23 GMT
server
cloudflare
etag
W/"29f8c-189fb37c719"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=scTEO5nhuuAbfPfeyJZ7CeqgcdS97%2FyDzBFBzI0rVHT%2FZede%2B4CRZYmRioxjtcK7%2Fnx%2FzLgnlorjyymMWpQn%2BrQhpXQZCUUfVacrPFl2oE6oOHpDo%2FcZwYYnFsRPvV%2BhUDdcu2qq62EdScHmsajl"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8411097d6fa5364d-FRA
x-amz-cf-id
amuhFuP1e55bRzSZfN9te5K2z3uqIVeRFfvJEkXEpa0WANECUOp8FA==
x-proxy-cache
EXPIRED
Tokyo-Japan-1.jpg
cdn.posts.market/content/images/2023/08/
196 KB
196 KB
Image
General
Full URL
https://cdn.posts.market/content/images/2023/08/Tokyo-Japan-1.jpg
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:89a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
c1543b005cd7b58eb5854e15ceb7a9a206982211d373d89710ef2361090d69c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:28 GMT
via
1.1 7cf1868252578a35a0e0b87d3129c07c.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
AMS1-P3
x-powered-by
Express
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
200442
last-modified
Tue, 15 Aug 2023 22:26:17 GMT
server
cloudflare
etag
W/"30efa-189fb4e924a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jgj31wC9ikZ4x%2FBJtcEsDR%2BraN8lxC0pr7rlWuuOO3ygpnEZZqLMc1lBCSxd%2BmjHjH9r0n%2BcI5p%2FhEkaOQ%2B1x9%2B1TGMSsW4BEgIExkwR8w7cJZsJj8HoROCKmJYLmECCDl4uTH%2BBtAxvSEeKOBjf"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8411097d6fa6364d-FRA
x-amz-cf-id
VPV-xR4xh7ka5bjFjyHFTJCzWN1n4mNkL8ojyP8ZGFbBOmFdJ3cS-g==
x-proxy-cache
MISS
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
72 B
319 B
XHR
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bd5068ee3f41ad2ed4f003c13c4e939021c77f7a69ac82d25211c72868b520e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://go.reference.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
8411097d39af58f0-TXL
access-control-allow-headers
Content-Type
latest.js
static.kueezrtb.com/js/
203 KB
88 KB
Script
General
Full URL
https://static.kueezrtb.com/js/latest.js?_=1704513448474
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:237b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
699790c0a5b5bc41d17087346bf2abf8f8e6ca31bad50157f20177ef2349ea50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:28 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 31 Dec 2023 09:02:34 GMT
server
cloudflare
x-amz-request-id
VSGSF1C3D8V9TX48
age
500067
etag
W/"17757c24efb27c98e69ccf4b396bf8a4"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
x-amz-meta-access-control-allow-origin, x-amz-meta-access-control-allow-methods
cf-ray
8411097d0bb971c4-FRA
x-amz-id-2
u+5LnYbKez1+xla7GTuj5GIVMOkZ5HcOOf7hhFmS+afefN580/xsWCM2mDpywlKekOMr/kbS4E4=
cmp.js
static.vidazoo.com/basev/cmp/1.0.1/
3 KB
2 KB
Script
General
Full URL
https://static.vidazoo.com/basev/cmp/1.0.1/cmp.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:751 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b70b5ab26a51f7829a43fa74bbb2abc2fab541d5842d7c481274f9aaa239a53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:28 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
THJ8PTYHWNR62A0S
age
12486
x-amz-server-side-encryption
AES256
content-length
1392
x-amz-id-2
/bCLEw/0kRRPQPdG4ohjpi77LgtNI7GMeVKACN7safN2h0QZjIhXIq5liCAeT70yL1BkmtvzJ1E=
last-modified
Tue, 26 Sep 2023 11:15:59 GMT
server
cloudflare
etag
"ae30727db9cee5c3bcee5965142f5f72"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8411097d6fab44f8-TXL
access-control-allow-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
expires
Sun, 07 Jan 2024 03:57:28 GMT
tcf.js
static.vidazoo.com/basev/tcf/1.0.2/
16 KB
5 KB
Script
General
Full URL
https://static.vidazoo.com/basev/tcf/1.0.2/tcf.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:751 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e602d10aeab60c205781599d1dd4e46d615c1938e62f66d5752fb08ad800fa2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:28 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
J39S2J9FCS6PXSST
age
23292
x-amz-server-side-encryption
AES256
content-length
5069
x-amz-id-2
8n0mwA63Y/gIUVHOarKyLPWpf/gWqAb7mso5+qH+BA/G3nReHqi48VzYxzVsw1U/exCs+LC1C90=
last-modified
Thu, 27 Jul 2023 14:01:24 GMT
server
cloudflare
etag
"ccd7d1f71f0b08742cb487f337f006fb"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8411097d6fae44f8-TXL
access-control-allow-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
expires
Sun, 07 Jan 2024 03:57:28 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202312.1.0/
428 KB
104 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202312.1.0/otBannerSdk.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3f3e1b209eebcd0ae7a1d19aa7d7bc6a7753995a2e412a5933c97dbe040112f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 06 Jan 2024 03:57:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
NgWSX+Cq7lSczucQPtQGiA==
age
25749
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
106373
x-ms-lease-status
unlocked
last-modified
Thu, 21 Dec 2023 21:20:00 GMT
server
cloudflare
etag
0x8DC026A976079CA
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e1115c28-f01e-0076-2f0a-35b3cb000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8411097d7cda58ea-TXL
gpt.js
securepubads.g.doubleclick.net/tag/js/
90 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b304eb26c9478210a6d3f33319ff9eae2fb08c26cd663645cdb5bd074c9ad0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28999
x-xss-protection
0
server
cafe
etag
153 / 19728 / m202401020101 / config-hash: 2026918608723226553
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 06 Jan 2024 03:57:28 GMT
yield-manager-script-v2.2.16-prod
k8svkbknrqzgecxff.ay.delivery/manager-script/
103 KB
29 KB
Script
General
Full URL
https://k8svkbknrqzgecxff.ay.delivery/manager-script/yield-manager-script-v2.2.16-prod
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cc02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f59dbed256a49b03bcc01c5f11c989bb62af94e19c52c42986fd957e77a19b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:28 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m4e%2FwfmPKY%2BZQa6k6qhuXeRo7UQKD1Ush%2F5kwrnXMfKaKJmwLUt%2FyvvRrAUJi5JDKE8X2l7Bw6lh3PSglgSx%2BujoxSU7L00QoKPvAE2%2B7rGs5hGPZadhx%2FdV%2FALrWSnaJPYLzaALSn9BWqlz9ViJd2MlIOEBze26gY6kMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
8411097dade36630-AMS
alt-svc
h3=":443"; ma=86400
apstag.js
c.amazon-adsystem.com/aax2/
282 KB
70 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-37-209.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:48:10 GMT
content-encoding
gzip
via
1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront), 1.1 66a008dd3c1b49635fc036a68872758c.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 22:20:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, MUC50-P2
age
559
x-amz-server-side-encryption
AES256
etag
W/"d6937d02acbbf691a008906e9d0617e0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
bHXKqG3LBF1gZ-JP0THGfXALN15CHA9aUwT7_fXc79NnCzGMkVRQYA==
K8SvkBkNRQzGECxFf.deploy
k8svkbknrqzgecxff.ay.delivery/manager-script/
543 KB
164 KB
Script
General
Full URL
https://k8svkbknrqzgecxff.ay.delivery/manager-script/K8SvkBkNRQzGECxFf.deploy?v=3x4B7QenwA7pjmAKN
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cc02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e91e78cabfb35eb5885e025b7a6aacd8645c00f56b0d5130f47285f6657d956

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:28 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BQMcgjdJz8UE7wkmkMeFSey6S3q1r%2F7Zayp8vNd1FNorvByhavhwVzB8lDu8OFgCmfc4X0kjwucf%2BV%2BlCw7ab%2Bch7v%2FZkauVvHbQl3vHXl3dIWe9sdQb%2BlRB9%2BdH9ju%2BiVSCUTAht2xHCP%2FtYPNqJUyCtywCjO2R9tR%2Brw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8411097dbde46630-AMS
alt-svc
h3=":443"; ma=86400
en.json
cdn.cookielaw.org/consent/8e7e0ed9-a705-4981-a740-569e3f7871ee/105345f2-4f4d-4260-8f83-6c69fad991fe/
205 KB
38 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/8e7e0ed9-a705-4981-a740-569e3f7871ee/105345f2-4f4d-4260-8f83-6c69fad991fe/en.json
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e920ff79831bdf413b9eab21667e91138b76b94abee40c5f7b727db1039c35d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 06 Jan 2024 03:57:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
ipuN0hfSuI6dnfniCBYcyA==
content-length
38583
x-ms-lease-status
unlocked
last-modified
Mon, 18 Dec 2023 15:36:47 GMT
server
cloudflare
etag
0x8DBFFDF25BB8088
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
82aa1ee8-201e-005a-28c8-315f64000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8411097dcb1aaca7-TXL
expires
Sun, 07 Jan 2024 03:57:28 GMT
iab2V2Data.json
cdn.cookielaw.org/vendorlist/
539 KB
70 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/vendorlist/iab2V2Data.json
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fa4e913edbaf5211addeaf9c4041a46d19e55fd82c5645fdefcca9d435bb165
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 06 Jan 2024 03:57:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
qx8Lih06S2Vl2COMwXwQ4Q==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
71118
x-ms-lease-status
unlocked
last-modified
Fri, 05 Jan 2024 22:10:16 GMT
server
cloudflare
etag
0x8DC0E3B192EF540
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
24ad4645-101e-0033-1824-406628000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8411097dcb1baca7-TXL
otTCF.js
cdn.cookielaw.org/scripttemplates/202312.1.0/
39 KB
12 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202312.1.0/otTCF.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b225b553da329022367ef9806c9820cbb60051aede8489749a879cfc3bed0677
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 06 Jan 2024 03:57:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
C3F8A3O9ElycWWq6DgqI8g==
age
65673
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
11706
x-ms-lease-status
unlocked
last-modified
Thu, 21 Dec 2023 21:19:59 GMT
server
cloudflare
etag
0x8DC026A96445F0E
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
517f6e46-c01e-0052-5ce2-34456b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8411097dcd1658ea-TXL
otFlat.json
cdn.cookielaw.org/scripttemplates/202312.1.0/assets/
13 KB
3 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202312.1.0/assets/otFlat.json
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 06 Jan 2024 03:57:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
tWkS8T7E+veM7Z58xlBheA==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3017
x-ms-lease-status
unlocked
last-modified
Thu, 21 Dec 2023 21:19:51 GMT
server
cloudflare
etag
0x8DC026A91891375
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
51f90184-201e-0091-0b1d-355c31000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8411097e9ba8aca7-TXL
otPcTab.json
cdn.cookielaw.org/scripttemplates/202312.1.0/assets/v2/
63 KB
14 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202312.1.0/assets/v2/otPcTab.json
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bc6a125d698416498cdf5ef60cd959aef01db95a6e3e0d74a95f9b6d3d78feb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 06 Jan 2024 03:57:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
U/2YW0bn1JJ0J1d+c+zmlA==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
13588
x-ms-lease-status
unlocked
last-modified
Thu, 21 Dec 2023 21:19:54 GMT
server
cloudflare
etag
0x8DC026A934944DA
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
025b61db-101e-0033-2f1d-356628000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8411097e9bacaca7-TXL
otCookieSettingsButton.json
cdn.cookielaw.org/scripttemplates/202312.1.0/assets/
5 KB
2 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202312.1.0/assets/otCookieSettingsButton.json
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7429ba59299387d5b2445949464b6b58111c47c8363459c1dfe16a541ff0c397
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 06 Jan 2024 03:57:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
OXwDGDZVZXYfwwNXrZqz+w==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1766
x-ms-lease-status
unlocked
last-modified
Thu, 21 Dec 2023 21:19:53 GMT
server
cloudflare
etag
0x8DC026A92D119A2
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
c95cb86f-b01e-0058-3c1a-35e1dc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8411097e9baeaca7-TXL
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202312.1.0/assets/
21 KB
4 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202312.1.0/assets/otCommonStyles.css
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 06 Jan 2024 03:57:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
c7xAZ9MSGAobGaTYg/Qtag==
x-ms-lease-status
unlocked
last-modified
Thu, 21 Dec 2023 21:20:07 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
33cc185a-401e-004c-1e1a-35a9b3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8411097e9bafaca7-TXL
js
www.googletagmanager.com/gtag/
209 KB
75 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-10937700827&l=dataLayer&cx=c
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a59e1675324187a3eb73f6d516691edfb6ce1376b16874f503ae7bd2e3c987bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76317
x-xss-protection
0
last-modified
Sat, 06 Jan 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 06 Jan 2024 03:57:28 GMT
js
www.googletagmanager.com/gtag/
183 KB
67 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-10973155&l=dataLayer&cx=c
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3887ae45adc08c4d7759f1d4987863aa5d130211e41cefd9867daaf700d7779c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68202
x-xss-protection
0
last-modified
Sat, 06 Jan 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 06 Jan 2024 03:57:28 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10897832764/
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10897832764/?random=1704513448785&cv=11&fst=1704513448785&bg=ffffff&guid=ON&async=1&gtm=45be4130v9172134950&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=10001&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.reference.com%2F&tiba=Reference&hn=www.googleadservices.com&frm=0&auid=212718818.1704513449&uamb=0&uaw=0&data=event%3Dpage_view%3Bpage_path%3D%2F&rfmt=3&fmt=4
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ea0cfc8084d02fcd41f145acc1545f360abfdf63d4526621bf1fe3f326e8b7b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 03:57:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1253
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
10897832764
google.com/ccm/form-data/
0
254 B
Ping
General
Full URL
https://google.com/ccm/form-data/10897832764?gtm=45be4130v9172134950&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=10001&hn=www.googleadservices.com&auid=212718818.1704513449&ec_mode=a&uamb=0&uaw=0&em=tv.1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10897832764&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 03:57:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://go.reference.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-37-209.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 67393fa6b3a865c1a8252acac0aa5cbc.cloudfront.net (CloudFront)
date
Sat, 06 Jan 2024 03:57:28 GMT
x-amz-cf-pop
MUC50-P2
age
1213
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
3rJmrLNZwFdQJSULcnQAZi-8AwLIimA27rAvg8Lhx6AIlaQ8A-mZrQ==
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/
497 B
532 B
Fetch
General
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 06 Jan 2024 03:57:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
x-ms-lease-status
unlocked
last-modified
Thu, 04 Jan 2024 21:06:30 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
c75745eb-401e-0073-1ea8-3f6110000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8411097f2c05aca7-TXL
ot_company_logo.png
cdn.cookielaw.org/logos/static/
4 KB
4 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/ot_company_logo.png
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 06 Jan 2024 03:57:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
E8+sk/ECzKgTUVtDLikiIA==
age
79746
content-length
4036
x-ms-lease-status
unlocked
last-modified
Thu, 04 Jan 2024 03:32:43 GMT
server
cloudflare
etag
0x8DC0CD5CFC75AFB
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
29490746-c01e-007d-10e5-3e48a0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8411097f3df858ea-TXL
powered_by_logo.svg
cdn.cookielaw.org/logos/static/
5 KB
2 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 06 Jan 2024 03:57:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
7601
x-ms-lease-status
unlocked
last-modified
Thu, 04 Jan 2024 21:06:31 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
041b5ab3-001e-004d-668b-3ff66f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8411097f3df958ea-TXL
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10937700827/
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10937700827/?random=1704513448969&cv=11&fst=1704513448969&bg=ffffff&guid=ON&async=1&gtm=45be4130&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=10001&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.reference.com%2F&tiba=Reference&hn=www.googleadservices.com&frm=0&auid=212718818.1704513449&uamb=0&uaw=0&data=event%3Dpage_view%3Bpage_path%3D%2F&rfmt=3&fmt=4
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
207bcd5e7d01496b206e531c78556a6a01467f5731dfa74b96f16ceff0ab1e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 03:57:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1243
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activity;src=10973155;auiddc=212718818.1704513449;gtm=45fe4130;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;tcfd=10001;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fgo.reference....
ad.doubleclick.net/
42 B
542 B
Image
General
Full URL
https://ad.doubleclick.net/activity;src=10973155;auiddc=212718818.1704513449;gtm=45fe4130;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;tcfd=10001;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fgo.reference.com%2F?
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 03:57:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/
436 KB
137 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 23:19:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
16661
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140253
x-xss-protection
0
server
cafe
etag
11435206252018266965
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 04 Jan 2025 23:19:48 GMT
fpd
u.kueezrtb.com/
380 B
516 B
XHR
General
Full URL
https://u.kueezrtb.com/fpd?_=1704513449039&yv=d770de&h=go.reference.com
Requested by
Host: static.kueezrtb.com
URL: https://static.kueezrtb.com/js/latest.js?_=1704513448474
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:237b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef5a25e81dbc31c9893bf6c04b10dd399f2a482d44cf19820f27f742cc07b634

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:29 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-origin
https://go.reference.com
access-control-allow-credentials
true
cf-ray
84110980bd7971c4-FRA
content-length
307
dye
track.kueezrtb.com/
0
31 B
Image
General
Full URL
https://track.kueezrtb.com/dye?ac=2&acm=G3L&uid=73c8c7f2b2e10516&sid=76cedfef3d5c14c8&pvi=e978f411a920f6cb&h=go.reference.com&wh=1600x1200&b=Chrome&bv=120.0.6099.129&dev=&os=Windows%2010&p=&uri=%2F&furl=https%3A%2F%2Fgo.reference.com%2F&sr=1600x1200&type=latest:init&_=1704513449038
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:237b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
84110980bd7b71c4-FRA
dye
gtrack.kueezrtb.com/
0
31 B
Image
General
Full URL
https://gtrack.kueezrtb.com/dye?ac=2&acm=G3L&uid=73c8c7f2b2e10516&sid=76cedfef3d5c14c8&pvi=e978f411a920f6cb&h=go.reference.com&wh=1600x1200&b=Chrome&bv=120.0.6099.129&dev=&os=Windows%2010&p=&uri=%2F&furl=https%3A%2F%2Fgo.reference.com%2F&sr=1600x1200&type=latest:init&_=1704513449038
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:237b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
84110980ad7371c4-FRA
dye
track.kueezrtb.com/
0
62 B
Image
General
Full URL
https://track.kueezrtb.com/dye?ac=2&acm=G3L&uid=73c8c7f2b2e10516&sid=76cedfef3d5c14c8&pvi=e978f411a920f6cb&h=go.reference.com&wh=1600x1200&b=Chrome&bv=120.0.6099.129&dev=&os=Windows%2010&p=&uri=%2F&furl=https%3A%2F%2Fgo.reference.com%2F&sr=1600x1200&type=latest:fpdr&_=1704513449039
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:237b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
84110980bd7a71c4-FRA
dye
gtrack.kueezrtb.com/
0
31 B
Image
General
Full URL
https://gtrack.kueezrtb.com/dye?ac=2&acm=G3L&uid=73c8c7f2b2e10516&sid=76cedfef3d5c14c8&pvi=e978f411a920f6cb&h=go.reference.com&wh=1600x1200&b=Chrome&bv=120.0.6099.129&dev=&os=Windows%2010&p=&uri=%2F&furl=https%3A%2F%2Fgo.reference.com%2F&sr=1600x1200&type=latest:fpdr&_=1704513449039
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:237b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
84110980ad7071c4-FRA
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgo.reference.com%2F&domain=go.reference.com&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://go.reference.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://go.reference.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 06 Jan 2024 03:57:28 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
254608
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
3594
config.aps.amazon-adsystem.com/configs/
532 B
807 B
Script
General
Full URL
https://config.aps.amazon-adsystem.com/configs/3594
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.196.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-196-11.mrs52.r.cloudfront.net
Software
CloudFront /
Resource Hash
4c15944bd425b00e22d1ed12a9d95fc45985ebcdaaeb3568246d5e94a1346129

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:14:54 GMT
via
1.1 ade2c92d36b989728b03c481a1a81532.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
MRS52-P6
age
2555
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
532
x-amz-cf-id
1gj6v_z_y2Z3jyRGfAzo-8aPdgYToLQH0tp97o6AHajYOsbLOacoNg==
config
c.amazon-adsystem.com/cdn/prod/
0
311 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3594&u=https%3A%2F%2Fgo.reference.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-37-209.muc50.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 01:11:30 GMT
via
1.1 66a008dd3c1b49635fc036a68872758c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MUC50-P2
age
9959
x-cache
Hit from cloudfront
access-control-allow-origin
https://go.reference.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
zPOz-5-C_XhovP-ycLouzlkeD8GBlIURq0QCRtkhPJI8gmbvOeZBqw==
envelope
lexicon.33across.com/v1/
49 B
250 B
Fetch
General
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a00003Ek3OWAAZ&gdpr=0&src=pbjs&ver=8.25.0&coppa=0
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://go.reference.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 06 Jan 2024 03:57:29 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://go.reference.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
json
gum.criteo.com/sid/
2 B
375 B
Fetch
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgo.reference.com%2F&domain=go.reference.com&lsw=1
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://go.reference.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 03:57:29 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://go.reference.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
192540
expires
0
d9core
d9.flashtalking.com/
11 KB
11 KB
Script
General
Full URL
https://d9.flashtalking.com/d9core
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.129.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-129-108.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.52 () OpenSSL/1.0.2k-fips /
Resource Hash
99572dae382fe1b83318a0afe606155bb02e6c860403ad2ba16374e9b2fa1a28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 03:57:29 GMT
Server
Apache/2.4.52 () OpenSSL/1.0.2k-fips
ETag
5bc31bf7d4a298e1bef9d35fce222bfc
Access-Control-Allow-Methods
GET,POST,SERVER
P3P
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin
d9.flashtalking.com
Content-Type
application/javascript;charset=utf-8
Cache-Control
private, must-revalidate, proxy-revalidate, max-age=172800
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
10814
prebid
id5-sync.com/api/config/
136 B
418 B
Fetch
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
0c945aa0bb5ba5a939754f316628f652efd88279fdba1fda70102f12984e7c9f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://go.reference.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://go.reference.com
date
Sat, 06 Jan 2024 03:57:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
id
id.crwdcntrl.net/
43 B
317 B
Fetch
General
Full URL
https://id.crwdcntrl.net/id?c=17525
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.10.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-10-251.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://go.reference.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 03:57:29 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://go.reference.com
cache-control
no-cache
x-server
10.45.5.254
access-control-allow-credentials
true
content-length
43
expires
0
rid
match.adsrvr.org/track/
63 B
422 B
Fetch
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
69cb3696a22a15bd0bd4fc79450156d6ad02d1a95ed01308fc832a27359da3e5

Request headers

Referer
https://go.reference.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 06 Jan 2024 03:57:29 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://go.reference.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Mon, 05 Feb 2024 03:57:29 GMT
quant.js
secure.quantserve.com/
23 KB
9 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:29 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sat, 13 Jan 2024 03:57:29 GMT
client-v2.js
k8svkbknrqzgecxff.ay.delivery/
92 KB
28 KB
Script
General
Full URL
https://k8svkbknrqzgecxff.ay.delivery/client-v2.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e6::ac40:cc02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9939ad43158d512c15a08b09dfd32b195ac085a276678d5996c4d2f7264ffd78

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:29 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 08 Dec 2023 20:57:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65738352-16eb5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1WlHc%2BuH19oh9%2BMS97OG%2FIFuQwU0AN4hbYIvbd8RjjlxPhnRoPefdLxpWpOn4FB9qtJ8bgOncvujK%2FEdixGtSmGv%2BTgUeSnHp%2BzjfrScN27CxgbpRrT0Ch8GdAiqPDMK%2BsHPQWKU%2BmVkYLe2I7MTdNxehrHIz0ktcZqnkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cf-ray
84110980bd256931-FRA
alt-svc
h3=":443"; ma=86400
IIQUniversalID.js
k8svkbknrqzgecxff.ay.delivery/
95 KB
23 KB
Script
General
Full URL
https://k8svkbknrqzgecxff.ay.delivery/IIQUniversalID.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e6::ac40:cc02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51c349494e8d137a4d9dc882ae293647d5f8bf60b11e5b3014d116a95405399a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 07 Dec 2023 21:38:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6079
etag
W/"65723b68-17a65"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OXo36Zb36%2B3h4Bby9lHolr15%2FosLbPkn%2FqGoUAFaBcm0gGhQPfPsNA7c%2BUSUyQYSSYynea4zNi6GBWaDJferEsYSPbTdwzVh96FE6CN%2BI8LkN2RUC5Yk9drSvGAOoyfG1IEFWMVOBrw%2FSm%2BwrwXd0jbUllQsmTacLswBsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
84110980bd276931-FRA
alt-svc
h3=":443"; ma=86400
localstore.js
script.4dex.io/
483 B
1 KB
Script
General
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 03:57:29 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Mon, 27 Nov 2023 07:14:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
765760
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0XZFw7GxM5Qh4B%2BSpROAApDWAMaDKIa00jvnY5gP7kA4K1W2SQRWkblqEoczLfIZdUHv%2FVQsy3Jeq4qHdPGiUseDy3kpMvbFKXm2JlO%2BOiW5djur8aPXVJyxUfxPQLOA%2FCV%2B%2F3DUiOLDeWWT"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
841109813cb971b2-FRA
bid
aax.amazon-adsystem.com/e/dtb/
23 B
463 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3594&u=https%3A%2F%2Fgo.reference.com%2F&pid=dYRopV39qCsxj&cb=0&ws=1600x1200&v=23.1211.1645&t=2400&slots=%5B%7B%22sd%22%3A%22ay_dsk_ic_1__ayManagerEnv__1%22%2C%22s%22%3A%5B%22300x250%22%2C%22320x50%22%2C%22300x100%22%2C%22320x100%22%5D%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdpre=1&gdprc=CP39fAAP39fAAAcABBENAiEgAAAAAELAAAYgAAATugBgLzAnXBO0E7gAAAAA.YAAACFgAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.9.235 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-9-235.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:29 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
HNADGAJ8JWT0C8NZR92M
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://go.reference.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
AXFm8jv_RpuCHpDDN75YAOAcg7_c_yIF7xNRQL8criIAfAdoWUqNAQ==
/
www.google.com/pagead/1p-user-list/10897832764/
42 B
455 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/10897832764/?random=1704513448785&cv=11&fst=1704510000000&bg=ffffff&guid=ON&async=1&gtm=45be4130v9172134950&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.reference.com%2F&tiba=Reference&frm=0&data=event%3Dpage_view%3Bpage_path%3D%2F&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_gUR1WtUOXB8zaAuXTDecVL2wlmEd6w&random=2885740381&rmt_tld=0&ipr=y
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 03:57:29 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/10897832764/
42 B
455 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/10897832764/?random=1704513448785&cv=11&fst=1704510000000&bg=ffffff&guid=ON&async=1&gtm=45be4130v9172134950&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.reference.com%2F&tiba=Reference&frm=0&data=event%3Dpage_view%3Bpage_path%3D%2F&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_gUR1WtUOXB8zaAuXTDecVL2wlmEd6w&random=2885740381&rmt_tld=1&ipr=y
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 03:57:29 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/10937700827/
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/10937700827/?random=1704513448969&cv=11&fst=1704510000000&bg=ffffff&guid=ON&async=1&gtm=45be4130&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.reference.com%2F&tiba=Reference&frm=0&data=event%3Dpage_view%3Bpage_path%3D%2F&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_Mm8YgoX3V0PZY97tJoFEPgTAnW4nJw&random=810872184&rmt_tld=0&ipr=y
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 03:57:29 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/10937700827/
42 B
108 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/10937700827/?random=1704513448969&cv=11&fst=1704510000000&bg=ffffff&guid=ON&async=1&gtm=45be4130&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.reference.com%2F&tiba=Reference&frm=0&data=event%3Dpage_view%3Bpage_path%3D%2F&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_Mm8YgoX3V0PZY97tJoFEPgTAnW4nJw&random=810872184&rmt_tld=1&ipr=y
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 03:57:29 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/
33 B
276 B
Fetch
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
39ce18073f1c47b27adc3c51366df4630b593520dbc8571838b800dac99e5513
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://go.reference.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://go.reference.com
date
Sat, 06 Jan 2024 03:57:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
hash
k8svkbknrqzgecxff.ay.delivery/
4 B
586 B
XHR
General
Full URL
https://k8svkbknrqzgecxff.ay.delivery/hash?e=K8SvkBkNRQzGECxFf&k=%7C120&v=4999
Requested by
Host: k8svkbknrqzgecxff.ay.delivery
URL: https://k8svkbknrqzgecxff.ay.delivery/client-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e6::ac40:cc02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0a5df5022dc9c2fc77a391c090e6025de8801366bc5d4c0a9a39df44fe0c7c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:29 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
4
last-modified
Fri, 05 Jan 2024 20:20:24 GMT
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5lfarOuvIzudQinkbMadgFpjHkOudwmZe1qxra5vTYRqV%2FFzooBBaBXNRAFa6jONfyq5WyrlQgQmvAmuIJWCWMjRZi8xWP3cL4glVz9jOGgLqCKJ3KJVigl9iNkPLutaxu86NtvO7qQ4EoVq%2BPoji2yDjaOy79SMi63Bgg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=1800
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
84110981e8adb914-AMS
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding
pageview
api.assertcom.de/
0
309 B
Ping
General
Full URL
https://api.assertcom.de/pageview
Requested by
Host: k8svkbknrqzgecxff.ay.delivery
URL: https://k8svkbknrqzgecxff.ay.delivery/client-v2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.130.203.123 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.123.203.130.94.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:29 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
access-control-allow-origin
https://go.reference.com
cache-control
no-store, no-cache, private, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding
content-length
0
expires
Thu, 01 Jan 1980 00:00:01 GMT
linreg_da.min.js
k8svkbknrqzgecxff.ay.delivery/floorPrice/K8SvkBkNRQzGECxFf/js/floorPrice/
93 KB
27 KB
Script
General
Full URL
https://k8svkbknrqzgecxff.ay.delivery/floorPrice/K8SvkBkNRQzGECxFf/js/floorPrice/linreg_da.min.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e6::ac40:cc02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30ca1f74cab47ad6f3e300f77e172db4ca67d6bfc13ba5574965a3b98657be9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:29 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 06 Jan 2024 03:34:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6598ca46-175bf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C9TGxv5ZzXjGy%2FVv3vzSsfaxjBRNfqIQG9fJv8s8Tl15LqRQoAJ7gtGiAFAEh4QEVa3VDlLaQz9LIWkP8eeppkNgbtTKMjDh2fcp%2F0pRcN4l1xtowvRXDnpLLrmkFaBIblcugshclGc77RJ5H323UfBvqxHlqAB3ZNYkCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
841109817d686931-FRA
alt-svc
h3=":443"; ma=86400
adagio.js
script.4dex.io/
75 KB
24 KB
Fetch
General
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 03:57:29 GMT
Content-Encoding
br
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 27 Nov 2023 07:14:07 GMT
Server
cloudflare
ETag
W/"6faf3acfde3bb82adada71be4fc1deb0"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4zZ9PA5VvAljNxBWg7kIq8tetzWCBjbMD3%2Bzgji6n%2F946ZgNZT%2BMSo8djq%2FHJ3w%2FGUC2z8FZT6S0oBI8v2rTynn0Eu8lW1lF7O49Mfubpcg8VdOQxlx2bIAwzXuLhuCzQaSUkDG4nX5hHURm"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
84110981ebb503f4-FRA
rules-p-WzjNX3PMcYj_N.js
rules.quantcount.com/
160 B
641 B
Script
General
Full URL
https://rules.quantcount.com/rules-p-WzjNX3PMcYj_N.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c3:200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42bf6e31193cd649102b8659c55eec10c7e6a89082e6be1dbd8f9903613e5646

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:09:31 GMT
via
1.1 e01f54b21119ff385b2879b6a08078e0.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-C1
age
2879
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Fri, 01 Dec 2023 06:53:33 GMT
server
AmazonS3
etag
"af4a2b117f6d2beaeb52a3b89bfc20bb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
NRy4_tlgUQs_pWgaSmzk0SC4wEs4lwrbX1UrlBDl-aa-uBLrFgy0tg==
dye
track.kueezrtb.com/
0
31 B
Image
General
Full URL
https://track.kueezrtb.com/dye?ac=2&acm=G3L&uid=73c8c7f2b2e10516&sid=76cedfef3d5c14c8&pvi=e978f411a920f6cb&h=go.reference.com&wh=1600x1200&b=Chrome&bv=120.0.6099.129&dev=&os=Windows%2010&p=&uri=%2F&furl=https%3A%2F%2Fgo.reference.com%2F&sr=1600x1200&type=latest:fpdrd&_=1704513449190
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:237b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
841109819dee71c4-FRA
dye
gtrack.kueezrtb.com/
0
31 B
Image
General
Full URL
https://gtrack.kueezrtb.com/dye?ac=2&acm=G3L&uid=73c8c7f2b2e10516&sid=76cedfef3d5c14c8&pvi=e978f411a920f6cb&h=go.reference.com&wh=1600x1200&b=Chrome&bv=120.0.6099.129&dev=&os=Windows%2010&p=&uri=%2F&furl=https%3A%2F%2Fgo.reference.com%2F&sr=1600x1200&type=latest:fpdrd&_=1704513449190
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:237b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
84110981ae0771c4-FRA
1468.json
id5-sync.com/g/v2/
251 B
533 B
Fetch
General
Full URL
https://id5-sync.com/g/v2/1468.json
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
993bf39011b47345e1e1b90fd685bd96df24e524664aabe941a6b257355dc346
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://go.reference.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://go.reference.com
date
Sat, 06 Jan 2024 03:57:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
lgc
d9.flashtalking.com/
147 B
755 B
XHR
General
Full URL
https://d9.flashtalking.com/lgc
Requested by
Host: d9.flashtalking.com
URL: https://d9.flashtalking.com/d9core
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.129.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-129-108.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.52 () OpenSSL/1.0.2k-fips /
Resource Hash
e0582c2338b50140020b60419d1f7fa86752c3f350e64f3fb2b4c16455e79193

Request headers

Referer
https://go.reference.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Sat, 06 Jan 2024 03:57:29 GMT
Server
Apache/2.4.52 () OpenSSL/1.0.2k-fips
Access-Control-Allow-Methods
GET,POST,SERVER
P3P
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin
https://go.reference.com
Content-Type
application/json;charset=ISO-8859-1
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
147
65647dbc8eb03a833562af48
prebid.cootlogix.com/prebid/multi/
0
288 B
Fetch
General
Full URL
https://prebid.cootlogix.com/prebid/multi/65647dbc8eb03a833562af48
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
147.182.176.100 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://go.reference.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://go.reference.com
date
Sat, 06 Jan 2024 03:57:29 GMT
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length
0
hbjson
grid.bidswitch.net/
23 B
366 B
Fetch
General
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.101.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-101-248.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c11923264c67285a1ac5c4cfa39c98163a67912fd522f1e10e3cae605cdfb79f

Request headers

Referer
https://go.reference.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

Date
Sat, 06 Jan 2024 03:57:29 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://go.reference.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
48
bid
s.seedtag.com/c/hb/
11 B
370 B
Fetch
General
Full URL
https://s.seedtag.com/c/hb/bid
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://go.reference.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 06 Jan 2024 03:57:29 GMT
via
1.1 google
server
openresty
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://go.reference.com
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
11
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
prebid
mp.4dex.io/
60 B
397 B
Fetch
General
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer
https://go.reference.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 03:57:29 GMT
x-err
Shapings: no adunits with size and seat and mapping
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://go.reference.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
84110982debe4528-TXL
expires
0
hb
ssc.33across.com/api/v1/
65 B
320 B
Fetch
General
Full URL
https://ssc.33across.com/api/v1/hb?guid=bZnMmSbVGr7R8XrkHcnlKl
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
983d18c738df1abf4e8624c1357d0b25d95e6b855299aa05335ae36a03099cbf

Request headers

Referer
https://go.reference.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 06 Jan 2024 03:57:29 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://go.reference.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
colossusssp.com/
2 B
138 B
Fetch
General
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.237.69.4 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
openresty /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://go.reference.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://go.reference.com
date
Sat, 06 Jan 2024 03:57:29 GMT
access-control-allow-credentials
true
server
openresty
content-length
2
content-type
application/json
auction
pbs.nextmillmedia.com/openrtb2/
0
348 B
Fetch
General
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.49.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-49-158.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://go.reference.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 03:57:29 GMT
x-prebid
pbs-go/42.13.0
vary
Origin
access-control-allow-origin
https://go.reference.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
0
ortb
bid.contextweb.com/header/
0
780 B
Fetch
General
Full URL
https://bid.contextweb.com/header/ortb?src=prebid
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
208.93.169.131 , United States, ASN46244 (WEBMD-IDC1-AS, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://go.reference.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
cwdl
22/4211
access-control-allow-origin
https://go.reference.com
access-control-expose-headers
Access-Control-Allow-Origin
access-control-allow-credentials
true
cw-server
bid-deployment-d65b45dd6-wq49t
bid-request
a.teads.tv/hb/
16 B
381 B
Fetch
General
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.123.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-123-144.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://go.reference.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 03:57:29 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://go.reference.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sat, 06 Jan 2024 03:57:29 GMT
hb-mm-multi
hb.minutemedia-prebid.com/
84 B
428 B
Fetch
General
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.77.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-77-216.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e31abdfddbd63cee8322c1084bff3fcdfcce73b9a94f9b84390583aebd48ec79

Request headers

Referer
https://go.reference.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 06 Jan 2024 03:57:29 GMT
server
istio-envoy
x-reason
maxmind anonymous vpn
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://go.reference.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
84
/
prebid.dblks.net/openrtb/
158 B
421 B
Fetch
General
Full URL
https://prebid.dblks.net/openrtb/?sid=2724507
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.212.255.178 , Canada, ASN25948 (FHMNET, CA),
Reverse DNS
Software
nginx/1.20.1 / Express
Resource Hash
33af08ee9716256001c6ba87010471db9636e7b9b59918976fb4d645f3316b72

Request headers

Referer
https://go.reference.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 06 Jan 2024 03:57:17 GMT
x-openrtb-version
2.5
server
nginx/1.20.1
x-powered-by
Express
etag
W/"9e-mS5KzFaVFUoKyod/eFSNz/gZ+ZA"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://go.reference.com
cache-control
max-age=0, no-cache, no-store, private
access-control-allow-credentials
true
content-length
158
hb
cpm.qortex.ai/
0
237 B
Fetch
General
Full URL
https://cpm.qortex.ai/hb?zone=194382&v=1.6
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://go.reference.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://go.reference.com
Date
Sat, 06 Jan 2024 03:57:29 GMT
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Server
nginx
Connection
close
Content-Length
0
prebid
prebid.media.net/rtb/
338 B
649 B
Fetch
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUFXJ2G5
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
e6e04673ba160219b2fc438b598aa22b2c26a6927c050f2c10607117eb48c75e

Request headers

Referer
https://go.reference.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 03:57:29 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://go.reference.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 06 Jan 2024 03:57:29 GMT
imp
g2.gumgum.com/hbid/
360 B
622 B
Fetch
General
Full URL
https://g2.gumgum.com/hbid/imp?lt=1704513449371&to=-60&id5Id=0&id5IdLinkType=null&aun=ay_dsk_ic_1__ayManagerEnv__1&ftrackId=a7ed8a0e71f34851bfa08b792a8a9ad8&id5id=0&pubcid=9765fe8e-c8b0-4bb2-892a-fbc3f70287d4&gpid=%2F322166814%2Fgo.reference_prebid%2Fgo_ay_dsk_ic_1&t=ykzuniyc&pi=3&maxw=320&maxh=100&si=1035375&bf=300x250%2C320x50%2C300x100%2C320x100&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fgo.reference.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.25.0%22%7D&ogu=https%3A%2F%2Fgo.reference.com&ns=10240
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.183.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-183-234.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
bc0bcf756a0d7da15caba887bd623147aee48046f9b6eb1ea8ad91db219111f8

Request headers

Referer
https://go.reference.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 03:57:29 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://go.reference.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
translator
hbopenbid.pubmatic.com/
0
113 B
Fetch
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://go.reference.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://go.reference.com
date
Sat, 06 Jan 2024 03:57:30 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hb-multi
hb.yellowblue.io/
84 B
608 B
Fetch
General
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-113.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
fb95f7376315870449b9e503eb843a7195852427ee0886c790e7223a709b07dc

Request headers

Referer
https://go.reference.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 06 Jan 2024 03:57:29 GMT
via
1.1 18fab39b23fb6b3013058d6df5faf0bc.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA60-P6
x-reason
maxmind anonymous vpn
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://go.reference.com
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
84
x-amz-cf-id
sQvtiNZxRT0xAfWShp7sVCTq2AvM5pD1rJPbQEUATQRcoYzz2zSpqQ==
alt-svc
h3=":443"; ma=86400
trinity.json
apex.go.sonobi.com/
327 B
2 KB
Fetch
General
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2234eb62a0c03248%22%3A%222921950d377bafd0f10c%7C300x250%2C320x50%2C300x100%2C320x100%7Cgpid%3D%2F322166814%2Fgo.reference_prebid%2Fgo_ay_dsk_ic_1%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fgo.reference.com%2F&s=371532b2-da8e-4a7b-a53d-317f71b7ba09&pv=094b53a2-0d98-4b96-bcf7-86eaf366f49d&vp=desktop&lib_name=prebid&lib_v=8.25.0&us=1&iqid=%7B%22pcid%22%3A%22a773188b-4534-402e-9f9b-b8282b25d68d%22%2C%22pcidDate%22%3A1704513449374%7D&fpd=%7B%22source%22%3A%7B%22tid%22%3A%22cce49b72-56ab-4943-bf94-2ccdc1996b64%22%7D%2C%22site%22%3A%7B%22domain%22%3A%22go.reference.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22reference.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fgo.reference.com%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.129%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&eids=%5B%7B%22source%22%3A%22flashtalking.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22a7ed8a0e71f34851bfa08b792a8a9ad8%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22HHID%22%3A%2227a8a7d57f1446d5bd882a0e16c31d22%22%2C%22DeviceID%22%3A%22a7ed8a0e71f34851bfa08b792a8a9ad8%22%2C%22SingleDeviceID%22%3A%22a7ed8a0e71f34851bfa08b792a8a9ad8%22%7D%7D%5D%7D%2C%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%2C%22pba%22%3A%22TFqPbrddQwkkA02ND5%2BynA%3D%3D%22%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%229765fe8e-c8b0-4bb2-892a-fbc3f70287d4%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f350:3:2569:0:10:0:a , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
f735a4e08f24b55b51213d7a42591be83a73f6d891b0ee1ced0082d6c8e43335
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://go.reference.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 03:57:29 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-49
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://go.reference.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
283
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
641ab9f7284b9911720b9b75
exchange.kueezrtb.com/prebid/multi/
0
288 B
Fetch
General
Full URL
https://exchange.kueezrtb.com/prebid/multi/641ab9f7284b9911720b9b75
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.76.4.232 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.4.232.vultrusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://go.reference.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://go.reference.com
date
Sat, 06 Jan 2024 03:57:29 GMT
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length
0
fastlane.json
fastlane.rubiconproject.com/a/api/
12 KB
6 KB
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=8941&site_id=493418&zone_id=2922930&size_id=15&alt_size_ids=19%2C43%2C117&eid_flashtalking.com=a7ed8a0e71f34851bfa08b792a8a9ad8%5E1&eid_id5-sync.com=0%5E1%5E&eid_pubcid.org=9765fe8e-c8b0-4bb2-892a-fbc3f70287d4%5E1&rf=https%3A%2F%2Fgo.reference.com%2F&tg_i.domain=go.reference.com&tg_i.page=https%3A%2F%2Fgo.reference.com%2F&tg_i.pbadslot=%2F322166814%2Fgo.reference_prebid%2Fgo_ay_dsk_ic_1&tk_flint=pbjs_lite_v8.25.0&x_source.tid=cce49b72-56ab-4943-bf94-2ccdc1996b64&l_pb_bid_id=38877ff88951b94&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=ddc23988-ab91-4b9e-8e76-ab29f665d071&rp_maxbids=1&p_gpid=%2F322166814%2Fgo.reference_prebid%2Fgo_ay_dsk_ic_1&m_ch_mobile=%3F0&slots=1&rand=0.4728385396499202
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f4061eb7e79447275c97c3d3d6e62b96390402127dfc44fbbf47993e8c1048c9

Request headers

Referer
https://go.reference.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 03:57:29 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://go.reference.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
tlx.3lift.com/header/
19 B
527 B
Fetch
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.25.0&referrer=https%3A%2F%2Fgo.reference.com%2F&tmax=2500
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.65.92.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-92-53.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://go.reference.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 03:57:29 GMT
accept-ch
sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile
content-type
application/json; charset=utf-8
access-control-allow-origin
https://go.reference.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
btlr.sharethrough.com/universal/
0
158 B
Fetch
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.147.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-147-185.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://go.reference.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://go.reference.com
date
Sat, 06 Jan 2024 03:57:29 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
prebidjs
rtb.openx.net/openrtbb/
53 B
249 B
Fetch
General
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
9272eb3ebe47f72d91fb37c0c2cf0d578568db279178120c9af87e0afd469205

Request headers

Referer
https://go.reference.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 06 Jan 2024 03:57:29 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://go.reference.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebid
ib.adnxs.com/ut/v3/
53 B
617 B
Fetch
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://go.reference.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 03:57:29 GMT
an-x-request-uuid
bda19394-21bc-405d-9898-f79ca164c64f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://go.reference.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
193.32.248.212; 193.32.248.212; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
53
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
metric
report2.hb.brainlyads.com/statistics/
463 B
751 B
Image
General
Full URL
https://report2.hb.brainlyads.com/statistics/metric?event=bidRequested&bidder=nextMillennium&source=pbjs&groups=1214
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.84.92.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-92-154.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
64faef43f59f0d829a290bb25e0b5c24308c0381b590d9717e460a8344912ba3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 03:57:29 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"1cf-XHssOe1+WUPy43P3Ckt9sJ3fhf4"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
463
dye
track.kueezrtb.com/
0
31 B
Image
General
Full URL
https://track.kueezrtb.com/dye?ac=2&acm=G3L&uid=73c8c7f2b2e10516&sid=76cedfef3d5c14c8&pvi=e978f411a920f6cb&h=go.reference.com&wh=1600x1200&b=Chrome&bv=120.0.6099.129&dev=&os=Windows%2010&p=&cc=DE&ig=0&uri=%2F&furl=https%3A%2F%2Fgo.reference.com%2F&sr=1600x1200&type=latest:br&_=1704513449374&bidder=kueezrtb&at=display&v=1
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:237b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
84110982be9971c4-FRA
dye
gtrack.kueezrtb.com/
0
31 B
Image
General
Full URL
https://gtrack.kueezrtb.com/dye?ac=2&acm=G3L&uid=73c8c7f2b2e10516&sid=76cedfef3d5c14c8&pvi=e978f411a920f6cb&h=go.reference.com&wh=1600x1200&b=Chrome&bv=120.0.6099.129&dev=&os=Windows%2010&p=&cc=DE&ig=0&uri=%2F&furl=https%3A%2F%2Fgo.reference.com%2F&sr=1600x1200&type=latest:br&_=1704513449374&bidder=kueezrtb&at=display&v=1
Requested by
Host: go.reference.com
URL: https://go.reference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:237b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
84110982be9c71c4-FRA
metric
report2.hb.brainlyads.com/statistics/
463 B
751 B
Image
General
Full URL
https://report2.hb.brainlyads.com/statistics/metric?event=noBid&bidder=nextMillennium&source=pbjs&groups=1214
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.84.92.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-92-154.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
64faef43f59f0d829a290bb25e0b5c24308c0381b590d9717e460a8344912ba3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 03:57:29 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"1cf-XHssOe1+WUPy43P3Ckt9sJ3fhf4"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
463
error
api.assertcom.de/
0
308 B
Ping
General
Full URL
https://api.assertcom.de/error
Requested by
Host: k8svkbknrqzgecxff.ay.delivery
URL: https://k8svkbknrqzgecxff.ay.delivery/client-v2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.130.203.123 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.123.203.130.94.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:30 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
access-control-allow-origin
https://go.reference.com
cache-control
no-store, no-cache, private, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding
content-length
0
expires
Thu, 01 Jan 1980 00:00:01 GMT
pd
ask-media-group-d.openx.net/w/1.0/ Frame 2E44
199 B
298 B
Document
General
Full URL
https://ask-media-group-d.openx.net/w/1.0/pd
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer
https://go.reference.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
151
content-type
text/html
date
Sat, 06 Jan 2024 03:57:31 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
visitormatch
bh.contextweb.com/ Frame 4500
27 B
649 B
Document
General
Full URL
https://bh.contextweb.com/visitormatch
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
208.93.169.131 , United States, ASN46244 (WEBMD-IDC1-AS, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
ec2f44e7dbd2ebb1268ac7e7a0602ec2106bc7fd9da17b9012db81be55cbd485
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://go.reference.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
de-DE
content-type
text/html;charset=iso-8859-1
cw-server
bh-deployment-db744d8c7-ngzxs
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000
/
sync.kueezrtb.com/api/sync/iframe/ Frame 77E3
109 B
422 B
Document
General
Full URL
https://sync.kueezrtb.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.203.185.21 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
a1aa01f31d4087317f5d4e5ef4ea70a73e38124a45f1553dbe8968ea16068b84

Request headers

Referer
https://go.reference.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods
GET, HEAD, OPTIONS, POST
access-control-allow-origin
*
content-length
109
content-type
text/html
date
Sat, 06 Jan 2024 03:57:31 GMT
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
sync
cookies.nextmillmedia.com/ Frame 72C5
3 KB
3 KB
Document
General
Full URL
https://cookies.nextmillmedia.com/sync?type=iframe
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.177.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-177-11.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash
cbb470390431a28455afefcded54718a12e0c0acfe31b79e1562f31d94d3cf1f

Request headers

Referer
https://go.reference.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
2981
content-type
text/html
date
Sat, 06 Jan 2024 03:57:31 GMT
server
fasthttp
/
s.0cf.io/ Frame F054
38 KB
14 KB
Document
General
Full URL
https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=315692723-8443561-7147-1&id=2164baaad843254&uid=
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:aa24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f2de3317f7ffbfa96e0e04d6b862d3fab8f6cdd3dfcb29f65567ec131d21d13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://go.reference.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
MISS
cf-ray
8411098d9aa8b914-AMS
content-encoding
br
content-type
text/html
date
Sat, 06 Jan 2024 03:57:31 GMT
expires
Sat, 06 Jan 2024 04:27:31 GMT
last-modified
Tue, 05 Sep 2023 18:57:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zq44f32yUf8ch7BQ2qXwUABAVU27lYlOZCdXWTevS4VoQBl4ZpmxdKfjHJosn0u8MhdWH%2FRcSEEz9uOHhx1cUDL6yFX8JwdGAldudfZ%2B8YqZDz5zbaDB4tt9V8BnYoyyiY1BU7okvw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A6D2
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=163714
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.211.9.91 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-9-91.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://go.reference.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=55738
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sat, 06 Jan 2024 03:57:31 GMT
expires
Sat, 06 Jan 2024 19:26:29 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame 9891
0
0
Document
General
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bZnMmSbVGr7R8XrkHcnlKl&gdpr_consent=undefined&us_privacy=undefined&gpp=&gpp_sid=
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.24 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP001 /
Resource Hash

Request headers

Referer
https://go.reference.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Sat, 06 Jan 2024 03:57:30 GMT
server
33XP001
x-33x-status
2000208
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3A37
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://go.reference.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
81082
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 06 Jan 2024 03:57:31 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 05 Jan 2024 05:26:09 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
281, 409637
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230095-FRA
X-Timer
S1704513451.125234,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame 2E75
281 B
555 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.211.9.109 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-9-109.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://go.reference.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 06 Jan 2024 03:57:31 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 20E2
37 B
140 B
Document
General
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://go.reference.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Sat, 06 Jan 2024 03:57:31 GMT
checksync.php
contextual.media.net/ Frame 214F
22 KB
8 KB
Document
General
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUFXJ2G5&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-27.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c0c7d68a9f51e7fefe28c0a5adb80bb410f010a8814e5c3f9090de67b79dd8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://go.reference.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=172800
content-encoding
gzip
content-length
8078
content-type
text/html; charset=UTF-8
date
Sat, 06 Jan 2024 03:57:31 GMT
expires
Mon, 08 Jan 2024 03:57:31 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
/
sync.cootlogix.com/api/sync/iframe/ Frame E476
109 B
422 B
Document
General
Full URL
https://sync.cootlogix.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
137.184.28.190 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
a1aa01f31d4087317f5d4e5ef4ea70a73e38124a45f1553dbe8968ea16068b84

Request headers

Referer
https://go.reference.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods
GET, HEAD, OPTIONS, POST
access-control-allow-origin
*
content-length
109
content-type
text/html
date
Sat, 06 Jan 2024 03:57:31 GMT
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
iframe
sync.colossusssp.com/ Frame AA6F
0
0

rtset
bh.contextweb.com/bh/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=fb2d1f27-d30e-4875-bd33-cbe720e6a157&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=UURacVZNLWRnREtJS19ad2haLTVKUQ&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEB2_32kKVej-Ho7M55JOglU&google_cver=1
49 B
485 B
Image
General
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEB2_32kKVej-Ho7M55JOglU&google_cver=1
Protocol
H2
Server
208.93.169.131 , United States, ASN46244 (WEBMD-IDC1-AS, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-db744d8c7-jrxfr
expires
-1

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 03:57:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEB2_32kKVej-Ho7M55JOglU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/
43 B
146 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=themediagrid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.7.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-7-44.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
9.gif
id5-sync.com/s/441/
43 B
920 B
Image
General
Full URL
https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Sat, 06 Jan 2024 03:57:30 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
PugMaster
image6.pubmatic.com/AdServer/ Frame A6D2
0
42 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=33011481&p=163714&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=163714
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:31 GMT
content-length
0
usync.js
eus.rubiconproject.com/ Frame 2E75
45 KB
13 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.211.9.109 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-9-109.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
205fc00c492a5bbdfc7d8fd5c52611a8e2acb2a48f8447433dfa8f6d2b0c65fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 03:57:31 GMT
Content-Encoding
gzip
Last-Modified
Sat, 06 Jan 2024 03:37:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=85196
Connection
keep-alive
Content-Length
13174
Expires
Sun, 07 Jan 2024 03:37:27 GMT
/
ssc-cms.33across.com/ps/ Frame 7368
0
0
Document
General
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.24 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP015 /
Resource Hash

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Sat, 06 Jan 2024 03:57:30 GMT
server
33XP015
x-33x-status
2000208
setuid
cookies.nextmillmedia.com/ Frame C7A4
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&gpp={{.GPP}}&gpp_sid={{.GPPSID}}&s=pbs&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Damx%26nmuid%3D%26gdpr%3D%26gdp...
  • https://cookies.nextmillmedia.com/setuid?bidder=amx&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=&gpp_sid=%7B%7B.GPPSID%7D%7D&gpp=%7B%7B.GPP%7D%7D
0
0
Document
General
Full URL
https://cookies.nextmillmedia.com/setuid?bidder=amx&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=&gpp_sid=%7B%7B.GPPSID%7D%7D&gpp=%7B%7B.GPP%7D%7D
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.177.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-177-11.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Sat, 06 Jan 2024 03:57:31 GMT
server
fasthttp

Redirect headers

cache-control
max-age=0, private, must-revalidate
content-length
0
date
Sat, 06 Jan 2024 03:57:31 GMT
location
https://cookies.nextmillmedia.com/setuid?bidder=amx&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=&gpp_sid=%7B%7B.GPPSID%7D%7D&gpp=%7B%7B.GPP%7D%7D
server
envoy
x-envoy-upstream-service-time
0
setuid
pbs.nextmillmedia.com/ Frame 1B10
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dappnexus%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fcookies.nextmillmedia.com%252Fsetuid%253Fbidder%253Dappnexus%2526nmuid%253D%2526gdpr%253D%2526gdpr_consent%253D%2526us_privacy%253D%2526u...
  • https://cookies.nextmillmedia.com/setuid?bidder=appnexus&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=6241680270365964486
  • https://pbs.nextmillmedia.com/setuid?bidder=appnexus&uid=6241680270365964486
86 B
395 B
Document
General
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=appnexus&uid=6241680270365964486
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.49.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-49-158.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
86
content-type
image/png
date
Sat, 06 Jan 2024 03:57:31 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

content-length
0
date
Sat, 06 Jan 2024 03:57:31 GMT
location
https://pbs.nextmillmedia.com/setuid?bidder=appnexus&uid=6241680270365964486
server
fasthttp
setuid
pbs.nextmillmedia.com/ Frame 2275
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dgrid%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_conse...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dgrid%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr...
  • https://cookies.nextmillmedia.com/setuid?bidder=grid&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=00b9d0ef-cdf3-4958-b731-562f8da30b68
  • https://pbs.nextmillmedia.com/setuid?bidder=grid&uid=00b9d0ef-cdf3-4958-b731-562f8da30b68
86 B
412 B
Document
General
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=grid&uid=00b9d0ef-cdf3-4958-b731-562f8da30b68
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.49.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-49-158.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
86
content-type
image/png
date
Sat, 06 Jan 2024 03:57:31 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

content-length
0
date
Sat, 06 Jan 2024 03:57:31 GMT
location
https://pbs.nextmillmedia.com/setuid?bidder=grid&uid=00b9d0ef-cdf3-4958-b731-562f8da30b68
server
fasthttp
setuid
pbs.nextmillmedia.com/ Frame 4B79
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=194962&gdpr=&gdpr_consent=&us_privacy=&gpp={{.GPP}}&gppsid={{.GPPSID}}&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dix%26nmuid%3D%26g...
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fgpp%3D%257B%257B.GPP%257D%257D%26bidder%3Dix%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D...
  • https://cookies.nextmillmedia.com/setuid?gpp=%7B%7B.GPP%7D%7D&bidder=ix&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=ZZjPq0UqzPfZbB8OJFI9vgAA%265199
  • https://pbs.nextmillmedia.com/setuid?bidder=ix&uid=ZZjPq0UqzPfZbB8OJFI9vgAA&5199
0
292 B
Document
General
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=ix&uid=ZZjPq0UqzPfZbB8OJFI9vgAA&5199
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.49.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-49-158.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
date
Sat, 06 Jan 2024 03:57:31 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

content-length
0
date
Sat, 06 Jan 2024 03:57:31 GMT
location
https://pbs.nextmillmedia.com/setuid?bidder=ix&uid=ZZjPq0UqzPfZbB8OJFI9vgAA&5199
server
fasthttp
setuid
pbs.nextmillmedia.com/ Frame 3058
Redirect Chain
  • https://csync.loopme.me/?pubid=11364&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dloopme%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%...
  • https://cookies.nextmillmedia.com/setuid?bidder=loopme&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=e09056bf-75fa-4fad-b8b8-f9ecd331dd94&gdpr_consent=null&gdpr=null
  • https://pbs.nextmillmedia.com/setuid?bidder=loopme&uid=e09056bf-75fa-4fad-b8b8-f9ecd331dd94
86 B
414 B
Document
General
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=loopme&uid=e09056bf-75fa-4fad-b8b8-f9ecd331dd94
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.49.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-49-158.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
86
content-type
image/png
date
Sat, 06 Jan 2024 03:57:31 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

content-length
0
date
Sat, 06 Jan 2024 03:57:31 GMT
location
https://pbs.nextmillmedia.com/setuid?bidder=loopme&uid=e09056bf-75fa-4fad-b8b8-f9ecd331dd94
server
fasthttp
prebid
rtb.openx.net/sync/ Frame 76A9
43 B
182 B
Document
General
Full URL
https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&r=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dopenx%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24%7BUID%7D
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0, no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Sat, 06 Jan 2024 03:57:31 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
via
1.1 google
ImgSync
image8.pubmatic.com/AdServer/ Frame 41F0
0
39 B
Document
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=157577&gdpr=&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dpubmatic%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%23PMUID
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Sat, 06 Jan 2024 03:57:30 GMT
usync.html
eus.rubiconproject.com/ Frame E735
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17888&endpoint=us-east&nmuid=
  • https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
281 B
555 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.211.9.109 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-9-109.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 06 Jan 2024 03:57:31 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 06 Jan 2024 03:57:31 GMT
location
https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
server
AkamaiGHost
pixel
ap.lijit.com/ Frame 4638
0
0
Document
General
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dsovrn%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.55.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-55-170.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
*
date
Sat, 06 Jan 2024 03:57:31 GMT
getuid
eb2.3lift.com/ Frame B117
0
37 B
Document
General
Full URL
https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&gpp={{.GPP}}&gpp_sid={{.GPPSID}}&redir=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dtriplelift%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Sat, 06 Jan 2024 03:57:31 GMT
pbsync
ads.yieldmo.com/ Frame DE22
0
0
Document
General
Full URL
https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dyieldmo%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.175.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-175-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Sat, 06 Jan 2024 03:57:31 GMT
getuidj
ib.adnxs.com/ Frame F054
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ib.adnxs.com/getuidj
  • https://ib.adnxs.com/getuidj
29 B
870 B
Fetch
General
Full URL
https://ib.adnxs.com/getuidj
Protocol
H2
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
3553aadfc34476c6bbcd41387145b17ed6cdc55544e09b664a37a0c9395b1cf7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=315692723-8443561-7147-1&id=2164baaad843254&uid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 03:57:31 GMT
an-x-request-uuid
388e7710-987d-4932-bd47-7795ae598093
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://s.0cf.io
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
193.32.248.212; 193.32.248.212; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
29
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 03:57:31 GMT
an-x-request-uuid
2b0db014-1dba-415d-9f36-cf7b534c28fa
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://s.0cf.io
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ib.adnxs.com/getuidj
x-proxy-origin
193.32.248.212; 193.32.248.212; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
s.0cf.io/ Frame 9F2E
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D76%26uid%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D76%26uid%3D%24UID
  • https://s.0cf.io/
38 KB
14 KB
Document
General
Full URL
https://s.0cf.io/
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=315692723-8443561-7147-1&id=2164baaad843254&uid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e4::ac40:aa24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f2de3317f7ffbfa96e0e04d6b862d3fab8f6cdd3dfcb29f65567ec131d21d13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5714
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
84110990cd763620-FRA
content-encoding
br
content-type
text/html
date
Sat, 06 Jan 2024 03:57:31 GMT
expires
Sat, 06 Jan 2024 04:27:31 GMT
last-modified
Tue, 05 Sep 2023 18:57:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W1BMjO5ylSV9bSIsi0HU0zxK%2BrL%2B%2FYkZrW09LlPEQAvqzYxB9ZJWMHL4pfEcsJBG%2FvVttzm1HJneGp%2Bf9%2BHtK6jbbt0A8NLQ8Pm%2FZyICkUA%2FXfBHSLtz0nZ%2FtZb0fXw0uzIDj3zbiA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sat, 06 Jan 2024 03:57:31 GMT
location
https://s.0cf.io/#ps=true&dbid=2164baaad843254&id=76&uid=2464080405936714194217
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
getuids
prebid-server.rubiconproject.com/ Frame F054
43 B
347 B
Fetch
General
Full URL
https://prebid-server.rubiconproject.com/getuids
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=315692723-8443561-7147-1&id=2164baaad843254&uid=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
7f119acdb43a02637ad03afd15c4689163f5560418d28283fc1c9f5bd08de347

Request headers

Referer
https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=315692723-8443561-7147-1&id=2164baaad843254&uid=
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
Content-Type
application/json;charset=utf-8
access-control-allow-origin
https://s.0cf.io
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
69
Expires
0
rid
match.adsrvr.org/track/ Frame F054
63 B
416 B
Fetch
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=315692723-8443561-7147-1&id=2164baaad843254&uid=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
a7c8ca0a331604956c4ae35a7c31a920702d595ca726f3056937aa851f614c3f

Request headers

Referer
https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=315692723-8443561-7147-1&id=2164baaad843254&uid=
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 06 Jan 2024 03:57:31 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://s.0cf.io
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Mon, 05 Feb 2024 03:57:31 GMT
connectmyusers.php
cdn.connectad.io/ Frame B9A7
1 KB
864 B
Document
General
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=315692723-8443561-7147-1&id=2164baaad843254&uid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2093
alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-cache-status
HIT
cf-ray
84110990ed7a9b1f-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 06 Jan 2024 03:57:31 GMT
last-modified
Sat, 06 Jan 2024 03:22:38 GMT
server
cloudflare
vary
Accept-Encoding
current
prebid-match.dotomi.com/match/bounce/ Frame 2766
0
0
Document
General
Full URL
https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D10%26uid%3D
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=315692723-8443561-7147-1&id=2164baaad843254&uid=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, private, max-age=0, no-store
date
Sat, 06 Jan 2024 03:57:31 GMT
expires
0
pragma
no-cache
server
nginx
prbds2s
rtb.gumgum.com/usync/ Frame FC2A
3 KB
1 KB
Document
General
Full URL
https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=315692723-8443561-7147-1&id=2164baaad843254&uid=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.183.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-183-234.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
01cd6a401a5578d08267072b206145078cfdaef7cedb4f688c2ad94d42dcdcd6

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sat, 06 Jan 2024 03:57:31 GMT
etag
W/"055563e532830676da6a69ec5e0b9c535"
server
nginx
timing-allow-origin
*
/
s.0cf.io/ Frame 3732
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D74%26uid%3D
  • https://s.0cf.io/
38 KB
14 KB
Document
General
Full URL
https://s.0cf.io/
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=315692723-8443561-7147-1&id=2164baaad843254&uid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e4::ac40:aa24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f2de3317f7ffbfa96e0e04d6b862d3fab8f6cdd3dfcb29f65567ec131d21d13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5714
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
84110990bd713620-FRA
content-encoding
br
content-type
text/html
date
Sat, 06 Jan 2024 03:57:31 GMT
expires
Sat, 06 Jan 2024 04:27:31 GMT
last-modified
Tue, 05 Sep 2023 18:57:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n1INjfRtsASltxxafrKmNfbZOZy6LMtGGoBgWBJZUyvw2p0kza9X%2ByF5AvjA0%2F3zcRmf0lULEao0uemMTK8hEG8%2BWll2aORL9uz02xLsWTz9jpUaiqM3cJoqJ7CXiE9CTEK3ft1xrA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8411099069284516-TXL
content-length
0
date
Sat, 06 Jan 2024 03:57:31 GMT
expires
0
location
https://s.0cf.io/#ps=true&dbid=2164baaad843254&id=74&uid=ZZjPq0UqzPfZbB8OJFI9vgAA%265199
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qxBL1Wefy1dPyFVsbsaxMyx4AP2e%2F%2FI%2B1jnGp0bJOhIyTsWrD%2BTwWCLCvwHAmFR4OgVg8OfeK9BBHEbYIHm8AcmACtNlHmO%2Feg4OQoEVrpax8NeS0dkzfQ1oOD7vWVHyE2IqOdnP"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
prebid
rtb.openx.net/sync/ Frame 56AD
43 B
58 B
Document
General
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D19%26uid%3D%24%7BUID%7D
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=315692723-8443561-7147-1&id=2164baaad843254&uid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0, no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Sat, 06 Jan 2024 03:57:31 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
via
1.1 google
pixel
ap.lijit.com/ Frame FD7A
0
0
Document
General
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D25%26uid%3D%24UID
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=315692723-8443561-7147-1&id=2164baaad843254&uid=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.55.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-55-170.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
*
date
Sat, 06 Jan 2024 03:57:31 GMT
us.gif
sync.go.sonobi.com/ Frame D2D3
49 B
368 B
Document
General
Full URL
https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D26%26uid%3D%5BUID%5D
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=315692723-8443561-7147-1&id=2164baaad843254&uid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f350:3:2569:0:10:0:c , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, private
content-length
49
content-type
image/gif
date
Sat, 06 Jan 2024 03:57:32 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma
no-cache
server
sonobi-go
tcn
Choice
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-49
x-xss-protection
0
/
s.0cf.io/ Frame FE7E
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D22%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D22%26uid%3D%5BRX_UUID%5D&cb=1704513451673
  • https://ad.turn.com/r/cs?pid=45&rndcb=5666793734
  • https://sync.1rx.io/usersync/turn/7002654825162653195?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-32fa614d-2a1d-4521-b76c-b84aa0a674a5-003?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D22%26uid%3DRX-32fa614d-2a1d-4521...
  • https://s.0cf.io/
38 KB
14 KB
Document
General
Full URL
https://s.0cf.io/
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=315692723-8443561-7147-1&id=2164baaad843254&uid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e4::ac40:aa24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f2de3317f7ffbfa96e0e04d6b862d3fab8f6cdd3dfcb29f65567ec131d21d13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5715
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
841109938ecb3620-FRA
content-encoding
br
content-type
text/html
date
Sat, 06 Jan 2024 03:57:32 GMT
expires
Sat, 06 Jan 2024 04:27:32 GMT
last-modified
Tue, 05 Sep 2023 18:57:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MwtZ8scIMbWAY%2FysBcNuzlkN1YibW3PvT7dzd%2BTp6gcwtfBU3bMjICXivmK%2FZJT%2BcAuSyzY15zJVrQq3gsv8FwX11cgWTHVlKQl%2FH9vnMNVg5oqRS93z%2F%2FOKU6XWrV3CnUA3h7fICQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

content-type
text/html
date
Sat, 06 Jan 2024 03:57:32 GMT
etag
RX32fa614d2a1d4521b76cb84aa0a674a5003
location
https://s.0cf.io/#ps=true&dbid=2164baaad843254&id=22&uid=RX-32fa614d-2a1d-4521-b76c-b84aa0a674a5-003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
occ
ups.analytics.yahoo.com/ups/58448/ Frame FADD
0
0
Document
General
Full URL
https://ups.analytics.yahoo.com/ups/58448/occ?uid=2164baaad84325477%26uid%3D
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=315692723-8443561-7147-1&id=2164baaad843254&uid=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
date
Sat, 06 Jan 2024 03:57:31 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.94
strict-transport-security
max-age=31536000
/
s.0cf.io/ Frame E29C
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D81%26uid%3D
  • https://s.0cf.io/
38 KB
14 KB
Document
General
Full URL
https://s.0cf.io/
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=315692723-8443561-7147-1&id=2164baaad843254&uid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e4::ac40:aa24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f2de3317f7ffbfa96e0e04d6b862d3fab8f6cdd3dfcb29f65567ec131d21d13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5714
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
84110990ad6b3620-FRA
content-encoding
br
content-type
text/html
date
Sat, 06 Jan 2024 03:57:31 GMT
expires
Sat, 06 Jan 2024 04:27:31 GMT
last-modified
Tue, 05 Sep 2023 18:57:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GXCIQR43Y9V8q6Npc34694hjHTdpbEO7slrjw8uus1KDsVYzSdy5VYkjZYZrVlDH%2BPYZAhtfrai50%2FYiJmJ3ZgzwY1%2B5yYMDAP%2Fc4GJtBrOiHzZdJDk07SIcvQBaaCNAapxSq6pNWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

cache-control
max-age=0, private, must-revalidate
content-length
0
date
Sat, 06 Jan 2024 03:57:31 GMT
location
https://s.0cf.io/#ps=true&dbid=2164baaad843254&id=81&uid=?gdpr=0&gdpr_consent=0
server
envoy
x-envoy-upstream-service-time
0
/
onetag-sys.com/usync/ Frame 686B
0
95 B
Document
General
Full URL
https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=315692723-8443561-7147-1&id=2164baaad843254&uid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
content-length
0
strict-transport-security
max-age=15552000
getsync
ads.servenobid.com/ Frame F054
9 B
291 B
Fetch
General
Full URL
https://ads.servenobid.com/getsync?tek=pbs&ver=1&gdpr=0&gdpr_consent=0&us_privacy=0&format=json
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=315692723-8443561-7147-1&id=2164baaad843254&uid=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.111.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-111-107.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
72d427b7264997760074a94dcc1c9e54ae2c33b05276bfb3cfcd0f5d2d8bba3a

Request headers

Referer
https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=315692723-8443561-7147-1&id=2164baaad843254&uid=
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 06 Jan 2024 03:57:31 GMT
amp-access-control-allow-source-origin
*
content-type
text/plain;charset=ISO-8859-1
access-control-allow-origin
https://s.0cf.io
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
9
/
ssc-cms.33across.com/ps/ Frame FEE7
0
0
Document
General
Full URL
https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D1%26uid%3D33XUSERID33X
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=315692723-8443561-7147-1&id=2164baaad843254&uid=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.24 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP013 /
Resource Hash

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Sat, 06 Jan 2024 03:57:31 GMT
server
33XP013
x-33x-status
2000208
ImgSync
image8.pubmatic.com/AdServer/ Frame 8FD5
0
42 B
Document
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=315692723-8443561-7147-1&id=2164baaad843254&uid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Sat, 06 Jan 2024 03:57:29 GMT
/
s.0cf.io/ Frame 46E1
Redirect Chain
  • https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D21%26uid%3D%25%25VGUID%25%25
  • https://s.0cf.io/
38 KB
14 KB
Document
General
Full URL
https://s.0cf.io/
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=315692723-8443561-7147-1&id=2164baaad843254&uid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e4::ac40:aa24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f2de3317f7ffbfa96e0e04d6b862d3fab8f6cdd3dfcb29f65567ec131d21d13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5714
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
84110990ad6d3620-FRA
content-encoding
br
content-type
text/html
date
Sat, 06 Jan 2024 03:57:31 GMT
expires
Sat, 06 Jan 2024 04:27:31 GMT
last-modified
Tue, 05 Sep 2023 18:57:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oj%2FHwzslpbcgkThFOTXcGrwqVYDXRJ6teQHgCtjw2hukEsNQrHFF%2BDY%2BtMqqihhkT104kkbE92evubeMUTjkzJOT0J7xkcO9xaK9FjErZchvJq%2BimTMq%2FyBODLsb5C2LfautgtBO9w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
de-DE
cw-server
bh-deployment-db744d8c7-jrxfr
expires
-1
location
https://s.0cf.io/#ps=true&dbid=2164baaad843254&id=21&uid=SNqEiQ8eXqMK&ev=1&pid=561205
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000
v1
match.sharethrough.com/universal/ Frame 870E
0
0
Document
General
Full URL
https://match.sharethrough.com/universal/v1?supply_id=Uj448boa
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=315692723-8443561-7147-1&id=2164baaad843254&uid=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.6.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-6-17.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Sat, 06 Jan 2024 03:57:31 GMT
/
s.0cf.io/ Frame 7143
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D82%26uid%3D%5Bssb_s...
  • https://s.0cf.io/
38 KB
14 KB
Document
General
Full URL
https://s.0cf.io/
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=315692723-8443561-7147-1&id=2164baaad843254&uid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e4::ac40:aa24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f2de3317f7ffbfa96e0e04d6b862d3fab8f6cdd3dfcb29f65567ec131d21d13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5714
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
841109917dd53620-FRA
content-encoding
br
content-type
text/html
date
Sat, 06 Jan 2024 03:57:31 GMT
expires
Sat, 06 Jan 2024 04:27:31 GMT
last-modified
Tue, 05 Sep 2023 18:57:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QsEO0moJhXB6Iw6AHSA6gG7ur1ibOSBj3fjeKSb2CTW5uEa%2FwArHg3savc2pOhTikXBS5vrkz0hv71Tp8G5fBboUP%2BG00u0lVXJau0FSN0D%2B%2FJlft8Id6lg8LAs6XOUivCl2%2Ff2QRw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

content-length
0
date
Sat, 06 Jan 2024 03:57:30 GMT
location
https://s.0cf.io/#ps=true&dbid=2164baaad843254&id=82&uid=8485525874604977624
/
s.0cf.io/ps/ Frame 1A92
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_cm&google_nid=datablocks_inc&google_hm=2164baaad843254&dbid=2164baaad843254
  • https://s.0cf.io/ps/?dbid=2164baaad843254
2 B
488 B
Document
General
Full URL
https://s.0cf.io/ps/?dbid=2164baaad843254
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=315692723-8443561-7147-1&id=2164baaad843254&uid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e4::ac40:aa24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d74beec1be996322ad76813bafb92d40839895d6dd7ee808b17ca201eac98be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
MISS
cf-ray
84110990ed823620-FRA
content-encoding
br
content-type
text/html
date
Sat, 06 Jan 2024 03:57:31 GMT
expires
Sat, 06 Jan 2024 04:27:31 GMT
last-modified
Mon, 04 Oct 2021 18:28:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bAda%2B8rSRbcdYWLcVbGoBe2n07q2D6Xmbnj8owDWZbRAWQZBpcK5Y4tdv%2F1BAbdtCzxYHgYoAGfjmQvViwugQpKfGs%2B8MxglwIEq%2FHsz8xcryGnaxAw87lDVNZ%2BWfJF4qqtwlOSb8w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
315
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 06 Jan 2024 03:57:31 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://s.0cf.io/ps/?dbid=2164baaad843254#ps=true&id=666&uid=CAESELn8HjgsJabW2ZiCxxy34Nk&cver=1&error=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
/
s.0cf.io/ Frame 45D0
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D61%26uid%3D%5BMM_UUID%5D
  • https://s.0cf.io/
38 KB
14 KB
Document
General
Full URL
https://s.0cf.io/
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=315692723-8443561-7147-1&id=2164baaad843254&uid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e4::ac40:aa24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f2de3317f7ffbfa96e0e04d6b862d3fab8f6cdd3dfcb29f65567ec131d21d13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5715
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
841109933ea83620-FRA
content-encoding
br
content-type
text/html
date
Sat, 06 Jan 2024 03:57:32 GMT
expires
Sat, 06 Jan 2024 04:27:32 GMT
last-modified
Tue, 05 Sep 2023 18:57:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pECOH%2FoZEfgdMq5k%2B7dnNecvwIATdlTmJYYJjGc6ep8Br8o5iXRaWxA2mYCf7QlDHAvpbArlrTO8TqNGWRJ7LwD4z%2F7FoGLyJrB9rA9E5niqydSl5ZlyFo6fmTUWKkSLzNc3JufozA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sat, 06 Jan 2024 03:57:31 GMT
Expires
Sat, 06 Jan 2024 03:57:30 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1237 600843f master ord ord-pixel-x22 config_version:"2224"
location
https://s.0cf.io/#ps=true&dbid=2164baaad843254&id=61&uid=23ac6598-cfac-4b00-9c07-89faf10d07ea&gdpr=0&gdpr_consent=0
/
s.0cf.io/ Frame 0881
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D...
  • https://s.0cf.io/
38 KB
14 KB
Document
General
Full URL
https://s.0cf.io/
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=315692723-8443561-7147-1&id=2164baaad843254&uid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e4::ac40:aa24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f2de3317f7ffbfa96e0e04d6b862d3fab8f6cdd3dfcb29f65567ec131d21d13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5714
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
841109927e513620-FRA
content-encoding
br
content-type
text/html
date
Sat, 06 Jan 2024 03:57:31 GMT
expires
Sat, 06 Jan 2024 04:27:31 GMT
last-modified
Tue, 05 Sep 2023 18:57:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cA0qq1jAF5uDWU5Bp8bHGhAWNqCyBinXz%2FGDSr3A%2BbsHMh43DOdz5p5GstamrRItPtlxvd%2Fhj9UV97cvfdQ0vweov49qNYFmqgVyaZcbwYWqg2WSMDK41WXfWjfTJho8okH4Snp7Lw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

cache-control
max-age=0, no-cache, no-store
content-length
154
content-type
text/html
date
Sat, 06 Jan 2024 03:57:31 GMT
expires
Sat, 06 Jan 2024 03:57:31 GMT
location
https://s.0cf.io/#ps=true&dbid=2164baaad843254&id=88&uid=0000EEA
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
pragma
no-cache
server
Apache
strict-transport-security
max-age=86400 ; includeSubDomains max-age=604800
x-mnet-hl2
E
usync.js
eus.rubiconproject.com/ Frame E735
45 KB
13 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.211.9.109 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-9-109.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
205fc00c492a5bbdfc7d8fd5c52611a8e2acb2a48f8447433dfa8f6d2b0c65fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 03:57:31 GMT
Content-Encoding
gzip
Last-Modified
Sat, 06 Jan 2024 03:37:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=85196
Connection
keep-alive
Content-Length
13174
Expires
Sun, 07 Jan 2024 03:37:27 GMT
usersync
usersync.gumgum.com/ Frame FC2A
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=6241680270365964486
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=6241680270365964486
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 06 Jan 2024 03:57:31 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 03:57:31 GMT
an-x-request-uuid
c0041eb5-1bc3-43b6-833c-d19dd2f67094
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=6241680270365964486
x-proxy-origin
193.32.248.212; 193.32.248.212; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame FC2A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_04f80e4a-b938-4b93-9907-9c23869f8b6d&gdpr=0&gdpr_consent=0&us_privacy=
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=00b9d0ef-cdf3-4958-b731-562f8da30b68&gdpr=0&gdpr_consent=0&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=0&user_group=0&user_id=&ssp=gumgum2&bsw_param=00b9d0ef-cdf3-4958-b731-562f8da30b68
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=0&user_group=0&user_id=&ssp=gumgum2&bsw_param=00b9d0ef-cdf3-4958-b731-562f8da30b68
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Protocol
H2
Server
18.159.7.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-7-44.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

location
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=0&user_group=0&user_id=&ssp=gumgum2&bsw_param=00b9d0ef-cdf3-4958-b731-562f8da30b68
date
Sat, 06 Jan 2024 03:57:31 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame FC2A
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=0&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=0&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=ddab835f-76c6-4b07-b58d-5ebbce6fd516&gdpr=0&gdpr_consent=0
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=ddab835f-76c6-4b07-b58d-5ebbce6fd516&gdpr=0&gdpr_consent=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 06 Jan 2024 03:57:31 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sat, 06 Jan 2024 03:57:31 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=ddab835f-76c6-4b07-b58d-5ebbce6fd516&gdpr=0&gdpr_consent=0
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame FC2A
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=0
  • https://usersync.gumgum.com/usersync?b=sta&i=0-d5c470bd-3156-5bab-7650-933f58eef2af$ip$193.32.248.212
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-d5c470bd-3156-5bab-7650-933f58eef2af$ip$193.32.248.212
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 06 Jan 2024 03:57:32 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-d5c470bd-3156-5bab-7650-933f58eef2af$ip$193.32.248.212
Date
Sat, 06 Jan 2024 03:57:32 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
gumgum
pr-bh.ybp.yahoo.com/sync/ Frame FC2A
43 B
426 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:4a2f:8181:9d4c:7740 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
usersync
usersync.gumgum.com/ Frame FC2A
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersyn...
  • https://usersync.gumgum.com/usersync?b=vnt&i=4d5e7385-4b88-4178-8e68-480db3577b86
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=4d5e7385-4b88-4178-8e68-480db3577b86
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 06 Jan 2024 03:57:32 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=4d5e7385-4b88-4178-8e68-480db3577b86
Date
Sat, 06 Jan 2024 03:57:32 GMT
Connection
keep-alive
X-CI-RTID
74a0d776-b07f-466f-aede-587a6ec8ab27
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame FC2A
0
16 B
Image
General
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:31 GMT
content-length
0
server
c
usersync
usersync.gumgum.com/ Frame FC2A
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_04f80e4a-b938-4b93-9907-9c23869f8b6d&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 06 Jan 2024 03:57:32 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0
Pragma
no-cache
Date
Sat, 06 Jan 2024 03:57:32 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
102
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame FC2A
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=mIOyCSO6jsys&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
35 B
208 B
Image
General
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=mIOyCSO6jsys&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Protocol
H2
Server
18.200.183.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-183-234.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 03:57:31 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
location
https://rtb.gumgum.com/usersync?b=pln&i=mIOyCSO6jsys&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-db744d8c7-jrxfr
expires
-1
usersync
usersync.gumgum.com/ Frame FC2A
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0
  • https://usersync.gumgum.com/usersync?b=sad&i=6502715438851894600
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=6502715438851894600
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 06 Jan 2024 03:57:32 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=6502715438851894600
date
Sat, 06 Jan 2024 03:57:31 GMT
content-length
0
usersync
usersync.gumgum.com/ Frame F4B0
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0
  • https://usersync.gumgum.com/usersync?b=adf&i=6880871995993698701&gdpr=0&gdpr_consent=0
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=adf&i=6880871995993698701&gdpr=0&gdpr_consent=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 06 Jan 2024 03:57:31 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Sat, 06 Jan 2024 03:57:31 GMT
expires
-1
location
https://usersync.gumgum.com/usersync?b=adf&i=6880871995993698701&gdpr=0&gdpr_consent=0
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame 48A8
170 B
243 B
Document
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8wNGY4MGU0YS1iOTM4LTRiOTMtOTkwNy05YzIzODY5ZjhiNmQ=&gdpr=0&gdpr_consent=0&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Sat, 06 Jan 2024 03:57:31 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 231E
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.211.9.91 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-9-91.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=55738
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sat, 06 Jan 2024 03:57:31 GMT
expires
Sat, 06 Jan 2024 19:26:29 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 0202
70 B
148 B
Document
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Sat, 06 Jan 2024 03:57:31 GMT
server
Kestrel
usersync
usersync.gumgum.com/ Frame 3253
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZZjPrMCo5sAAAAfQgYwAAAAA
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZZjPrMCo5sAAAAfQgYwAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 06 Jan 2024 03:57:32 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Sat, 06 Jan 2024 03:57:32 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZZjPrMCo5sAAAAfQgYwAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
m-ad367.dc4p.scaleout.jp
X-SO-IP
193.32.248.212
X-SO-Key
ZZjPrMCo5sAAAAfQgYwAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZZjPrMCo5sAAAAfQgYwAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad367"}
X-SO-LB-Hostname
a-tgng40002.dc2p.scaleout.jp
X-SO-Upstream-ID
m-ad367
usersync
usersync.gumgum.com/ Frame B01E
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=x4RqQwkmpMLLbvxCirlf5iVesk90GM5lrw6tdgrRUJY&pi=gumgum&tc=1
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=x4RqQwkmpMLLbvxCirlf5iVesk90GM5lrw6tdgrRUJY&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 06 Jan 2024 03:57:31 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sat, 06 Jan 2024 03:57:31 GMT Sat, 06 Jan 2024 03:57:31 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=x4RqQwkmpMLLbvxCirlf5iVesk90GM5lrw6tdgrRUJY&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 35F3
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.211.9.109 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-9-109.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 06 Jan 2024 03:57:31 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 06 Jan 2024 03:57:31 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
/
s.0cf.io/ Frame C466
38 KB
14 KB
Document
General
Full URL
https://s.0cf.io/
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e4::ac40:aa24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f2de3317f7ffbfa96e0e04d6b862d3fab8f6cdd3dfcb29f65567ec131d21d13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5714
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
84110990dd7f3620-FRA
content-encoding
br
content-type
text/html
date
Sat, 06 Jan 2024 03:57:31 GMT
expires
Sat, 06 Jan 2024 04:27:31 GMT
last-modified
Tue, 05 Sep 2023 18:57:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=spQpFiRkoz1v1rVrzAL%2Fp8etXXy4lPM%2FT6B7HYVvCNrqKUnb%2FHY9b5Lhi%2B17wa90yYd8hppNK3Cg1005HFu5l0wlHQHMoOTRJRXY2QzOVqgy%2Bycs%2B0kltGqiolZ52gsykrF7%2FDS27A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 35F3
45 KB
13 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.211.9.109 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-9-109.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
205fc00c492a5bbdfc7d8fd5c52611a8e2acb2a48f8447433dfa8f6d2b0c65fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 03:57:31 GMT
Content-Encoding
gzip
Last-Modified
Sat, 06 Jan 2024 03:37:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=85196
Connection
keep-alive
Content-Length
13174
Expires
Sun, 07 Jan 2024 03:37:27 GMT
1
sync-eu.connectad.io/syncer/ Frame 72CE
0
0
Document
General
Full URL
https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://cdn.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
841109918daf9b1f-FRA
content-type
text/html; charset=UTF-8
date
Sat, 06 Jan 2024 03:57:31 GMT
server
cloudflare
vary
Accept-Encoding Origin
getuidj
ib.adnxs.com/ Frame E29C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ib.adnxs.com/getuidj
  • https://ib.adnxs.com/getuidj
29 B
869 B
Fetch
General
Full URL
https://ib.adnxs.com/getuidj
Protocol
H2
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
3553aadfc34476c6bbcd41387145b17ed6cdc55544e09b664a37a0c9395b1cf7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.0cf.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 03:57:31 GMT
an-x-request-uuid
725a9b35-6edf-4a1e-bb94-037bfe2e3ed2
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://s.0cf.io
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
193.32.248.212; 193.32.248.212; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
29
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 03:57:31 GMT
an-x-request-uuid
c6490fd3-866f-440e-9204-6a8207d58ecd
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://s.0cf.io
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ib.adnxs.com/getuidj
x-proxy-origin
193.32.248.212; 193.32.248.212; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
s.0cf.io/ Frame D2F2
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D76%26uid%3D%24UID
  • https://s.0cf.io/
38 KB
14 KB
Document
General
Full URL
https://s.0cf.io/
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e4::ac40:aa24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f2de3317f7ffbfa96e0e04d6b862d3fab8f6cdd3dfcb29f65567ec131d21d13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5714
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
841109922e2a3620-FRA
content-encoding
br
content-type
text/html
date
Sat, 06 Jan 2024 03:57:31 GMT
expires
Sat, 06 Jan 2024 04:27:31 GMT
last-modified
Tue, 05 Sep 2023 18:57:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fn3kfVAzZLnJOnw9DdfAFkeZwdZkhnog4q2U6FfjahZt2DfRDc%2FciviFzxIRH%2BPvV37inidBo3Lo3BewWV8c79osL7OBMSKfADf1BQkM6JDYvH1n0rfc86gm%2BqgOCWiPUSN97HtLTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sat, 06 Jan 2024 03:57:31 GMT
location
https://s.0cf.io/#ps=true&dbid=2164baaad843254&id=76&uid=2464080405936714194217
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
getuids
prebid-server.rubiconproject.com/ Frame E29C
43 B
347 B
Fetch
General
Full URL
https://prebid-server.rubiconproject.com/getuids
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
7f119acdb43a02637ad03afd15c4689163f5560418d28283fc1c9f5bd08de347

Request headers

Referer
https://s.0cf.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
Content-Type
application/json;charset=utf-8
access-control-allow-origin
https://s.0cf.io
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
69
Expires
0
rid
match.adsrvr.org/track/ Frame E29C
63 B
416 B
Fetch
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
a7c8ca0a331604956c4ae35a7c31a920702d595ca726f3056937aa851f614c3f

Request headers

Referer
https://s.0cf.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 06 Jan 2024 03:57:31 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://s.0cf.io
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Mon, 05 Feb 2024 03:57:31 GMT
connectmyusers.php
cdn.connectad.io/ Frame 3D0F
1 KB
715 B
Document
General
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2093
alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-cache-status
HIT
cf-ray
841109918dae9b1f-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 06 Jan 2024 03:57:31 GMT
last-modified
Sat, 06 Jan 2024 03:22:38 GMT
server
cloudflare
vary
Accept-Encoding
current
prebid-match.dotomi.com/match/bounce/ Frame 2040
0
0
Document
General
Full URL
https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D10%26uid%3D
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, private, max-age=0, no-store
date
Sat, 06 Jan 2024 03:57:31 GMT
expires
0
pragma
no-cache
server
nginx
prbds2s
rtb.gumgum.com/usync/ Frame 788F
3 KB
1 KB
Document
General
Full URL
https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.183.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-183-234.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
46a9a92f2c9cd5e5fd4dc6de3234be3028246f278ed1648370aae94a024b1dba

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sat, 06 Jan 2024 03:57:31 GMT
etag
W/"018fba46861f3ac12ffbd06e3810a4fbd"
server
nginx
timing-allow-origin
*
/
s.0cf.io/ Frame F12B
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D74%26uid%3D
  • https://s.0cf.io/
38 KB
14 KB
Document
General
Full URL
https://s.0cf.io/
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e4::ac40:aa24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f2de3317f7ffbfa96e0e04d6b862d3fab8f6cdd3dfcb29f65567ec131d21d13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5714
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
841109922e303620-FRA
content-encoding
br
content-type
text/html
date
Sat, 06 Jan 2024 03:57:31 GMT
expires
Sat, 06 Jan 2024 04:27:31 GMT
last-modified
Tue, 05 Sep 2023 18:57:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kJU7TDCwQAwQ%2FtJ8SgQnXJaiL1qqj1IxoIojXAUhQx5mmweuPTPUK7UOCsW2iCLc7Vj2o9ToOkB2bQb8my4kBg2ONVTxUtiVE55nTMKNp6qDwtOS5NgAgM9o0qIUgqQvGWhJmiPNvw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8411099179d34516-TXL
content-length
0
date
Sat, 06 Jan 2024 03:57:31 GMT
expires
0
location
https://s.0cf.io/#ps=true&dbid=2164baaad843254&id=74&uid=ZZjPq0UqzPfZbB8OJFI9vgAA%265199
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hhQiotBxqo5BiQoKYV6uXuN0YJBO%2F%2FV63CApHyO9xpt13Kt3JbmiJFSYm5BynOwcUpfQrmQUvM5MpKSWc1Q9kDglFRYCwrO0FgfSOZKpNPLq5AKGpnBHujPzLfwGSxmWT%2FjATEKb"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
prebid
rtb.openx.net/sync/ Frame 2633
43 B
58 B
Document
General
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D19%26uid%3D%24%7BUID%7D
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0, no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Sat, 06 Jan 2024 03:57:31 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
via
1.1 google
pixel
ap.lijit.com/ Frame C104
0
0
Document
General
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D25%26uid%3D%24UID
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.55.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-55-170.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
*
date
Sat, 06 Jan 2024 03:57:31 GMT
us.gif
sync.go.sonobi.com/ Frame 22F6
49 B
367 B
Document
General
Full URL
https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D26%26uid%3D%5BUID%5D
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f350:3:2569:0:10:0:c , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, private
content-length
49
content-type
image/gif
date
Sat, 06 Jan 2024 03:57:32 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma
no-cache
server
sonobi-go
tcn
Choice
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-49
x-xss-protection
0
/
s.0cf.io/ Frame D88B
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D22%26uid%3D%5BRX_UUID%5D
  • https://ad.turn.com/r/cs?pid=45&rndcb=1728500877
  • https://sync.1rx.io/usersync/turn/3976517350546390539?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-32fa614d-2a1d-4521-b76c-b84aa0a674a5-003?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D22%26uid%3DRX-32fa614d-2a1d-4521...
  • https://s.0cf.io/
38 KB
14 KB
Document
General
Full URL
https://s.0cf.io/
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e4::ac40:aa24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f2de3317f7ffbfa96e0e04d6b862d3fab8f6cdd3dfcb29f65567ec131d21d13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5715
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
841109938ec93620-FRA
content-encoding
br
content-type
text/html
date
Sat, 06 Jan 2024 03:57:32 GMT
expires
Sat, 06 Jan 2024 04:27:32 GMT
last-modified
Tue, 05 Sep 2023 18:57:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fCBakMCValolE%2BDWGg0Qsa%2B7zj6eUEsy6KZAfFuFzzmq6FlpIMQPUm2lndUz4%2Bc0%2Bml6G9Jf61OGRaTxU%2BdYKshzKsIZllIX8ivleZ92a%2FCPITUTzkvQrmbgVOfEQZdRzu04j4wVXw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

content-type
text/html
date
Sat, 06 Jan 2024 03:57:32 GMT
etag
RX32fa614d2a1d4521b76cb84aa0a674a5003
location
https://s.0cf.io/#ps=true&dbid=2164baaad843254&id=22&uid=RX-32fa614d-2a1d-4521-b76c-b84aa0a674a5-003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
occ
ups.analytics.yahoo.com/ups/58448/ Frame 9879
0
0
Document
General
Full URL
https://ups.analytics.yahoo.com/ups/58448/occ?uid=2164baaad84325477%26uid%3D
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
date
Sat, 06 Jan 2024 03:57:31 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.94
strict-transport-security
max-age=31536000
/
s.0cf.io/ Frame 130D
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D81%26uid%3D
  • https://s.0cf.io/
38 KB
14 KB
Document
General
Full URL
https://s.0cf.io/
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e4::ac40:aa24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f2de3317f7ffbfa96e0e04d6b862d3fab8f6cdd3dfcb29f65567ec131d21d13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5714
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
841109922e2c3620-FRA
content-encoding
br
content-type
text/html
date
Sat, 06 Jan 2024 03:57:31 GMT
expires
Sat, 06 Jan 2024 04:27:31 GMT
last-modified
Tue, 05 Sep 2023 18:57:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eyfLpkV8ROSRdklLWBBGT7OCO6wZiq9jJhd1zb%2BRmPy5jT1%2FazvZ25sBt16z22mOZjPUV38i05bhlrG%2Bp4vtJd29F8V%2FsN%2BmDdb1UVZF0REa6PovjVdYlI7EZFAVOzdQxxJPaNRlBg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

cache-control
max-age=0, private, must-revalidate
content-length
0
date
Sat, 06 Jan 2024 03:57:31 GMT
location
https://s.0cf.io/#ps=true&dbid=2164baaad843254&id=81&uid=?gdpr=0&gdpr_consent=0
server
envoy
x-envoy-upstream-service-time
0
/
onetag-sys.com/usync/ Frame D215
0
94 B
Document
General
Full URL
https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
content-length
0
strict-transport-security
max-age=15552000
getsync
ads.servenobid.com/ Frame E29C
9 B
290 B
Fetch
General
Full URL
https://ads.servenobid.com/getsync?tek=pbs&ver=1&gdpr=0&gdpr_consent=0&us_privacy=0&format=json
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.111.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-111-107.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
72d427b7264997760074a94dcc1c9e54ae2c33b05276bfb3cfcd0f5d2d8bba3a

Request headers

Referer
https://s.0cf.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 06 Jan 2024 03:57:31 GMT
amp-access-control-allow-source-origin
*
content-type
text/plain;charset=ISO-8859-1
access-control-allow-origin
https://s.0cf.io
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
9
/
ssc-cms.33across.com/ps/ Frame 411A
0
0
Document
General
Full URL
https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D1%26uid%3D33XUSERID33X
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.24 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP007 /
Resource Hash

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Sat, 06 Jan 2024 03:57:31 GMT
server
33XP007
x-33x-status
2000208
ImgSync
image8.pubmatic.com/AdServer/ Frame 3AC6
0
39 B
Document
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Sat, 06 Jan 2024 03:57:30 GMT
/
s.0cf.io/ Frame CCDF
Redirect Chain
  • https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D21%26uid%3D%25%25VGUID%25%25
  • https://s.0cf.io/
38 KB
14 KB
Document
General
Full URL
https://s.0cf.io/
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e4::ac40:aa24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f2de3317f7ffbfa96e0e04d6b862d3fab8f6cdd3dfcb29f65567ec131d21d13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5714
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
841109922e2d3620-FRA
content-encoding
br
content-type
text/html
date
Sat, 06 Jan 2024 03:57:31 GMT
expires
Sat, 06 Jan 2024 04:27:31 GMT
last-modified
Tue, 05 Sep 2023 18:57:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BVmj63joNsxmhEGNP1M3VrghzmQx5%2B0PaUmiqIzU1%2FhIrM7Idpf0B2OexOxJuKqPgCe%2BlA%2FsQ1LD%2FhQ%2B2cHcFndSEKMRhpuh4BswQJ6xLD1GpC0JgzhQbHcBnuWhOwtFwnDHnOIvvw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
de-DE
cw-server
bh-deployment-db744d8c7-jrxfr
expires
-1
location
https://s.0cf.io/#ps=true&dbid=2164baaad843254&id=21&uid=qTLU1osbtDH1&ev=1&pid=561205
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000
v1
match.sharethrough.com/universal/ Frame 4FB4
0
0
Document
General
Full URL
https://match.sharethrough.com/universal/v1?supply_id=Uj448boa
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.6.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-6-17.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Sat, 06 Jan 2024 03:57:31 GMT
/
s.0cf.io/ Frame FFBC
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D82%26uid%3D%5Bssb_s...
  • https://s.0cf.io/
38 KB
14 KB
Document
General
Full URL
https://s.0cf.io/
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e4::ac40:aa24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f2de3317f7ffbfa96e0e04d6b862d3fab8f6cdd3dfcb29f65567ec131d21d13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5714
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
841109923e313620-FRA
content-encoding
br
content-type
text/html
date
Sat, 06 Jan 2024 03:57:31 GMT
expires
Sat, 06 Jan 2024 04:27:31 GMT
last-modified
Tue, 05 Sep 2023 18:57:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XhUFTFmg%2Bu1KZTkciPV%2F%2FjZ8YlKmDLaw7RY19KnPjg0i%2Be5lMpbXBETjzLTJm%2FhCBHQCF3%2FXLmvn4%2FjRqgJHaOaE1%2BR3IC%2BGZLKuTCkGfVNaOAAp417XtHxpgkyv5v7Tan7%2BReUPag%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

content-length
0
date
Sat, 06 Jan 2024 03:57:31 GMT
location
https://s.0cf.io/#ps=true&dbid=2164baaad843254&id=82&uid=8485525874604977624
/
s.0cf.io/ps/ Frame 0636
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_cm&google_nid=datablocks_inc&google_hm=2164baaad843254&dbid=2164baaad843254
  • https://s.0cf.io/ps/?dbid=2164baaad843254
2 B
487 B
Document
General
Full URL
https://s.0cf.io/ps/?dbid=2164baaad843254
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e4::ac40:aa24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d74beec1be996322ad76813bafb92d40839895d6dd7ee808b17ca201eac98be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
841109923e323620-FRA
content-encoding
br
content-type
text/html
date
Sat, 06 Jan 2024 03:57:31 GMT
expires
Sat, 06 Jan 2024 04:27:31 GMT
last-modified
Mon, 04 Oct 2021 18:28:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gYqgoyUxjd8LSBaWWSVUeFtNSlxIl3j4ipV7uw3uz97W%2BZ198nUrdzgx9Jlr3IU9rAmvbc4gaUnzK29vo7TSRg41nWDD%2B7a8N%2Bmt6WZ%2BYyzmCMMYjLjHImPfHksp9fMs7NbxIuIL0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
315
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 06 Jan 2024 03:57:31 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://s.0cf.io/ps/?dbid=2164baaad843254#ps=true&id=666&uid=CAESELn8HjgsJabW2ZiCxxy34Nk&cver=1&error=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
/
s.0cf.io/ Frame 4977
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D61%26uid%3D%5BMM_UUID%5D
  • https://s.0cf.io/
38 KB
14 KB
Document
General
Full URL
https://s.0cf.io/
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e4::ac40:aa24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f2de3317f7ffbfa96e0e04d6b862d3fab8f6cdd3dfcb29f65567ec131d21d13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5715
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
841109940f183620-FRA
content-encoding
br
content-type
text/html
date
Sat, 06 Jan 2024 03:57:32 GMT
expires
Sat, 06 Jan 2024 04:27:32 GMT
last-modified
Tue, 05 Sep 2023 18:57:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xCM8hhndrzqNGMbtsVVvyS1%2BAJ4qxY%2FTF%2Bn6lyrHONoh8ap7gWPLVYboF7RKL%2F%2F9p1Iq5O4KYOJ1nrCjDHoEY1d5WgPNtKmFibOBcAWfBtiWURDPj1BmeScTAQCn2Hdvm%2B%2BEF8Mhhg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sat, 06 Jan 2024 03:57:32 GMT
Expires
Sat, 06 Jan 2024 03:57:31 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1237 600843f master ord ord-pixel-x10 config_version:"2224"
location
https://s.0cf.io/#ps=true&dbid=2164baaad843254&id=61&uid=26de6598-cfac-4b00-bf2a-f61f23e3e5ee&gdpr=0&gdpr_consent=0
/
s.0cf.io/ Frame 8981
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D...
  • https://s.0cf.io/
38 KB
14 KB
Document
General
Full URL
https://s.0cf.io/
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e4::ac40:aa24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f2de3317f7ffbfa96e0e04d6b862d3fab8f6cdd3dfcb29f65567ec131d21d13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5715
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
841109938ec83620-FRA
content-encoding
br
content-type
text/html
date
Sat, 06 Jan 2024 03:57:32 GMT
expires
Sat, 06 Jan 2024 04:27:32 GMT
last-modified
Tue, 05 Sep 2023 18:57:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2FqZnzFRMHdyzSFQMWXYEsIgSqluTzu%2FIuiG20gbHrUcJH1OE21v6%2FY0%2Fn5TTnY8OGnsu%2ByCNT8OQhtwP5iKu4oIQhPEjvS0yeue%2FX5%2FHsybfuVqLfB9qFyES0okq54jk0DLWxKLdw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

cache-control
max-age=0, no-cache, no-store
content-length
154
content-type
text/html
date
Sat, 06 Jan 2024 03:57:32 GMT
expires
Sat, 06 Jan 2024 03:57:32 GMT
location
https://s.0cf.io/#ps=true&dbid=2164baaad843254&id=88&uid=0000EEA
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
pragma
no-cache
server
Apache
strict-transport-security
max-age=86400 ; includeSubDomains max-age=604800
x-mnet-hl2
E
khaos.json
token.rubiconproject.com/ Frame 2E75
7 B
380 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
402fba8a82f093def2459220061c8d31
Expires
0
usersync
usersync.gumgum.com/ Frame 788F
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=6241680270365964486
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=6241680270365964486
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 06 Jan 2024 03:57:31 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 03:57:31 GMT
an-x-request-uuid
15b4b24b-9d4a-40e3-b5dd-37acb9740c03
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=6241680270365964486
x-proxy-origin
193.32.248.212; 193.32.248.212; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
getuid
ads.avct.cloud/ Frame 788F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_04f80e4a-b938-4b93-9907-9c23869f8b6d&gdpr=0&gdpr_consent=0&us_privacy=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2
0
0

usersync
usersync.gumgum.com/ Frame 788F
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=0&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=ddab835f-76c6-4b07-b58d-5ebbce6fd516&gdpr=0&gdpr_consent=0
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=ddab835f-76c6-4b07-b58d-5ebbce6fd516&gdpr=0&gdpr_consent=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 06 Jan 2024 03:57:32 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sat, 06 Jan 2024 03:57:31 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=ddab835f-76c6-4b07-b58d-5ebbce6fd516&gdpr=0&gdpr_consent=0
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 788F
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=0
  • https://usersync.gumgum.com/usersync?b=sta&i=0-d5c470bd-3156-5bab-7650-933f58eef2af$ip$193.32.248.212
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-d5c470bd-3156-5bab-7650-933f58eef2af$ip$193.32.248.212
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 06 Jan 2024 03:57:32 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-d5c470bd-3156-5bab-7650-933f58eef2af$ip$193.32.248.212
Date
Sat, 06 Jan 2024 03:57:32 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
gumgum
pr-bh.ybp.yahoo.com/sync/ Frame 788F
43 B
425 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:4a2f:8181:9d4c:7740 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
usersync
usersync.gumgum.com/ Frame 788F
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersyn...
  • https://usersync.gumgum.com/usersync?b=vnt&i=15ff2319-7f3f-4591-bbd9-6f9f40671337
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=15ff2319-7f3f-4591-bbd9-6f9f40671337
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 06 Jan 2024 03:57:32 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=15ff2319-7f3f-4591-bbd9-6f9f40671337
Date
Sat, 06 Jan 2024 03:57:32 GMT
Connection
keep-alive
X-CI-RTID
1e04930c-83bd-4d5b-b490-fd064e63425b
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame 788F
0
44 B
Image
General
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:31 GMT
content-length
0
server
c
usersync
usersync.gumgum.com/ Frame 788F
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_04f80e4a-b938-4b93-9907-9c23869f8b6d&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 06 Jan 2024 03:57:32 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0
Pragma
no-cache
Date
Sat, 06 Jan 2024 03:57:32 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
102
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 788F
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0
  • https://usersync.gumgum.com/usersync?b=sad&i=8485525874604977624
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=8485525874604977624
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 06 Jan 2024 03:57:32 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=8485525874604977624
date
Sat, 06 Jan 2024 03:57:31 GMT
content-length
0
usersync
usersync.gumgum.com/ Frame DD8B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0
  • https://usersync.gumgum.com/usersync?b=adf&i=3600685581935743263&gdpr=0&gdpr_consent=0
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=adf&i=3600685581935743263&gdpr=0&gdpr_consent=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 06 Jan 2024 03:57:31 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Sat, 06 Jan 2024 03:57:31 GMT
expires
-1
location
https://usersync.gumgum.com/usersync?b=adf&i=3600685581935743263&gdpr=0&gdpr_consent=0
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame F801
170 B
188 B
Document
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8wNGY4MGU0YS1iOTM4LTRiOTMtOTkwNy05YzIzODY5ZjhiNmQ=&gdpr=0&gdpr_consent=0&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Sat, 06 Jan 2024 03:57:31 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D9A4
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.211.9.91 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-9-91.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=55738
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sat, 06 Jan 2024 03:57:31 GMT
expires
Sat, 06 Jan 2024 19:26:29 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 8EA7
70 B
148 B
Document
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Sat, 06 Jan 2024 03:57:31 GMT
server
Kestrel
usersync
usersync.gumgum.com/ Frame 9E58
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZZjPrMCo5ukAAG3xuHMAAAAA
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZZjPrMCo5ukAAG3xuHMAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 06 Jan 2024 03:57:32 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Sat, 06 Jan 2024 03:57:32 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZZjPrMCo5ukAAG3xuHMAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
m-ad419.dc4p.scaleout.jp
X-SO-IP
193.32.248.212
X-SO-Key
ZZjPrMCo5ukAAG3xuHMAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZZjPrMCo5ukAAG3xuHMAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad419"}
X-SO-LB-Hostname
a-tgng40018.dc2p.scaleout.jp
X-SO-Upstream-ID
m-ad419
usersync
usersync.gumgum.com/ Frame 3EB7
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=uHaivwvLBJ5YPIj1n0ONwgiu9hEkT8HIrk0y2_36kRA&pi=gumgum&tc=1
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=uHaivwvLBJ5YPIj1n0ONwgiu9hEkT8HIrk0y2_36kRA&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 06 Jan 2024 03:57:32 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sat, 06 Jan 2024 03:57:31 GMT Sat, 06 Jan 2024 03:57:31 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=uHaivwvLBJ5YPIj1n0ONwgiu9hEkT8HIrk0y2_36kRA&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame AD40
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.211.9.109 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-9-109.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 06 Jan 2024 03:57:31 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 06 Jan 2024 03:57:31 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
/
s.0cf.io/ Frame 3C50
38 KB
14 KB
Document
General
Full URL
https://s.0cf.io/
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e4::ac40:aa24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f2de3317f7ffbfa96e0e04d6b862d3fab8f6cdd3dfcb29f65567ec131d21d13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5714
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
841109924e403620-FRA
content-encoding
br
content-type
text/html
date
Sat, 06 Jan 2024 03:57:31 GMT
expires
Sat, 06 Jan 2024 04:27:31 GMT
last-modified
Tue, 05 Sep 2023 18:57:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HFNxr6a2%2BcCmsF%2FhYjhh9T34so6Dt7Qlqjo3ZKO1uTLFECVfjr%2BmRxOi%2BfFeHMUGIB6%2FjTcZpyQB1I8qU6mSbDSWgBI%2B%2FPhSC8HCxoVxSzj1OLNQ1O%2B6lTiKhd4zYZwEHrCjP%2FtdHg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame AD40
45 KB
13 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.211.9.109 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-9-109.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
205fc00c492a5bbdfc7d8fd5c52611a8e2acb2a48f8447433dfa8f6d2b0c65fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 03:57:31 GMT
Content-Encoding
gzip
Last-Modified
Sat, 06 Jan 2024 03:37:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=85196
Connection
keep-alive
Content-Length
13174
Expires
Sun, 07 Jan 2024 03:37:27 GMT
getuidj
ib.adnxs.com/ Frame 130D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ib.adnxs.com/getuidj
  • https://ib.adnxs.com/getuidj
29 B
869 B
Fetch
General
Full URL
https://ib.adnxs.com/getuidj
Protocol
H2
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
3553aadfc34476c6bbcd41387145b17ed6cdc55544e09b664a37a0c9395b1cf7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.0cf.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 03:57:31 GMT
an-x-request-uuid
99292d81-fd0a-4324-8bed-b8e6e34a7579
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://s.0cf.io
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
193.32.248.212; 193.32.248.212; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
29
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 03:57:31 GMT
an-x-request-uuid
5e5945d8-9e43-414a-9c59-26876d5c9f76
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://s.0cf.io
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ib.adnxs.com/getuidj
x-proxy-origin
193.32.248.212; 193.32.248.212; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
getuid
eb2.3lift.com/ Frame ED97
0
0

getuids
prebid-server.rubiconproject.com/ Frame 130D
43 B
347 B
Fetch
General
Full URL
https://prebid-server.rubiconproject.com/getuids
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
7f119acdb43a02637ad03afd15c4689163f5560418d28283fc1c9f5bd08de347

Request headers

Referer
https://s.0cf.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
Content-Type
application/json;charset=utf-8
access-control-allow-origin
https://s.0cf.io
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
69
Expires
0
rid
match.adsrvr.org/track/ Frame 130D
63 B
416 B
Fetch
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
a7c8ca0a331604956c4ae35a7c31a920702d595ca726f3056937aa851f614c3f

Request headers

Referer
https://s.0cf.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 06 Jan 2024 03:57:31 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://s.0cf.io
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Mon, 05 Feb 2024 03:57:31 GMT
connectmyusers.php
cdn.connectad.io/ Frame 317D
1 KB
867 B
Document
General
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
942
alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-cache-status
HIT
cf-ray
84110992d9a93659-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 06 Jan 2024 03:57:31 GMT
last-modified
Sat, 06 Jan 2024 03:41:49 GMT
server
cloudflare
vary
Accept-Encoding
current
prebid-match.dotomi.com/match/bounce/ Frame F384
0
0
Document
General
Full URL
https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D10%26uid%3D
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, private, max-age=0, no-store
date
Sat, 06 Jan 2024 03:57:31 GMT
expires
0
pragma
no-cache
server
nginx
prbds2s
rtb.gumgum.com/usync/ Frame 4894
3 KB
1 KB
Document
General
Full URL
https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.183.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-183-234.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
46a9a92f2c9cd5e5fd4dc6de3234be3028246f278ed1648370aae94a024b1dba

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sat, 06 Jan 2024 03:57:31 GMT
etag
W/"018fba46861f3ac12ffbd06e3810a4fbd"
server
nginx
timing-allow-origin
*
usermatchredir
ssum.casalemedia.com/ Frame 4DF1
0
0

prebid
rtb.openx.net/sync/ Frame 1365
43 B
58 B
Document
General
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D19%26uid%3D%24%7BUID%7D
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0, no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Sat, 06 Jan 2024 03:57:31 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
via
1.1 google
pixel
ap.lijit.com/ Frame 2B5F
0
0
Document
General
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D25%26uid%3D%24UID
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.55.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-55-170.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
*
date
Sat, 06 Jan 2024 03:57:31 GMT
us.gif
sync.go.sonobi.com/ Frame 95D8
49 B
367 B
Document
General
Full URL
https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D26%26uid%3D%5BUID%5D
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f350:3:2569:0:10:0:c , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, private
content-length
49
content-type
image/gif
date
Sat, 06 Jan 2024 03:57:32 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma
no-cache
server
sonobi-go
tcn
Choice
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-49
x-xss-protection
0
generic
match.adsrvr.org/track/cmf/ Frame 4A8C
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D22%26uid%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=459972833
70 B
148 B
Document
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=459972833
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Sat, 06 Jan 2024 03:57:32 GMT
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Sat, 06 Jan 2024 03:57:31 GMT
etag
RX32fa614d2a1d4521b76cb84aa0a674a5003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=459972833
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
occ
ups.analytics.yahoo.com/ups/58448/ Frame 6EFB
0
0
Document
General
Full URL
https://ups.analytics.yahoo.com/ups/58448/occ?uid=2164baaad84325477%26uid%3D
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
date
Sat, 06 Jan 2024 03:57:31 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.94
strict-transport-security
max-age=31536000
0
prebid.a-mo.net/cchain/ Frame 11AA
0
0

/
onetag-sys.com/usync/ Frame 6323
0
94 B
Document
General
Full URL
https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
content-length
0
strict-transport-security
max-age=15552000
getsync
ads.servenobid.com/ Frame 130D
9 B
290 B
Fetch
General
Full URL
https://ads.servenobid.com/getsync?tek=pbs&ver=1&gdpr=0&gdpr_consent=0&us_privacy=0&format=json
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.111.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-111-107.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
72d427b7264997760074a94dcc1c9e54ae2c33b05276bfb3cfcd0f5d2d8bba3a

Request headers

Referer
https://s.0cf.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 06 Jan 2024 03:57:31 GMT
amp-access-control-allow-source-origin
*
content-type
text/plain;charset=ISO-8859-1
access-control-allow-origin
https://s.0cf.io
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
9
/
ssc-cms.33across.com/ps/ Frame CE0C
0
0
Document
General
Full URL
https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D1%26uid%3D33XUSERID33X
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.24 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP012 /
Resource Hash

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Sat, 06 Jan 2024 03:57:31 GMT
server
33XP012
x-33x-status
2000208
ImgSync
image8.pubmatic.com/AdServer/ Frame 85EF
0
39 B
Document
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Sat, 06 Jan 2024 03:57:31 GMT
rtset
bh.contextweb.com/ Frame 4528
0
0

v1
match.sharethrough.com/universal/ Frame 711B
0
0
Document
General
Full URL
https://match.sharethrough.com/universal/v1?supply_id=Uj448boa
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.6.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-6-17.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Sat, 06 Jan 2024 03:57:31 GMT
sync
ssbsync-global.smartadserver.com/api/ Frame BFF8
0
0

/
s.0cf.io/ps/ Frame 7647
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_cm&google_nid=datablocks_inc&google_hm=2164baaad843254&dbid=2164baaad843254
  • https://s.0cf.io/ps/?dbid=2164baaad843254
2 B
492 B
Document
General
Full URL
https://s.0cf.io/ps/?dbid=2164baaad843254
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e4::ac40:aa24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d74beec1be996322ad76813bafb92d40839895d6dd7ee808b17ca201eac98be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
841109935eb43620-FRA
content-encoding
br
content-type
text/html
date
Sat, 06 Jan 2024 03:57:32 GMT
expires
Sat, 06 Jan 2024 04:27:32 GMT
last-modified
Mon, 04 Oct 2021 18:28:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2BqpZBrH4rT68AqTLMj1nJJDPgYxr1d1VSe50rG4ue12TJXed%2FU%2BUWNdwqoaE5zRy99cb7TMnRrm6don7LDhzLI9f%2B6NiKMNoD0TWzLVxq%2B3Adihj%2F6z2jFgP8cm6Jc%2BvBTq635fCA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
315
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 06 Jan 2024 03:57:31 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://s.0cf.io/ps/?dbid=2164baaad843254#ps=true&id=666&uid=CAESELn8HjgsJabW2ZiCxxy34Nk&cver=1&error=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
img
sync.mathtag.com/sync/ Frame 2A9E
0
0

cksync.php
hbx.media.net/ Frame 8E9C
0
0

usersync
usersync.gumgum.com/ Frame 4894
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=6241680270365964486
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=6241680270365964486
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 06 Jan 2024 03:57:32 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 03:57:32 GMT
an-x-request-uuid
c6887ef2-8511-431a-ac59-c33a52b388eb
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=6241680270365964486
x-proxy-origin
193.32.248.212; 193.32.248.212; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame 4894
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_04f80e4a-b938-4b93-9907-9c23869f8b6d&gdpr=0&gdpr_consent=0&us_privacy=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=00b9d0ef-cdf3-4958-b731-562f8da30b68
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=00b9d0ef-cdf3-4958-b731-562f8da30b68
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=a5e28a07-3f27-4287-8a1c-805dc1377fc7&user_group=1&ssp=gumgum2&bsw_param=00b9d0ef-cdf3-4958-b731-562f8da30b68
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=a5e28a07-3f27-4287-8a1c-805dc1377fc7&user_group=1&ssp=gumgum2&bsw_param=00b9d0ef-cdf3-4958-b731-562f8da30b68
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Protocol
H2
Server
18.159.7.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-7-44.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

location
//x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=a5e28a07-3f27-4287-8a1c-805dc1377fc7&user_group=1&ssp=gumgum2&bsw_param=00b9d0ef-cdf3-4958-b731-562f8da30b68
date
Sat, 06 Jan 2024 03:57:32 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 4894
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=0&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=ddab835f-76c6-4b07-b58d-5ebbce6fd516&gdpr=0&gdpr_consent=0
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=ddab835f-76c6-4b07-b58d-5ebbce6fd516&gdpr=0&gdpr_consent=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 06 Jan 2024 03:57:32 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sat, 06 Jan 2024 03:57:32 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=ddab835f-76c6-4b07-b58d-5ebbce6fd516&gdpr=0&gdpr_consent=0
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 4894
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=0
  • https://usersync.gumgum.com/usersync?b=sta&i=0-d5c470bd-3156-5bab-7650-933f58eef2af$ip$193.32.248.212
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-d5c470bd-3156-5bab-7650-933f58eef2af$ip$193.32.248.212
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 06 Jan 2024 03:57:32 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-d5c470bd-3156-5bab-7650-933f58eef2af$ip$193.32.248.212
Date
Sat, 06 Jan 2024 03:57:32 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
gumgum
pr-bh.ybp.yahoo.com/sync/ Frame 4894
43 B
425 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:4a2f:8181:9d4c:7740 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
usersync
usersync.gumgum.com/ Frame 4894
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersyn...
  • https://usersync.gumgum.com/usersync?b=vnt&i=d193aa07-8faa-4e98-949f-2865561e19a1
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=d193aa07-8faa-4e98-949f-2865561e19a1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 06 Jan 2024 03:57:32 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=d193aa07-8faa-4e98-949f-2865561e19a1
Date
Sat, 06 Jan 2024 03:57:32 GMT
Connection
keep-alive
X-CI-RTID
d9eb3cc9-4c15-4269-9026-b328324dd40d
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame 4894
0
16 B
Image
General
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:57:31 GMT
content-length
0
server
c
usersync
usersync.gumgum.com/ Frame 4894
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_04f80e4a-b938-4b93-9907-9c23869f8b6d&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 06 Jan 2024 03:57:32 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0
Pragma
no-cache
Date
Sat, 06 Jan 2024 03:57:32 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
102
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 4894
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0
  • https://usersync.gumgum.com/usersync?b=sad&i=6502715438851894600
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=6502715438851894600
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 06 Jan 2024 03:57:32 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=6502715438851894600
date
Sat, 06 Jan 2024 03:57:31 GMT
content-length
0
usersync
usersync.gumgum.com/ Frame 6AA8
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0
  • https://usersync.gumgum.com/usersync?b=adf&i=3600685581935743263&gdpr=0&gdpr_consent=0
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=adf&i=3600685581935743263&gdpr=0&gdpr_consent=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 06 Jan 2024 03:57:32 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Sat, 06 Jan 2024 03:57:32 GMT
expires
-1
location
https://usersync.gumgum.com/usersync?b=adf&i=3600685581935743263&gdpr=0&gdpr_consent=0
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame 4F5C
170 B
188 B
Document
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8wNGY4MGU0YS1iOTM4LTRiOTMtOTkwNy05YzIzODY5ZjhiNmQ=&gdpr=0&gdpr_consent=0&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Sat, 06 Jan 2024 03:57:32 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D45C
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.211.9.91 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-9-91.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=55737
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sat, 06 Jan 2024 03:57:32 GMT
expires
Sat, 06 Jan 2024 19:26:29 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 67FF
70 B
148 B
Document
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Sat, 06 Jan 2024 03:57:32 GMT
server
Kestrel
usersync
usersync.gumgum.com/ Frame 1BBD
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZZjPrMCo5swAAPrP1iIAAAAA
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZZjPrMCo5swAAPrP1iIAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 06 Jan 2024 03:57:32 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Sat, 06 Jan 2024 03:57:32 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZZjPrMCo5swAAPrP1iIAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
144
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40048.dc2p.scaleout.jp
X-SO-IP
193.32.248.212
X-SO-Key
ZZjPrMCo5swAAPrP1iIAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"193.32.248.212","key":"ZZjPrMCo5swAAPrP1iIAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40048"}
X-SO-LB-Hostname
a-tgng40008.dc2p.scaleout.jp
X-SO-Upstream-ID
a-ad40048
usersync
usersync.gumgum.com/ Frame FB76
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=uHaivwvLBJ5YPIj1n0ONwgiu9hEkT8HIrk0y2_36kRA&pi=gumgum
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=uHaivwvLBJ5YPIj1n0ONwgiu9hEkT8HIrk0y2_36kRA&pi=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 06 Jan 2024 03:57:32 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sat, 06 Jan 2024 03:57:32 GMT Sat, 06 Jan 2024 03:57:32 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=uHaivwvLBJ5YPIj1n0ONwgiu9hEkT8HIrk0y2_36kRA&pi=gumgum
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 65D6
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D15%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.211.9.109 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-9-109.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 06 Jan 2024 03:57:32 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 06 Jan 2024 03:57:32 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
1
sync-eu.connectad.io/syncer/ Frame F9C6
0
0
Document
General
Full URL
https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://cdn.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8411099339cc3659-FRA
content-type
text/html; charset=UTF-8
date
Sat, 06 Jan 2024 03:57:32 GMT
server
cloudflare
vary
Accept-Encoding Origin
usync.js
eus.rubiconproject.com/ Frame 65D6
45 KB
13 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.211.9.109 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-9-109.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
205fc00c492a5bbdfc7d8fd5c52611a8e2acb2a48f8447433dfa8f6d2b0c65fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 03:57:32 GMT
Content-Encoding
gzip
Last-Modified
Sat, 06 Jan 2024 03:37:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=85195
Connection
keep-alive
Content-Length
13174
Expires
Sun, 07 Jan 2024 03:37:27 GMT
khaos.json
token.rubiconproject.com/ Frame E735
7 B
380 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
402fba8a82f093def2459220061c8d31
Expires
0
khaos.json
token.rubiconproject.com/ Frame 35F3
7 B
380 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
402fba8a82f093def2459220061c8d31
Expires
0
khaos.json
token.rubiconproject.com/ Frame AD40
7 B
380 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
402fba8a82f093def2459220061c8d31
Expires
0
khaos.json
token.rubiconproject.com/ Frame 65D6
7 B
380 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
402fba8a82f093def2459220061c8d31
Expires
0
/
dblksync.dblks.net/dblksync/ Frame 2717
20 KB
8 KB
Document
General
Full URL
https://dblksync.dblks.net/dblksync/
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/?gdpr=0&gdprConsent=&bidid=315692723-8443561-7147-1&id=2164baaad843254&uid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
949a30ed07d2975ead2a00344b822b0c43bab1939fbb37102d3b0811364b2326

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
age
3751
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
8411099d780b1bdb-FRA
content-encoding
br
content-type
text/html
date
Sat, 06 Jan 2024 03:57:33 GMT
last-modified
Tue, 14 Nov 2023 18:39:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aS0cmPVw2SlpxPFzGyBjpcRoQmmaB%2BgtC%2FlACSSKEVGyVDVTCv85EbphAPm2p0uUYC6OW30iXixJseeS%2FcNfP4GUqLMcJvTVJA1P6TUh9WOr56H9o7j6jjAk05%2BK9P5J4xM%2FUWeH1fDFwpGursaRCKk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
dblksync.dblks.net/dblksync/ Frame DBB5
20 KB
8 KB
Document
General
Full URL
https://dblksync.dblks.net/dblksync/
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
949a30ed07d2975ead2a00344b822b0c43bab1939fbb37102d3b0811364b2326

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
age
3751
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
8411099e08441bdb-FRA
content-encoding
br
content-type
text/html
date
Sat, 06 Jan 2024 03:57:33 GMT
last-modified
Tue, 14 Nov 2023 18:39:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ggSAw1wOBhojNQUfW8iXYDmuvilpK%2FZO0cs4HJnsvimxxHJPlUg%2BbUuMW8eCy3vSaWdmV8VhVN4%2FPzGYBEMT3XoyWApukqqvSFlKBjoMGfomBqPvLAZW5oVHUyPdNeddQE4sJuALDl4Cvx%2FY5onKIDs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
dblksync.dblks.net/dblksync/ Frame 35BB
20 KB
8 KB
Document
General
Full URL
https://dblksync.dblks.net/dblksync/
Requested by
Host: s.0cf.io
URL: https://s.0cf.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
949a30ed07d2975ead2a00344b822b0c43bab1939fbb37102d3b0811364b2326

Request headers

Referer
https://s.0cf.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
age
147
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
8411099f6aa06fee-CDG
content-encoding
br
content-type
text/html
date
Sat, 06 Jan 2024 03:57:33 GMT
last-modified
Tue, 14 Nov 2023 18:39:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TwJEjN7VTnaJieLWbYKwXyKw0%2BQjnZr55gf9LKHLXxEQmIxvydnif9rO%2BOMAzkhMGM6pzONxnuLiZFwC10gGGofVoEtdVzkcaSOaP8ksGLbR%2FqSqPOdvOgehZXfF6TQWjic%2FOS9iGIwWTK6ddwObxJw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.colossusssp.com
URL
https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Domain
ads.avct.cloud
URL
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2
Domain
eb2.3lift.com
URL
https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D76%26uid%3D%24UID
Domain
ssum.casalemedia.com
URL
https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D74%26uid%3D
Domain
prebid.a-mo.net
URL
https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D81%26uid%3D
Domain
bh.contextweb.com
URL
https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D21%26uid%3D%25%25VGUID%25%25
Domain
ssbsync-global.smartadserver.com
URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D82%26uid%3D%5Bssb_sync_pid%5D
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D61%26uid%3D%5BMM_UUID%5D
Domain
hbx.media.net
URL
https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D88%26uid%3D%3Cvsid%3E

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| documentPictureInPicture function| getUrlParameter function| chooseSplitTests object| OneTrustStub function| OptanonWrapper function| loadScript object| properSpecialOps object| __NUXT__ function| tryLoadAssertive function| tryLoadProper object| splitTests object| webpackJsonp object| __core-js_shared__ object| core object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady object| dataLayer function| gtag object| assertiveQueue object| $nuxt object| ayManagerEnv object| scr number| now object| node object| AdGarden object| v_0x5e13 function| v_0x3fb3 object| __vdzworkers__ object| _vdzwgt_ string| OnetrustActiveGroups string| OptanonActiveGroups function| __tcfapi object| otStubData function| a0G function| a0F function| a0L object| googletag object| adsbygoogle object| pbjs object| pbjsl string| aYZcOSkshq object| vdzCmp object| vdzTcf object| apstag object| otIabModule object| Optanon object| OneTrust object| google_tag_manager object| google_tag_data object| GooglebQhCsO object| _aps boolean| apstagLOADED object| ggeac object| google_js_reporting_queue object| pbjsChunk object| _pbjsGlobals object| ADAGIO object| mnet function| UAParser object| apscustom object| D9v object| D9r object| _qevents object| assertive boolean| _assertiveInitialized object| ntv object| _taboola object| OBREvents function| _0x4eb683 function| _typeof function| _createForOfIteratorHelper function| _0x2f05 function| _unsupportedIterableToArray function| _arrayLikeToArray function| IntentIqObject function| _0x33cc function| PartnersWinEvent object| iiq_object_array object| intentIq_974061330 function| quantserve function| __qc object| ezt object| _qoptions undefined| google_measure_js_timing string| send object| d9PendingXDR object| sas object| apntag object| _ADAGIO object| nmmRefreshCounts

64 Cookies

Domain/Path Name / Value
pbs.nextmillmedia.com/openrtb2 Name: nmm-ss-cps-usr
Value: 1
pbs.nextmillmedia.com/openrtb2 Name: nmm-ss-cps-usr-exp
Value: "2024-01-07 03:57:29"
go.reference.com/ Name: AWSALB
Value: dE7RsNhnxnXzY9A7dxKp+cYitcT47PsL0HCG87jTr1pAjAe8fY09VLDrKmvSmBhqswTIqFw+y1UMZjY+hSqBZuXxxtQtYU8XTVUZ5cIVb1UDdAq0zoUQWvbfaqzG
.reference.com/ Name: _gcl_au
Value: 1.1.212718818.1704513449
.go.reference.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Sat+Jan+06+2024+04%3A57%3A28+GMT%2B0100+(Central+European+Standard+Time)&version=202312.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=7452cb75-ddec-4851-852b-6609772db23f&interactionCount=0&landingPath=https%3A%2F%2Fgo.reference.com%2F&groups=C0004%3A0%2CC0003%3A0%2CC0002%3A0%2CC0001%3A1%2CV2STACK42%3A0
.kueezrtb.com/ Name: kuid
Value: 8242bf2b019c5181
.flashtalking.com/ Name: _D9J
Value: c517b04dbaf24564bf74572d5de42397
.gumgum.com/ Name: cs
Value: true
.rubiconproject.com/ Name: khaos
Value: LR1JAQZU-O-JKEO
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qo2K0QbhgeVhwmOsfVVM1TCDevM3UyPj6gPfhGkazVnD+L1vScBCLrIVBSF1hsEw+sUR76gSZ/FxiYbB5SW5XQ3Y+8Z025EE5y+xUA9sgf/4eNEKcfJxgEB
.go.sonobi.com/ Name: __uis
Value: fb2d1f27-d30e-4875-bd33-cbe720e6a157
.go.sonobi.com/ Name: _usd_go.reference.com
Value: 094b53a2-0d98-4b96-bcf7-86eaf366f49d
.go.sonobi.com/ Name: __uin_st
Value: 0hP5vz5IUZ1aUVlE6dRTUknC4hk
.go.sonobi.com/ Name: __uin_td
Value: 92667079-0966-4f76-9168-6029cdc1551d
.go.sonobi.com/ Name: __uin_an
Value: 7016353306096074510
.go.sonobi.com/ Name: __uin_rh
Value: UJGFH-WVlkYA4irOlYMVqE0ftqavY8l0tKDv9BlXq_4
.go.sonobi.com/ Name: __uin_bw
Value: 1c8395e0-c5b4-43c3-88b0-bdbb7e96e435
.go.sonobi.com/ Name: __uin_zt
Value: 1478779934491587698
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: HAPLB8G
Value: s8649|ZZjPr
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: e733b651caccbc7d
.ads.pubmatic.com/ Name: KCCH
Value: YES
.doubleclick.net/ Name: IDE
Value: AHWqTUmFREYlCmOpioK2wxmSPbicO9Ha2x4cdTFcZysrFjUHH5GCRzUqaxAgN5nvL1g
cookies.nextmillmedia.com/ Name: NMUID
Value: csuid_693c0a39-bc4c-4156-96a9-731610ca8004
.adnxs.com/ Name: uuid2
Value: 6241680270365964486
.bidswitch.net/ Name: tuuid
Value: 00b9d0ef-cdf3-4958-b731-562f8da30b68
.bidswitch.net/ Name: c
Value: 1704513451
.bidswitch.net/ Name: tuuid_lu
Value: 1704513451
.casalemedia.com/ Name: CMID
Value: ZZjPq0UqzPfZbB8OJFI9vgAA
.casalemedia.com/ Name: CMPS
Value: 5199
.casalemedia.com/ Name: CMPRO
Value: 5199
.0cf.io/ Name: _dbid
Value: 2164baaad843254
prebid.a-mo.net/ Name: _Amc_b
Value: 0
.csync.loopme.me/ Name: viewer_token
Value: e09056bf-75fa-4fad-b8b8-f9ecd331dd94
.3lift.com/ Name: tluid
Value: 2464080405936714194217
.gumgum.com/ Name: vst
Value: e_04f80e4a-b938-4b93-9907-9c23869f8b6d
.openx.net/ Name: i
Value: f93a1876-f754-4ca6-8820-86be6218e7ad|1704513451
cookies.nextmillmedia.com/ Name: syncedBidders
Value: {"ix":1}
.adform.net/ Name: C
Value: 1
pbs.nextmillmedia.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJpeCI6eyJ1aWQiOiJaWmpQcTBVcXpQZlpiQjhPSkZJOXZnQUEiLCJleHBpcmVzIjoiMjAyNC0wMS0yMFQwMzo1NzozMS43Nzc0OTEwMzZaIn19fQ==
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.smartadserver.com/ Name: pid
Value: 6502715438851894600
.creativecdn.com/ Name: u
Value: OLVtaBW8z9QiLgxECfOm
.creativecdn.com/ Name: g
Value: OLVtaBW8z9QiLgxECfOm_1704513451891
.turn.com/ Name: uid
Value: 3976517350546390539
.adform.net/ Name: uid
Value: 3600685581935743263
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-32fa614d-2a1d-4521-b76c-b84aa0a674a5-003%22%2C%22zdxidn%22%3A%222064%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D2164baaad843254%26id%3D22%26uid%3D%5BRX_UUID%5D%22%7D
.adnxs.com/ Name: XANDR_PANID
Value: b6nNZ0-TT57QM_Mb23z4PH7sok3NkErUoLXQJR66Kzhu1CoojX3vyOmmD9GJymtaTS9CaXZXs67AjFlXv2UgdOnfsmrFEa5wa349EB9AfRw.
.creativecdn.com/ Name: ts
Value: 1704513452
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-32fa614d-2a1d-4521-b76c-b84aa0a674a5-003%22%7D
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-d5c470bd-3156-5bab-7650-933f58eef2af.N32gS7YtS6D1A3ybzziOaLFaVqJk2HMtHGqbdqXINlo
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-d5c470bd-3156-5bab-7650-933f58eef2af.N32gS7YtS6D1A3ybzziOaLFaVqJk2HMtHGqbdqXINlo
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A1cRwvTFWW6t2UJM_WO7yr8Eg-NQ.SwlRidI1agltEPQP8iTAjPnnBxBoiNcV6KNotAFgu78
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A1cRwvTFWW6t2UJM_WO7yr8Eg-NQ.SwlRidI1agltEPQP8iTAjPnnBxBoiNcV6KNotAFgu78
.mathtag.com/ Name: uuid
Value: 40866598-cfac-4600-bdac-4cd9b8b676ab
.ipredictive.com/ Name: cu
Value: d193aa07-8faa-4e98-949f-2865561e19a1|1704513452293
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIJuktbBScEzJ8fxrKuavfiRvsVYsC5kVCeRoQ3s_yM6kEHwYBCCsn-OsBjABOgT90vuTQgQR75fm.YVDefOFVy8FKQoJFfaQNoIqTetHYQmG4DtWhEoo%2Bz0I
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIJuktbBScEzJ8fxrKuavfiRvsVYsC5kVCeRoQ3s_yM6kEHwYBCCsn-OsBjABOgT90vuTQgQR75fm.YVDefOFVy8FKQoJFfaQNoIqTetHYQmG4DtWhEoo%2Bz0I
pool.admedo.com/ Name: tuuid
Value: a5e28a07-3f27-4287-8a1c-805dc1377fc7
pool.admedo.com/ Name: c
Value: 1704513452
pool.admedo.com/ Name: tuuid_lu
Value: 1704513452
.socdm.com/ Name: SOC
Value: ZZjPrMCo5swAAPrP1iIAAAAA
.dblks.net/ Name: dblksync
Value: {%220%22:%226241680270365964486%22%2C%2270%22:%22LR1JAQZU-O-JKEO%22%2C%221000%22:%222164baaad843254%22}
.dblks.net/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhZG54cyI6eyJ1aWQiOiI2MjQxNjgwMjcwMzY1OTY0NDg2IiwiZXhwaXJlcyI6IjIwMzAtMDktMTlUMTU6MTc6MzQuMjI5OTE4MDgtMDQ6MDAifX19

37 Console Messages

Source Level URL
Text
javascript warning URL: https://cadmus.script.ac/d34r0d5k7jlda2/script.js
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network error URL: https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&gpp={{.GPP}}&gpp_sid={{.GPPSID}}&redir=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dtriplelift%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D
Message:
Failed to load resource: the server responded with a status of 403 ()
security error URL: https://s.0cf.io/(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://s.0cf.io') does not match the recipient window's origin ('https://go.reference.com').
security error URL: https://s.0cf.io/(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://s.0cf.io') does not match the recipient window's origin ('https://go.reference.com').
security error URL: https://s.0cf.io/(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://s.0cf.io') does not match the recipient window's origin ('https://go.reference.com').
security error URL: https://s.0cf.io/(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://s.0cf.io') does not match the recipient window's origin ('https://go.reference.com').
network error URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D
Message:
Failed to load resource: the server responded with a status of 403 ()
security error URL: https://s.0cf.io/(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://s.0cf.io') does not match the recipient window's origin ('https://go.reference.com').
security error URL: https://s.0cf.io/(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://s.0cf.io') does not match the recipient window's origin ('https://go.reference.com').
security error URL: https://s.0cf.io/(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://s.0cf.io') does not match the recipient window's origin ('https://go.reference.com').
network error URL: https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security error URL: https://s.0cf.io/(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://s.0cf.io') does not match the recipient window's origin ('https://go.reference.com').
security error URL: https://s.0cf.io/(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://s.0cf.io') does not match the recipient window's origin ('https://go.reference.com').
security error URL: https://s.0cf.io/(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://s.0cf.io') does not match the recipient window's origin ('https://go.reference.com').
security error URL: https://s.0cf.io/(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://s.0cf.io') does not match the recipient window's origin ('https://go.reference.com').
network error URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D
Message:
Failed to load resource: the server responded with a status of 403 ()
security error URL: https://s.0cf.io/(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://s.0cf.io') does not match the recipient window's origin ('https://go.reference.com').
security error URL: https://s.0cf.io/(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://s.0cf.io') does not match the recipient window's origin ('https://go.reference.com').
security error URL: https://s.0cf.io/(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://s.0cf.io') does not match the recipient window's origin ('https://go.reference.com').
security error URL: https://s.0cf.io/(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://s.0cf.io') does not match the recipient window's origin ('https://go.reference.com').
security error URL: https://s.0cf.io/(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://s.0cf.io') does not match the recipient window's origin ('https://go.reference.com').
javascript warning URL: https://go.reference.com/
Message:
The resource https://cdn.posts.market/content/images/2023/08/Shimla-India-1.jpg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://go.reference.com/
Message:
The resource https://cdn.posts.market/content/images/2023/08/Queenstown--New-Zealand-1.jpg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://go.reference.com/
Message:
The resource https://cdn.posts.market/content/images/2023/08/Norwegian-Fjords--Norway-1.jpg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://go.reference.com/
Message:
The resource https://cdn.posts.market/content/images/2023/08/Provence-France-1.jpg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://go.reference.com/
Message:
The resource https://cdn.posts.market/content/images/2023/08/New-York-City-USA-4.jpg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://go.reference.com/
Message:
The resource https://cdn.posts.market/content/images/2023/08/Bali-Indonesia-1.jpg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://go.reference.com/
Message:
The resource https://cdn.posts.market/content/images/2023/08/Aspen-Colorado-1.jpg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://go.reference.com/
Message:
The resource https://cdn.posts.market/content/images/2023/08/Kyoto-Japan-1.jpg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://go.reference.com/
Message:
The resource https://cdn.posts.market/content/images/2023/08/Seychelles-1.jpg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://go.reference.com/
Message:
The resource https://cdn.posts.market/content/images/2023/08/bora-bora-1.jpg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://go.reference.com/
Message:
The resource https://cdn.posts.market/content/images/2023/08/Tokyo-Japan-1.jpg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://go.reference.com/
Message:
The resource https://cdn.posts.market/content/images/2023/08/Rome-Italy-1.jpg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://go.reference.com/
Message:
The resource https://cdn.posts.market/content/images/2023/08/Caribbean-Islands-1.jpg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://go.reference.com/
Message:
The resource https://cdn.posts.market/content/images/2023/08/Santorini--Greece-1.jpg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://go.reference.com/
Message:
The resource https://cdn.posts.market/content/images/2023/08/Gala-pagos-Islands--Ecuador-1.jpg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
aax.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
adgarden.market
ads.avct.cloud
ads.pubmatic.com
ads.servenobid.com
ads.yieldmo.com
ap.lijit.com
apex.go.sonobi.com
api.assertcom.de
ask-media-group-d.openx.net
b1sync.zemanta.com
bh.contextweb.com
bid.contextweb.com
btlr.sharethrough.com
c.amazon-adsystem.com
c1.adform.net
cadmus.script.ac
cdn.connectad.io
cdn.cookielaw.org
cdn.posts.market
cm.g.doubleclick.net
colossusssp.com
config.aps.amazon-adsystem.com
contextual.media.net
cookies.nextmillmedia.com
cpm.qortex.ai
creativecdn.com
csync.loopme.me
d9.flashtalking.com
dblksync.dblks.net
eb2.3lift.com
eus.rubiconproject.com
exchange.kueezrtb.com
fastlane.rubiconproject.com
g2.gumgum.com
geolocation.onetrust.com
go.reference.com
google.com
googleads.g.doubleclick.net
grid.bidswitch.net
gtrack.kueezrtb.com
gum.criteo.com
hb.minutemedia-prebid.com
hb.yellowblue.io
hbopenbid.pubmatic.com
hbx.media.net
i.clean.gg
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
image6.pubmatic.com
image8.pubmatic.com
k8svkbknrqzgecxff.ay.delivery
lb.eu-1-id5-sync.com
lexicon.33across.com
match.adsrvr.org
match.deepintent.com
match.sharethrough.com
mp.4dex.io
onetag-sys.com
pbs.nextmillmedia.com
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-match.dotomi.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.cootlogix.com
prebid.dblks.net
prebid.media.net
report2.hb.brainlyads.com
rtb.gumgum.com
rtb.openx.net
rules.quantcount.com
s.0cf.io
s.seedtag.com
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssc.33across.com
ssum.casalemedia.com
static.kueezrtb.com
static.vidazoo.com
sync-eu.connectad.io
sync.1rx.io
sync.colossusssp.com
sync.cootlogix.com
sync.go.sonobi.com
sync.ipredictive.com
sync.kueezrtb.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
track.kueezrtb.com
u.ipw.metadsp.co.uk
u.kueezrtb.com
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
www.google.com
www.google.de
www.googletagmanager.com
x.bidswitch.net
ads.avct.cloud
bh.contextweb.com
eb2.3lift.com
hbx.media.net
prebid.a-mo.net
ssbsync-global.smartadserver.com
ssum.casalemedia.com
sync.colossusssp.com
sync.mathtag.com
104.18.36.155
108.138.37.209
108.138.9.235
13.248.245.213
137.184.28.190
141.95.98.65
142.250.185.102
142.250.186.66
147.182.176.100
147.75.84.158
151.101.193.108
159.203.185.21
162.19.138.118
169.197.150.7
173.237.69.4
18.159.7.44
18.200.183.234
18.245.86.113
185.184.8.90
185.64.189.112
198.47.127.18
198.47.127.19
199.212.255.178
2001:678:cb4:bbbb::11
208.93.169.131
211.120.53.203
216.200.232.249
23.211.9.109
23.211.9.91
23.212.211.47
23.212.88.20
23.52.120.27
23.52.123.144
2600:9000:20c3:200:6:44e3:f8c0:93a1
2600:9000:214f:3800:11:62b2:fb00:93a1
2600:9000:214f:d200:11:62b2:fb00:93a1
2600:9000:223f:3600:3:6d3c:dac0:93a1
2602:803:c003:200::41
2606:4700:10::6816:237b
2606:4700:10::6816:37ce
2606:4700:20::681a:8a9
2606:4700:3030::ac43:89a8
2606:4700:4400::ac40:994e
2606:4700:4400::ac40:9b77
2606:4700::6812:1791
2606:4700::6812:751
2606:4700::6812:83ec
2606:4700:e4::ac40:aa24
2606:4700:e6::ac40:cc02
2607:f350:3:2569:0:10:0:a
2607:f350:3:2569:0:10:0:c
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:811::200e
2a00:1450:4001:81c::2008
2a00:1450:4001:827::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a02:2638:3::c
2a02:fa8:8806:20::2040
2a05:d018:d29:3601:4a2f:8181:9d4c:7740
2a06:98c1:3121::3
3.121.101.248
3.160.196.11
3.65.6.17
3.65.92.53
3.71.149.231
34.120.63.153
34.149.20.76
34.149.50.64
34.252.55.170
34.95.69.49
34.98.64.218
35.186.253.211
35.210.239.72
35.210.53.219
35.214.190.18
35.244.193.51
35.71.131.137
37.157.6.233
37.252.171.21
45.76.4.232
46.228.174.117
5.196.111.68
50.16.49.158
50.31.142.255
51.89.9.253
52.17.111.107
52.19.77.216
52.210.15.1
52.211.129.108
52.213.175.104
52.72.177.11
54.146.35.99
54.158.172.237
54.171.10.251
54.84.92.154
54.93.147.185
67.202.105.24
69.173.144.137
69.173.144.165
77.245.57.72
81.17.55.171
94.130.203.123
01cd6a401a5578d08267072b206145078cfdaef7cedb4f688c2ad94d42dcdcd6
03ef31ff26a973db8d113e2874fa7c93f8f327813c15cd25af3807c4d2fd8058
04799964068159c51a303b8039a7d16535d1d932d2aa248e43ecf64e478e3b75
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
068e563a3e23f7e5d68ea38d212bafbba0ffa23c616f3c8e9d4e3057b7bdebb2
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c945aa0bb5ba5a939754f316628f652efd88279fdba1fda70102f12984e7c9f
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0fa4e913edbaf5211addeaf9c4041a46d19e55fd82c5645fdefcca9d435bb165
0fbee40d848d6df79b375ca87bdb53f4e97bfb3c6dc2a1d03cb8fd74a395eca4
14e417ff1eae7ddb33c0a2b75c5d0fa5f1b1d1b7e4d22009b75370178860c83a
18d46aa15525e75f9d27d0b3d4efcc8ef99e530984651d8766249682c18d30bc
1ebbfbc542fa2ebfd7e9ea646dde4e52fbc9f373be977e847e57ce67d24df2f8
1f2de3317f7ffbfa96e0e04d6b862d3fab8f6cdd3dfcb29f65567ec131d21d13
205fc00c492a5bbdfc7d8fd5c52611a8e2acb2a48f8447433dfa8f6d2b0c65fb
207bcd5e7d01496b206e531c78556a6a01467f5731dfa74b96f16ceff0ab1e3d
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d
279540792670cb145b13fe4de17eb117a35aa237e5af9833e83504350ed72341
2b304eb26c9478210a6d3f33319ff9eae2fb08c26cd663645cdb5bd074c9ad0a
2bc6a125d698416498cdf5ef60cd959aef01db95a6e3e0d74a95f9b6d3d78feb
30ca1f74cab47ad6f3e300f77e172db4ca67d6bfc13ba5574965a3b98657be9a
316c28acd7a183bd98a850091c18885b64638c38a53a5d83355b9bf491892ac1
33af08ee9716256001c6ba87010471db9636e7b9b59918976fb4d645f3316b72
34246fca390db5a6e53a827dd31c29963a0e96b1a13aef99fb58f5ad30c5c261
3553aadfc34476c6bbcd41387145b17ed6cdc55544e09b664a37a0c9395b1cf7
3887ae45adc08c4d7759f1d4987863aa5d130211e41cefd9867daaf700d7779c
39ce18073f1c47b27adc3c51366df4630b593520dbc8571838b800dac99e5513
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3f64810042b6c86a795eea830d9078bb792e171408bec6f1b5874b3ede687c30
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42bf6e31193cd649102b8659c55eec10c7e6a89082e6be1dbd8f9903613e5646
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
46a9a92f2c9cd5e5fd4dc6de3234be3028246f278ed1648370aae94a024b1dba
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4976b54e7ea72aa3991edcff214781c018be382b1e94cdfdcaa3e29c7d287975
498e37b1ccd45b158e7bd11277497e6575a1763c025a8cc98ace473a558d3fe6
4b70b5ab26a51f7829a43fa74bbb2abc2fab541d5842d7c481274f9aaa239a53
4c15944bd425b00e22d1ed12a9d95fc45985ebcdaaeb3568246d5e94a1346129
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
51c349494e8d137a4d9dc882ae293647d5f8bf60b11e5b3014d116a95405399a
53624e034782b3925dddb799566379791a82563b9ac24fb45e3cea7d5f80946b
54579700dc29a4e3c35e620a28f6a5c3f20d6c98c58639d37be24d4b202b815e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
563439a9e9bb0dad3b4d41eda3098615b021371f3551ff6255a20e355503e812
56939e06ab2cb38895d26a98e53f13e4fa8507be612ac0d2537b7f1c68988087
57ad84e54bfb9323e46905c2cfcc0fbed505e3139080160c3e2fc019e1091c94
5850647bd1bce91c55b146a43f330dd3c177828b73dcf0cdb2d4f18c99f44441
5f1b3971c31ad70362fc258c3c7a193ada0e10f4d6f6905812eeb5deb0e5a16c
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
6078f478b76efc2515f201fcae446ab53c55a6e0ea438824f82b4d22c1ae5f0e
64faef43f59f0d829a290bb25e0b5c24308c0381b590d9717e460a8344912ba3
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
699790c0a5b5bc41d17087346bf2abf8f8e6ca31bad50157f20177ef2349ea50
69cb3696a22a15bd0bd4fc79450156d6ad02d1a95ed01308fc832a27359da3e5
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bd5068ee3f41ad2ed4f003c13c4e939021c77f7a69ac82d25211c72868b520e
6f59dbed256a49b03bcc01c5f11c989bb62af94e19c52c42986fd957e77a19b5
71b95f59f4816029797d4eb3f751edc41cdfb4e1ea266bbb07e80abfbdbe7c8e
71f7a5b6446504c72e00f71977d8480fdae99b6f0e96cd25c90ea6c33c55dde8
72d427b7264997760074a94dcc1c9e54ae2c33b05276bfb3cfcd0f5d2d8bba3a
7429ba59299387d5b2445949464b6b58111c47c8363459c1dfe16a541ff0c397
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74670299daa23699978132210d004c876acd892133e60aa9221599cb578af069
75e4299df364d12098a40fe5ec56e6d1fc67a2f896f8e27a5d1240762e74f4c3
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39
7c0c7d68a9f51e7fefe28c0a5adb80bb410f010a8814e5c3f9090de67b79dd8f
7c7605424b0c46f1e644cc0b794ddf92a7275f67d1d59a7480c7f318fc26c970
7f119acdb43a02637ad03afd15c4689163f5560418d28283fc1c9f5bd08de347
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7
89c9536b57c05759c2793f73085a0db086e2f6d7f14c59421a6129ede9928f67
8c0d3228be4abb1a4da59f6043369b9ab3689bd7c5ef180743fe2b31be76fc63
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d74beec1be996322ad76813bafb92d40839895d6dd7ee808b17ca201eac98be
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8f6ab9c093ecaf741874aed939025a9c71ad0f10acd4d8e060232d8fb0e20ae9
9272eb3ebe47f72d91fb37c0c2cf0d578568db279178120c9af87e0afd469205
949a30ed07d2975ead2a00344b822b0c43bab1939fbb37102d3b0811364b2326
983d18c738df1abf4e8624c1357d0b25d95e6b855299aa05335ae36a03099cbf
98bc0753b3f7392176a4af252bfae9bcd1f2804b73dee374119899d8f52ae3d2
9939ad43158d512c15a08b09dfd32b195ac085a276678d5996c4d2f7264ffd78
993bf39011b47345e1e1b90fd685bd96df24e524664aabe941a6b257355dc346
99572dae382fe1b83318a0afe606155bb02e6c860403ad2ba16374e9b2fa1a28
9a32ba4aeee3a0a938b96770c6eeb2c47fb91f779a9b45b127adaab290ec3f1e
9e91e78cabfb35eb5885e025b7a6aacd8645c00f56b0d5130f47285f6657d956
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0a5df5022dc9c2fc77a391c090e6025de8801366bc5d4c0a9a39df44fe0c7c5
a146d5aa256e147ca24a08768d0fa4b55dcd6d88b9b64cb9e331c1977ad985e0
a1aa01f31d4087317f5d4e5ef4ea70a73e38124a45f1553dbe8968ea16068b84
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
a37f0e5b8d70415f6d7a8e29b64f70c2c528b3c61b6b53395da257b834c61d8c
a59e1675324187a3eb73f6d516691edfb6ce1376b16874f503ae7bd2e3c987bb
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
a76a44122979efa2aaca191cd8e399ea1e4fb075279df14a0cce85438ac20bae
a7c8ca0a331604956c4ae35a7c31a920702d595ca726f3056937aa851f614c3f
a91532e0dc6d9d732e35d521294df677ed37586afb1d6b986c698957c228e0da
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
ad5865729750c521eca63fffbeb4688502584e27301bd380a4465e352d41531f
af79ac2b5e926d361973f4c7d4d271ddc3d37d72ef69e6ddbb8b8444cc7ae039
afa02ef08663ef376aa8e2cb4035cfc818d601d0daef6f58d66f532f5ea4c8e4
b225b553da329022367ef9806c9820cbb60051aede8489749a879cfc3bed0677
b3f3e1b209eebcd0ae7a1d19aa7d7bc6a7753995a2e412a5933c97dbe040112f
b6036c20cac3a3fa83d32247581f9c02b52bad39ce02a673761c46777f3d9554
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bc0bcf756a0d7da15caba887bd623147aee48046f9b6eb1ea8ad91db219111f8
bc1d292cf7cd44b97a504cd2efbb51fbb370eb8614487b90b1aaf1e4437d4e02
c11923264c67285a1ac5c4cfa39c98163a67912fd522f1e10e3cae605cdfb79f
c1543b005cd7b58eb5854e15ceb7a9a206982211d373d89710ef2361090d69c1
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c8f50f724ad30e191903ad83c190b2c20d44fbc0668eb5708ad7630ef91e5ae7
ca38ec443ae3c304531de562c46634ba2dc46d7d8ea510cc5e9462d48e6c5ade
cbb470390431a28455afefcded54718a12e0c0acfe31b79e1562f31d94d3cf1f
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d01ce99874720d69770b536b48a19df5666b5c72df23eeb804ec4b4ff9e65999
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d943e1f814571171633d63d210d7e87074ee0d6f94a146a528eb43df38bcce10
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e
deff08124b439bd4b16ee4437210ffe66621ec6a8cad0a49fb9eab779cbac99f
df05a2636a9922f5575c2ef8712daa7e6fcae15d9bb74828298903697b08f9f8
dfbd71a5a027bc33e862e8a0bbfacf51cf3eac7dcd0baebfe82c584d3e3da281
e0582c2338b50140020b60419d1f7fa86752c3f350e64f3fb2b4c16455e79193
e31abdfddbd63cee8322c1084bff3fcdfcce73b9a94f9b84390583aebd48ec79
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e76b9d614485a093f0a1104e76f5b9a2b14e01e0aaf7dff1e9cb6f7cd8b9f4
e602d10aeab60c205781599d1dd4e46d615c1938e62f66d5752fb08ad800fa2d
e605414c5d690913c053ec344fd3fd58b19ecd5f111fb05e4e912bc52a77fa66
e61e11651e11b4cbdb352652fa721b8c391a67e2b749cea43e5b2deb6390e004
e6e04673ba160219b2fc438b598aa22b2c26a6927c050f2c10607117eb48c75e
e71c3f082f3def747def0df816b07b0406c8621637cedff4d36b824d09f29616
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e920ff79831bdf413b9eab21667e91138b76b94abee40c5f7b727db1039c35d4
e9e51f61bafe255a4ef3d409d9aeb0631b4602d9cc5ab0e0e78eadf80cf60286
ea0cfc8084d02fcd41f145acc1545f360abfdf63d4526621bf1fe3f326e8b7b5
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
ec2f44e7dbd2ebb1268ac7e7a0602ec2106bc7fd9da17b9012db81be55cbd485
eef530200aac4c70cfc31d3b960fc588fd3121ca9a2caa4a3a9d70007dc913ba
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5a25e81dbc31c9893bf6c04b10dd399f2a482d44cf19820f27f742cc07b634
f4061eb7e79447275c97c3d3d6e62b96390402127dfc44fbbf47993e8c1048c9
f6f58e87644de346814d774672a874319a01273b89221b1e7e5ec124bebbbaf8
f735a4e08f24b55b51213d7a42591be83a73f6d891b0ee1ced0082d6c8e43335
fa78aff1e5c7b84208f4b879f5cbc42427677fc6272287648162029640beda40
fb95f7376315870449b9e503eb843a7195852427ee0886c790e7223a709b07dc