hxxps://www[.]unknowncheats[.]me/forum/downloads[.]php?do=file&id=43877

Analysis

max time kernel
151s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
14/03/2024, 21:01 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877

Score

8^/10

persistence

Malware Config

Signatures

Sets service image path in registry 2 TTPs 3 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\AZOQZxNncJMAvSThGbmQE\ImagePath = "\\??\\C:\\Users\\Admin\\AppData\\Local\\Temp\\AZOQZxNncJMAvSThGbmQE"	5431d988.exe
Set value (str)	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\cTFBxtQUqHqWNnasjVkotiVFyAImZ\ImagePath = "\\??\\C:\\Users\\Admin\\AppData\\Local\\Temp\\cTFBxtQUqHqWNnasjVkotiVFyAImZ"	9f49eb70.exe
Set value (str)	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\LvbNnEBsuwGPuLmBLJmDMorMCiACR\ImagePath = "\\??\\C:\\Users\\Admin\\AppData\\Local\\Temp\\LvbNnEBsuwGPuLmBLJmDMorMCiACR"	6f808930.exe

Executes dropped EXE 3 IoCs

pid	Process
3192	5431d988.exe
8264	9f49eb70.exe
7344	6f808930.exe

Looks up external IP address via web service 1 IoCs

Uses a legitimate IP lookup service to find the infected system's external IP.

flow	ioc
507	api.ipify.org

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Modifies registry class 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000_Classes\Local Settings	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000_Classes\Local Settings	OpenWith.exe

Suspicious behavior: EnumeratesProcesses 12 IoCs

pid	Process
1108	msedge.exe
1108	msedge.exe
2860	msedge.exe
2860	msedge.exe
3456	identity_helper.exe
3456	identity_helper.exe
7028	msedge.exe
7028	msedge.exe
6948	msedge.exe
6948	msedge.exe
6948	msedge.exe
6948	msedge.exe

Suspicious behavior: LoadsDriver 3 IoCs

pid	Process
3192	5431d988.exe
8264	9f49eb70.exe
7344	6f808930.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs

pid	Process
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeLoadDriverPrivilege	3192	5431d988.exe
Token: SeIncreaseQuotaPrivilege	6912	wmic.exe
Token: SeSecurityPrivilege	6912	wmic.exe
Token: SeTakeOwnershipPrivilege	6912	wmic.exe
Token: SeLoadDriverPrivilege	6912	wmic.exe
Token: SeSystemProfilePrivilege	6912	wmic.exe
Token: SeSystemtimePrivilege	6912	wmic.exe
Token: SeProfSingleProcessPrivilege	6912	wmic.exe
Token: SeIncBasePriorityPrivilege	6912	wmic.exe
Token: SeCreatePagefilePrivilege	6912	wmic.exe
Token: SeBackupPrivilege	6912	wmic.exe
Token: SeRestorePrivilege	6912	wmic.exe
Token: SeShutdownPrivilege	6912	wmic.exe
Token: SeDebugPrivilege	6912	wmic.exe
Token: SeSystemEnvironmentPrivilege	6912	wmic.exe
Token: SeRemoteShutdownPrivilege	6912	wmic.exe
Token: SeUndockPrivilege	6912	wmic.exe
Token: SeManageVolumePrivilege	6912	wmic.exe
Token: 33	6912	wmic.exe
Token: 34	6912	wmic.exe
Token: 35	6912	wmic.exe
Token: 36	6912	wmic.exe
Token: SeIncreaseQuotaPrivilege	6912	wmic.exe
Token: SeSecurityPrivilege	6912	wmic.exe
Token: SeTakeOwnershipPrivilege	6912	wmic.exe
Token: SeLoadDriverPrivilege	6912	wmic.exe
Token: SeSystemProfilePrivilege	6912	wmic.exe
Token: SeSystemtimePrivilege	6912	wmic.exe
Token: SeProfSingleProcessPrivilege	6912	wmic.exe
Token: SeIncBasePriorityPrivilege	6912	wmic.exe
Token: SeCreatePagefilePrivilege	6912	wmic.exe
Token: SeBackupPrivilege	6912	wmic.exe
Token: SeRestorePrivilege	6912	wmic.exe
Token: SeShutdownPrivilege	6912	wmic.exe
Token: SeDebugPrivilege	6912	wmic.exe
Token: SeSystemEnvironmentPrivilege	6912	wmic.exe
Token: SeRemoteShutdownPrivilege	6912	wmic.exe
Token: SeUndockPrivilege	6912	wmic.exe
Token: SeManageVolumePrivilege	6912	wmic.exe
Token: 33	6912	wmic.exe
Token: 34	6912	wmic.exe
Token: 35	6912	wmic.exe
Token: 36	6912	wmic.exe
Token: SeIncreaseQuotaPrivilege	2304	wmic.exe
Token: SeSecurityPrivilege	2304	wmic.exe
Token: SeTakeOwnershipPrivilege	2304	wmic.exe
Token: SeLoadDriverPrivilege	2304	wmic.exe
Token: SeSystemProfilePrivilege	2304	wmic.exe
Token: SeSystemtimePrivilege	2304	wmic.exe
Token: SeProfSingleProcessPrivilege	2304	wmic.exe
Token: SeIncBasePriorityPrivilege	2304	wmic.exe
Token: SeCreatePagefilePrivilege	2304	wmic.exe
Token: SeBackupPrivilege	2304	wmic.exe
Token: SeRestorePrivilege	2304	wmic.exe
Token: SeShutdownPrivilege	2304	wmic.exe
Token: SeDebugPrivilege	2304	wmic.exe
Token: SeSystemEnvironmentPrivilege	2304	wmic.exe
Token: SeRemoteShutdownPrivilege	2304	wmic.exe
Token: SeUndockPrivilege	2304	wmic.exe
Token: SeManageVolumePrivilege	2304	wmic.exe
Token: 33	2304	wmic.exe
Token: 34	2304	wmic.exe
Token: 35	2304	wmic.exe
Token: 36	2304	wmic.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe
2860	msedge.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
7912	OpenWith.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2860 wrote to memory of 2204	2860	msedge.exe	83
PID 2860 wrote to memory of 2204	2860	msedge.exe	83
PID 2860 wrote to memory of 2808	2860	msedge.exe	84
PID 2860 wrote to memory of 2808	2860	msedge.exe	84
PID 2860 wrote to memory of 2808	2860	msedge.exe	84
PID 2860 wrote to memory of 2808	2860	msedge.exe	84
PID 2860 wrote to memory of 2808	2860	msedge.exe	84
PID 2860 wrote to memory of 2808	2860	msedge.exe	84
PID 2860 wrote to memory of 2808	2860	msedge.exe	84
PID 2860 wrote to memory of 2808	2860	msedge.exe	84
PID 2860 wrote to memory of 2808	2860	msedge.exe	84
PID 2860 wrote to memory of 2808	2860	msedge.exe	84
PID 2860 wrote to memory of 2808	2860	msedge.exe	84
PID 2860 wrote to memory of 2808	2860	msedge.exe	84
PID 2860 wrote to memory of 2808	2860	msedge.exe	84
PID 2860 wrote to memory of 2808	2860	msedge.exe	84
PID 2860 wrote to memory of 2808	2860	msedge.exe	84
PID 2860 wrote to memory of 2808	2860	msedge.exe	84
PID 2860 wrote to memory of 2808	2860	msedge.exe	84
PID 2860 wrote to memory of 2808	2860	msedge.exe	84
PID 2860 wrote to memory of 2808	2860	msedge.exe	84
PID 2860 wrote to memory of 2808	2860	msedge.exe	84
PID 2860 wrote to memory of 2808	2860	msedge.exe	84
PID 2860 wrote to memory of 2808	2860	msedge.exe	84
PID 2860 wrote to memory of 2808	2860	msedge.exe	84
PID 2860 wrote to memory of 2808	2860	msedge.exe	84
PID 2860 wrote to memory of 2808	2860	msedge.exe	84
PID 2860 wrote to memory of 2808	2860	msedge.exe	84
PID 2860 wrote to memory of 2808	2860	msedge.exe	84
PID 2860 wrote to memory of 2808	2860	msedge.exe	84
PID 2860 wrote to memory of 2808	2860	msedge.exe	84
PID 2860 wrote to memory of 2808	2860	msedge.exe	84
PID 2860 wrote to memory of 2808	2860	msedge.exe	84
PID 2860 wrote to memory of 2808	2860	msedge.exe	84
PID 2860 wrote to memory of 2808	2860	msedge.exe	84
PID 2860 wrote to memory of 2808	2860	msedge.exe	84
PID 2860 wrote to memory of 2808	2860	msedge.exe	84
PID 2860 wrote to memory of 2808	2860	msedge.exe	84
PID 2860 wrote to memory of 2808	2860	msedge.exe	84
PID 2860 wrote to memory of 2808	2860	msedge.exe	84
PID 2860 wrote to memory of 2808	2860	msedge.exe	84
PID 2860 wrote to memory of 2808	2860	msedge.exe	84
PID 2860 wrote to memory of 1108	2860	msedge.exe	85
PID 2860 wrote to memory of 1108	2860	msedge.exe	85
PID 2860 wrote to memory of 2032	2860	msedge.exe	86
PID 2860 wrote to memory of 2032	2860	msedge.exe	86
PID 2860 wrote to memory of 2032	2860	msedge.exe	86
PID 2860 wrote to memory of 2032	2860	msedge.exe	86
PID 2860 wrote to memory of 2032	2860	msedge.exe	86
PID 2860 wrote to memory of 2032	2860	msedge.exe	86
PID 2860 wrote to memory of 2032	2860	msedge.exe	86
PID 2860 wrote to memory of 2032	2860	msedge.exe	86
PID 2860 wrote to memory of 2032	2860	msedge.exe	86
PID 2860 wrote to memory of 2032	2860	msedge.exe	86
PID 2860 wrote to memory of 2032	2860	msedge.exe	86
PID 2860 wrote to memory of 2032	2860	msedge.exe	86
PID 2860 wrote to memory of 2032	2860	msedge.exe	86
PID 2860 wrote to memory of 2032	2860	msedge.exe	86
PID 2860 wrote to memory of 2032	2860	msedge.exe	86
PID 2860 wrote to memory of 2032	2860	msedge.exe	86
PID 2860 wrote to memory of 2032	2860	msedge.exe	86
PID 2860 wrote to memory of 2032	2860	msedge.exe	86
PID 2860 wrote to memory of 2032	2860	msedge.exe	86
PID 2860 wrote to memory of 2032	2860	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877
1⤵
- Enumerates system info in registry
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2860
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffd7cc46f8,0x7fffd7cc4708,0x7fffd7cc4718
  2⤵
  PID:2204
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2144 /prefetch:2
  2⤵
  PID:2808
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1108
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2812 /prefetch:8
  2⤵
  PID:2032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:1
  2⤵
  PID:3336
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:1
  2⤵
  PID:4888
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5264 /prefetch:8
  2⤵
  PID:3144
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5264 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3456
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5424 /prefetch:1
  2⤵
  PID:944
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5588 /prefetch:1
  2⤵
  PID:4248
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5104 /prefetch:1
  2⤵
  PID:2724
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5592 /prefetch:1
  2⤵
  PID:2648
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5940 /prefetch:1
  2⤵
  PID:3720
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6032 /prefetch:1
  2⤵
  PID:3140
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3524 /prefetch:1
  2⤵
  PID:4240
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3316 /prefetch:1
  2⤵
  PID:3776
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5104 /prefetch:1
  2⤵
  PID:4400
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4780 /prefetch:1
  2⤵
  PID:2912
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=3312 /prefetch:8
  2⤵
  PID:744
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5280 /prefetch:1
  2⤵
  PID:1064
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6288 /prefetch:1
  2⤵
  PID:232
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6412 /prefetch:1
  2⤵
  PID:4472
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6540 /prefetch:1
  2⤵
  PID:3720
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6668 /prefetch:1
  2⤵
  PID:2812
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6676 /prefetch:1
  2⤵
  PID:2592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6808 /prefetch:1
  2⤵
  PID:1828
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7420 /prefetch:1
  2⤵
  PID:3208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7560 /prefetch:1
  2⤵
  PID:4036
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7456 /prefetch:1
  2⤵
  PID:3100
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6564 /prefetch:1
  2⤵
  PID:3344
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7824 /prefetch:1
  2⤵
  PID:4416
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7960 /prefetch:1
  2⤵
  PID:1916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7688 /prefetch:1
  2⤵
  PID:5364
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8676 /prefetch:1
  2⤵
  PID:5436
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8716 /prefetch:1
  2⤵
  PID:5516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8912 /prefetch:1
  2⤵
  PID:5660
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9296 /prefetch:1
  2⤵
  PID:5732
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8648 /prefetch:1
  2⤵
  PID:5740
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8660 /prefetch:1
  2⤵
  PID:5748
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9536 /prefetch:1
  2⤵
  PID:5756
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9660 /prefetch:1
  2⤵
  PID:5764
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9820 /prefetch:1
  2⤵
  PID:5776
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10424 /prefetch:1
  2⤵
  PID:5632
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10444 /prefetch:1
  2⤵
  PID:5640
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10828 /prefetch:1
  2⤵
  PID:6228
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10876 /prefetch:1
  2⤵
  PID:6236
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11092 /prefetch:1
  2⤵
  PID:6372
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11112 /prefetch:1
  2⤵
  PID:6380
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11496 /prefetch:1
  2⤵
  PID:6592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8684 /prefetch:1
  2⤵
  PID:6676
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11764 /prefetch:1
  2⤵
  PID:6716
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11904 /prefetch:1
  2⤵
  PID:6724
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8856 /prefetch:1
  2⤵
  PID:6732
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11080 /prefetch:1
  2⤵
  PID:7032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12484 /prefetch:1
  2⤵
  PID:7112
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12844 /prefetch:1
  2⤵
  PID:7120
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11508 /prefetch:1
  2⤵
  PID:7236
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11696 /prefetch:1
  2⤵
  PID:7244
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13736 /prefetch:1
  2⤵
  PID:7288
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13748 /prefetch:1
  2⤵
  PID:7296
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14008 /prefetch:1
  2⤵
  PID:7332
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13856 /prefetch:1
  2⤵
  PID:7344
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14252 /prefetch:1
  2⤵
  PID:7352
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13644 /prefetch:1
  2⤵
  PID:7672
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10844 /prefetch:1
  2⤵
  PID:6984
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6096 /prefetch:1
  2⤵
  PID:8036
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8396 /prefetch:1
  2⤵
  PID:6504
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12872 /prefetch:1
  2⤵
  PID:8040
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12040 /prefetch:1
  2⤵
  PID:6896
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10500 /prefetch:1
  2⤵
  PID:6864
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14180 /prefetch:1
  2⤵
  PID:6100
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12544 /prefetch:1
  2⤵
  PID:6532
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11876 /prefetch:1
  2⤵
  PID:8088
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13400 /prefetch:1
  2⤵
  PID:6932
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13128 /prefetch:1
  2⤵
  PID:7120
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10168 /prefetch:1
  2⤵
  PID:7404
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13800 /prefetch:1
  2⤵
  PID:6248
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14180 /prefetch:1
  2⤵
  PID:6316
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11652 /prefetch:1
  2⤵
  PID:6300
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10228 /prefetch:1
  2⤵
  PID:7508
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7920 /prefetch:1
  2⤵
  PID:7704
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11508 /prefetch:1
  2⤵
  PID:6736
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8220 /prefetch:1
  2⤵
  PID:6732
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14444 /prefetch:1
  2⤵
  PID:6012
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12508 /prefetch:1
  2⤵
  PID:7864
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14784 /prefetch:1
  2⤵
  PID:4728
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11888 /prefetch:1
  2⤵
  PID:5412
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14060 /prefetch:1
  2⤵
  PID:1428
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8728 /prefetch:1
  2⤵
  PID:920
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14116 /prefetch:1
  2⤵
  PID:3188
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13992 /prefetch:1
  2⤵
  PID:7988
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8204 /prefetch:1
  2⤵
  PID:5384
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11092 /prefetch:1
  2⤵
  PID:1280
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10724 /prefetch:1
  2⤵
  PID:6728
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10720 /prefetch:1
  2⤵
  PID:7116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8232 /prefetch:1
  2⤵
  PID:6828
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12324 /prefetch:1
  2⤵
  PID:3132
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13604 /prefetch:1
  2⤵
  PID:4104
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15148 /prefetch:1
  2⤵
  PID:2368
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15268 /prefetch:1
  2⤵
  PID:3532
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15352 /prefetch:1
  2⤵
  PID:4732
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=102 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15380 /prefetch:1
  2⤵
  PID:4480
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15700 /prefetch:1
  2⤵
  PID:8224
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=104 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10872 /prefetch:1
  2⤵
  PID:8296
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8616 /prefetch:1
  2⤵
  PID:8304
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=106 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15892 /prefetch:1
  2⤵
  PID:8376
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=107 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15044 /prefetch:1
  2⤵
  PID:8464
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=10772 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:7028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=109 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8424 /prefetch:1
  2⤵
  PID:6444
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=110 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14724 /prefetch:1
  2⤵
  PID:7836
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=111 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15632 /prefetch:1
  2⤵
  PID:7144
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=112 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15120 /prefetch:1
  2⤵
  PID:6684
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=113 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15824 /prefetch:1
  2⤵
  PID:7272
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=114 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15976 /prefetch:1
  2⤵
  PID:7732
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=115 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15968 /prefetch:1
  2⤵
  PID:7500
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=116 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13096 /prefetch:1
  2⤵
  PID:7296
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=117 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9100 /prefetch:1
  2⤵
  PID:7648
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=118 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12040 /prefetch:1
  2⤵
  PID:5984
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=119 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9752 /prefetch:1
  2⤵
  PID:4380
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=120 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12460 /prefetch:1
  2⤵
  PID:8752
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=121 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10136 /prefetch:1
  2⤵
  PID:7064
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=122 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9712 /prefetch:1
  2⤵
  PID:7076
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=123 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15884 /prefetch:1
  2⤵
  PID:7080
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=124 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12416 /prefetch:1
  2⤵
  PID:7048
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=125 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10116 /prefetch:1
  2⤵
  PID:7016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=126 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6028 /prefetch:1
  2⤵
  PID:7024
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=127 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13700 /prefetch:1
  2⤵
  PID:7932
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=128 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12220 /prefetch:1
  2⤵
  PID:7916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=129 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7860 /prefetch:1
  2⤵
  PID:7928
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=130 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13820 /prefetch:1
  2⤵
  PID:5056
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=131 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13616 /prefetch:1
  2⤵
  PID:7984
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=132 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10908 /prefetch:1
  2⤵
  PID:2700
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=133 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11620 /prefetch:1
  2⤵
  PID:6464
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=134 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14408 /prefetch:1
  2⤵
  PID:6452
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=135 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12984 /prefetch:1
  2⤵
  PID:3996
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=136 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10776 /prefetch:1
  2⤵
  PID:8860
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=137 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11024 /prefetch:1
  2⤵
  PID:8868
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=138 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13516 /prefetch:1
  2⤵
  PID:3284
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=139 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11756 /prefetch:1
  2⤵
  PID:8240
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=140 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9720 /prefetch:1
  2⤵
  PID:6924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=141 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10880 /prefetch:1
  2⤵
  PID:6596
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=142 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15380 /prefetch:1
  2⤵
  PID:740
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=143 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12420 /prefetch:1
  2⤵
  PID:6708
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=144 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11360 /prefetch:1
  2⤵
  PID:8924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=145 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8684 /prefetch:1
  2⤵
  PID:8088
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=146 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15568 /prefetch:1
  2⤵
  PID:8376
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=147 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12636 /prefetch:1
  2⤵
  PID:9044
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=148 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15880 /prefetch:1
  2⤵
  PID:5420
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=149 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5328 /prefetch:1
  2⤵
  PID:4084
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=150 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10344 /prefetch:1
  2⤵
  PID:6832
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=151 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15620 /prefetch:1
  2⤵
  PID:6836
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=152 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15476 /prefetch:1
  2⤵
  PID:7452
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=153 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15284 /prefetch:1
  2⤵
  PID:6148
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=154 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8436 /prefetch:1
  2⤵
  PID:8612
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=155 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15888 /prefetch:1
  2⤵
  PID:4820
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=156 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12184 /prefetch:1
  2⤵
  PID:7260
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=157 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15236 /prefetch:1
  2⤵
  PID:7328
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=158 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7524 /prefetch:1
  2⤵
  PID:7700
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=159 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10956 /prefetch:1
  2⤵
  PID:4560
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=160 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8216 /prefetch:1
  2⤵
  PID:8064
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=161 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15976 /prefetch:1
  2⤵
  PID:8132
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=162 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14664 /prefetch:1
  2⤵
  PID:2212
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=163 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7508 /prefetch:1
  2⤵
  PID:8740
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=164 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14168 /prefetch:1
  2⤵
  PID:8760
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=165 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15436 /prefetch:1
  2⤵
  PID:5836
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=166 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13196 /prefetch:1
  2⤵
  PID:7292
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=167 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15244 /prefetch:1
  2⤵
  PID:6560
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=168 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10680 /prefetch:1
  2⤵
  PID:6108
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=169 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15452 /prefetch:1
  2⤵
  PID:7120
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=170 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12320 /prefetch:1
  2⤵
  PID:7896
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=171 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12244 /prefetch:1
  2⤵
  PID:8664
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=172 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12580 /prefetch:1
  2⤵
  PID:8212
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=173 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2204 /prefetch:1
  2⤵
  PID:1344
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=174 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13424 /prefetch:1
  2⤵
  PID:5792
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=175 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11512 /prefetch:1
  2⤵
  PID:5124
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=176 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13728 /prefetch:1
  2⤵
  PID:6456
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=177 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15640 /prefetch:1
  2⤵
  PID:3288
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=178 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9172 /prefetch:1
  2⤵
  PID:6504
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=179 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13756 /prefetch:1
  2⤵
  PID:8384
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=180 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12588 /prefetch:1
  2⤵
  PID:8348
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=15344 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:6948
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=182 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8148 /prefetch:1
  2⤵
  PID:8700
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=183 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9176 /prefetch:1
  2⤵
  PID:7540
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=184 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12820 /prefetch:1
  2⤵
  PID:7380
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=185 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9108 /prefetch:1
  2⤵
  PID:7300
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=186 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10960 /prefetch:1
  2⤵
  PID:8600
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=187 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10272 /prefetch:1
  2⤵
  PID:6780
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=188 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15752 /prefetch:1
  2⤵
  PID:7268
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=189 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10944 /prefetch:1
  2⤵
  PID:5820
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=190 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15312 /prefetch:1
  2⤵
  PID:6192
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=191 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14832 /prefetch:1
  2⤵
  PID:4104
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=192 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15608 /prefetch:1
  2⤵
  PID:1672
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=193 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11180 /prefetch:1
  2⤵
  PID:6716
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=194 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5716 /prefetch:1
  2⤵
  PID:6860
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=195 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10852 /prefetch:1
  2⤵
  PID:5196
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=196 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13444 /prefetch:1
  2⤵
  PID:8160
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=197 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12108 /prefetch:1
  2⤵
  PID:7608
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=198 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10116 /prefetch:1
  2⤵
  PID:7092
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=199 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8140 /prefetch:1
  2⤵
  PID:8304
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=200 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15560 /prefetch:1
  2⤵
  PID:6496
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=201 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10084 /prefetch:1
  2⤵
  PID:5228
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=202 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10196 /prefetch:1
  2⤵
  PID:8208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=203 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15432 /prefetch:1
  2⤵
  PID:4684
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=204 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12704 /prefetch:1
  2⤵
  PID:6364
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=205 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13560 /prefetch:1
  2⤵
  PID:1916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=206 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12124 /prefetch:1
  2⤵
  PID:7904
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=207 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13660 /prefetch:1
  2⤵
  PID:7908
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=208 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9724 /prefetch:1
  2⤵
  PID:224
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=209 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7932 /prefetch:1
  2⤵
  PID:8272
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=210 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12804 /prefetch:1
  2⤵
  PID:5792
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=211 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7912 /prefetch:1
  2⤵
  PID:8948
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=212 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11020 /prefetch:1
  2⤵
  PID:3092
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=213 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12320 /prefetch:1
  2⤵
  PID:6912
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=214 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13820 /prefetch:1
  2⤵
  PID:7948
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=215 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13936 /prefetch:1
  2⤵
  PID:4532
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=216 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13632 /prefetch:1
  2⤵
  PID:9092
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=217 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14840 /prefetch:1
  2⤵
  PID:8280
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=218 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8136 /prefetch:1
  2⤵
  PID:3996
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=219 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12036 /prefetch:1
  2⤵
  PID:7404
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=220 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10496 /prefetch:1
  2⤵
  PID:7428
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=221 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14516 /prefetch:1
  2⤵
  PID:1020
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=222 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14388 /prefetch:1
  2⤵
  PID:8476
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=223 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15548 /prefetch:1
  2⤵
  PID:7952
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=224 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13156 /prefetch:1
  2⤵
  PID:7668
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=225 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11732 /prefetch:1
  2⤵
  PID:7384
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=226 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9180 /prefetch:1
  2⤵
  PID:6516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=227 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12972 /prefetch:1
  2⤵
  PID:7160
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=228 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11576 /prefetch:1
  2⤵
  PID:6844
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=229 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13700 /prefetch:1
  2⤵
  PID:9140
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=230 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14920 /prefetch:1
  2⤵
  PID:2484
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=231 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=16184 /prefetch:1
  2⤵
  PID:6300
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=232 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=16392 /prefetch:1
  2⤵
  PID:7512
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=233 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4596 /prefetch:1
  2⤵
  PID:8624
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=234 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14076 /prefetch:1
  2⤵
  PID:3500
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=235 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=16764 /prefetch:1
  2⤵
  PID:7380
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=236 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14424 /prefetch:1
  2⤵
  PID:8276
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=237 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14676 /prefetch:1
  2⤵
  PID:8296
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=238 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=17092 /prefetch:1
  2⤵
  PID:6456
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=239 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=17192 /prefetch:1
  2⤵
  PID:4364
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,855046159176670514,3383043560905503495,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=240 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=17352 /prefetch:1
  2⤵
  PID:8172

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3944

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:552

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:7596

C:\Users\Admin\Downloads\UnbanMe_[unknowncheats.me]_\UnbanMe\UnbanMe.exe
"C:\Users\Admin\Downloads\UnbanMe_[unknowncheats.me]_\UnbanMe\UnbanMe.exe"
1⤵
PID:1216
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:8456
- C:\Users\Admin\Downloads\UnbanMe_[unknowncheats.me]_\UnbanMe\5431d988.exe
  "C:\Users\Admin\Downloads\UnbanMe_[unknowncheats.me]_\UnbanMe\5431d988.exe" 60b5f7e0.sys
  2⤵
  - Sets service image path in registry
  - Executes dropped EXE
  - Suspicious behavior: LoadsDriver
  - Suspicious use of AdjustPrivilegeToken
  PID:3192
- C:\Windows\System32\Wbem\wmic.exe
  wmic cpu get processorid
  2⤵
  - Suspicious use of AdjustPrivilegeToken
  PID:6912
- C:\Windows\System32\Wbem\wmic.exe
  wmic bios get serialnumber
  2⤵
  - Suspicious use of AdjustPrivilegeToken
  PID:2304
- C:\Windows\System32\Wbem\wmic.exe
  wmic csproduct get uuid
  2⤵
  PID:1428
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c pause >nul
  2⤵
  PID:8912
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:6404
- C:\Users\Admin\Downloads\UnbanMe_[unknowncheats.me]_\UnbanMe\9f49eb70.exe
  "C:\Users\Admin\Downloads\UnbanMe_[unknowncheats.me]_\UnbanMe\9f49eb70.exe" f37bcf10.sys
  2⤵
  - Sets service image path in registry
  - Executes dropped EXE
  - Suspicious behavior: LoadsDriver
  PID:8264
- C:\Windows\System32\Wbem\wmic.exe
  wmic cpu get processorid
  2⤵
  PID:5652
- C:\Windows\System32\Wbem\wmic.exe
  wmic bios get serialnumber
  2⤵
  PID:6596
- C:\Windows\System32\Wbem\wmic.exe
  wmic csproduct get uuid
  2⤵
  PID:4084
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c pause >nul
  2⤵
  PID:6916
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:7272
- C:\Users\Admin\Downloads\UnbanMe_[unknowncheats.me]_\UnbanMe\6f808930.exe
  "C:\Users\Admin\Downloads\UnbanMe_[unknowncheats.me]_\UnbanMe\6f808930.exe" e0243190.sys
  2⤵
  - Sets service image path in registry
  - Executes dropped EXE
  - Suspicious behavior: LoadsDriver
  PID:7344
- C:\Windows\System32\Wbem\wmic.exe
  wmic cpu get processorid
  2⤵
  PID:7628
- C:\Windows\System32\Wbem\wmic.exe
  wmic bios get serialnumber
  2⤵
  PID:7684
- C:\Windows\System32\Wbem\wmic.exe
  wmic csproduct get uuid
  2⤵
  PID:8604
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c pause >nul
  2⤵
  PID:7348

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:7912

Network

DNS

www.unknowncheats.me

msedge.exe

Remote address:

8.8.8.8:53

Request

www.unknowncheats.me

IN A

Response

www.unknowncheats.me

IN A

104.26.12.251

www.unknowncheats.me

IN A

104.26.13.251

www.unknowncheats.me

IN A

172.67.73.40
GET

https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877

msedge.exe

Remote address:

104.26.12.251:443

Request

GET /forum/downloads.php?do=file&id=43877 HTTP/2.0
host: www.unknowncheats.me
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
dnt: 1
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:35 GMT
content-type: text/html; charset=ISO-8859-1
cache-control: private
pragma: private
x-ua-compatible: IE=7
vary: Accept-Encoding
set-cookie: bbsessionhash=d1720465f965e23b4ded5e6d6e7053b5; path=/forum/; HttpOnly
set-cookie: bblastvisit=1710450095; expires=Fri, 14-Mar-2025 21:01:35 GMT; Max-Age=31536000; path=/forum/; secure
set-cookie: bblastactivity=0; expires=Fri, 14-Mar-2025 21:01:35 GMT; Max-Age=31536000; path=/forum/; secure
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0U7DDjf2ppxk%2Btn33Vj%2B8x%2Bnzltt4O4gftF2baFhrcukyraF%2FTpw39C3MbB9jkYNZ9L%2BG8EMokoZIBYiZJ3wZEATDjrFycFEJ2B%2Buio6O0Xn7wjfZ%2FCjHD2vKLBGLOvc3MOa3NyY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86473324c916b7a8-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://www.unknowncheats.me/forum/clientscript/vbulletin_css/style-01a2078a-00033.css

msedge.exe

Remote address:

104.26.12.251:443

Request

GET /forum/clientscript/vbulletin_css/style-01a2078a-00033.css HTTP/2.0
host: www.unknowncheats.me
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: bbsessionhash=d1720465f965e23b4ded5e6d6e7053b5
cookie: bblastvisit=1710450095
cookie: bblastactivity=0

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:35 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1690
etag: W/"69a-4e3aff64f0b80-gzip"
last-modified: Sun, 11 Aug 2013 18:13:18 GMT
vary: Accept-Encoding
cache-control: max-age=691200
cf-cache-status: HIT
age: 4806
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tTP8yc27iGU%2F7N8%2BEm5FpD1c5hUTQVsdOsZFFfe5RLLZ9wBtH9y9KrvbysiWFl4odzbpMFINwywB07tUYJgQulMSt1fQ%2F5ycGeQYjhmicKoJVXDazPVbA9lFds3HlbqPi%2BT9ApNP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86473329cdf3b7a8-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://www.unknowncheats.me/forum/clientscript/vbulletin_important.css?v=387

msedge.exe

Remote address:

104.26.12.251:443

Request

GET /forum/clientscript/vbulletin_important.css?v=387 HTTP/2.0
host: www.unknowncheats.me
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: bbsessionhash=d1720465f965e23b4ded5e6d6e7053b5
cookie: bblastvisit=1710450095
cookie: bblastactivity=0

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:35 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=36628
etag: W/"8f14-4e3aff733ed40-gzip"
last-modified: Sun, 11 Aug 2013 18:13:33 GMT
vary: Accept-Encoding
cache-control: max-age=691200
cf-cache-status: HIT
age: 2967
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SwyXAN1a3RSWACRAqpwro6%2FbquqEafefuuxJLxDa3P0m6AuPJbIOaMRFeHj9PVFCu4sHBjLH1nvGGFAV3opodMTGXuz0KXam4N3KmNNHuKm255xsjcV9d8M7uXUD26aZAfN1LKLp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86473329cdf6b7a8-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://www.unknowncheats.me/forum/clientscript/yui/yahoo-dom-event/yahoo-dom-event.js?v=387

msedge.exe

Remote address:

104.26.12.251:443

Request

GET /forum/clientscript/yui/yahoo-dom-event/yahoo-dom-event.js?v=387 HTTP/2.0
host: www.unknowncheats.me
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: bbsessionhash=d1720465f965e23b4ded5e6d6e7053b5
cookie: bblastvisit=1710450095
cookie: bblastactivity=0

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:35 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=7230
etag: W/"1c3e-5eb7479ae2a14-gzip"
last-modified: Thu, 20 Oct 2022 10:06:13 GMT
vary: Accept-Encoding
cache-control: max-age=691200
cf-cache-status: HIT
age: 4923
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MGRtZASpzOSGc40JCIjZzeVqsqvLgBXkuruQQ%2FUre%2FddJgLt6YHLsSS%2FZm0xpKr6OZpKGuwPMmylWbuV8gPqicEuq5CIGcRi3%2BW4dKhizRm9od1xb8hGHY1tJW8QFmoOsoig%2BoFD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86473329cdefb7a8-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://www.unknowncheats.me/forum/clientscript/yui/connection/connection-min.js?v=387

msedge.exe

Remote address:

104.26.12.251:443

Request

GET /forum/clientscript/yui/connection/connection-min.js?v=387 HTTP/2.0
host: www.unknowncheats.me
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: bbsessionhash=d1720465f965e23b4ded5e6d6e7053b5
cookie: bblastvisit=1710450095
cookie: bblastactivity=0

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:35 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"13c4-568f7b1567f40-gzip"
last-modified: Tue, 03 Apr 2018 20:38:45 GMT
vary: Accept-Encoding
cache-control: max-age=691200
cf-cache-status: HIT
age: 2967
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v7%2BK%2FCZvm4GHrXJaIMLijTGHwi1BweiWFNeDM6cGz56uSqL6o70%2FOYhJ5DLtEEOXCJPb8JlLZ94Pbj20Cf6%2FURhOQ%2F9oEFw1kA6ZSTwzvip3rrMFGf05htCrAq5qA6QUL4cCoro5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86473329ce05b7a8-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://www.unknowncheats.me/forum/clientscript/vbulletin_global.js?v=387

msedge.exe

Remote address:

104.26.12.251:443

Request

GET /forum/clientscript/vbulletin_global.js?v=387 HTTP/2.0
host: www.unknowncheats.me
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: bbsessionhash=d1720465f965e23b4ded5e6d6e7053b5
cookie: bblastvisit=1710450095
cookie: bblastactivity=0

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:35 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=16754
etag: W/"4172-5172af40b4d80-gzip"
last-modified: Thu, 28 May 2015 21:22:14 GMT
vary: Accept-Encoding
cache-control: max-age=691200
cf-cache-status: HIT
age: 6875
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wH062vwIVhen9DfLb5k06ZxHgW4rM%2Fc5CHDmLwsQTtGM2%2FLEG%2BYR9d9epF2g6z%2BV61TyFmkZ33fMMtf1xMPZYldUaacIJGo6sIqEmDxukP9Mf7QYhH9AKrDgG7UrMSmNmuk09mpk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86473329ce02b7a8-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://www.unknowncheats.me/forum/clientscript/prettify/prettify.css?v=2

msedge.exe

Remote address:

104.26.12.251:443

Request

GET /forum/clientscript/prettify/prettify.css?v=2 HTTP/2.0
host: www.unknowncheats.me
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: bbsessionhash=d1720465f965e23b4ded5e6d6e7053b5
cookie: bblastvisit=1710450095
cookie: bblastactivity=0

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:35 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1221
etag: W/"4c5-53d4c388b10c0-gzip"
last-modified: Sun, 25 Sep 2016 03:00:59 GMT
vary: Accept-Encoding
cache-control: max-age=691200
cf-cache-status: HIT
age: 6875
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=26zzT4LV%2Bjj2%2BnrnIw6igKiHajRA4UWocMinVes%2FWurX5DLz3ryUOd2tE3wZp7T46wB%2Btw6JdoiDaVM1FHa443U14k6eBryep6XB%2FmhVhevhvh%2B5OSHdTrKoCEBC2d3kB4WQ%2FB8y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86473329cdfbb7a8-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://www.unknowncheats.me/forum/clientscript/usertitles.css?v=5

msedge.exe

Remote address:

104.26.12.251:443

Request

GET /forum/clientscript/usertitles.css?v=5 HTTP/2.0
host: www.unknowncheats.me
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: bbsessionhash=d1720465f965e23b4ded5e6d6e7053b5
cookie: bblastvisit=1710450095
cookie: bblastactivity=0

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:35 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=9441
etag: W/"24e1-4e3aff65e4dc0-gzip"
last-modified: Sun, 11 Aug 2013 18:13:19 GMT
vary: Accept-Encoding
cache-control: max-age=691200
cf-cache-status: HIT
age: 5488
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q43B252D8UEenxGLebJjdvX6oCR4C%2B1JIxSr39hhRI2hv5Nycbj9RbvxC7Xc2ntSo7QWHEeFFsHTl5cNfPZJ6IQTPyasG8rMBjXkg0CS%2FzttAzd5I4HqHUWX%2BFVzuLet4%2BKhR2Rr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86473329ce00b7a8-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://www.unknowncheats.me/forum/clientscript/vbulletin_menu.js?v=387

msedge.exe

Remote address:

104.26.12.251:443

Request

GET /forum/clientscript/vbulletin_menu.js?v=387 HTTP/2.0
host: www.unknowncheats.me
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: bbsessionhash=d1720465f965e23b4ded5e6d6e7053b5
cookie: bblastvisit=1710450095
cookie: bblastactivity=0

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:35 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=11761
etag: W/"2df1-5b177c15ea96a-gzip"
last-modified: Mon, 12 Oct 2020 11:39:46 GMT
vary: Accept-Encoding
cache-control: max-age=691200
cf-cache-status: HIT
age: 6875
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TdQkAaXCEiWJgpGXMhxkTR5vlqxZLVw%2FzLQxJ%2BTcmtQXegxN1tVnVsCr0vOHRem2y%2FeES7ZWa8JaROhnu7KGG8nR0WUwPBzk1dXKFQge3PKfFw4wr9erN98vultvhu0wWqh3uWzS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86473329cdfdb7a8-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://www.unknowncheats.me/forum/clientscript/prettify/run_prettify.js

msedge.exe

Remote address:

104.26.12.251:443

Request

GET /forum/clientscript/prettify/run_prettify.js HTTP/2.0
host: www.unknowncheats.me
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: bbsessionhash=d1720465f965e23b4ded5e6d6e7053b5
cookie: bblastvisit=1710450095
cookie: bblastactivity=0

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:35 GMT
content-type: application/javascript
last-modified: Sun, 11 Aug 2013 18:13:30 GMT
etag: W/"2d54-4e3aff7062680-gzip"
vary: Accept-Encoding
cache-control: max-age=691200
cf-cache-status: HIT
age: 4586
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xmh4ktBDO0glmHfkh%2FQrK%2FNKzrNhEAjWzP1ZDAZHlFH0rkxXB4kTt1xVUz%2B73A5iFp798BvWwOfrPIpX7IaDL2Z8RAuAcD1AoPQXuPW%2BBKzp125T71plhYpoAfF%2FQINQidCarBgs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86473329cdf7b7a8-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://www.unknowncheats.me/forum/clientscript/uc_imageresizer.js

msedge.exe

Remote address:

104.26.12.251:443

Request

GET /forum/clientscript/uc_imageresizer.js HTTP/2.0
host: www.unknowncheats.me
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: bbsessionhash=d1720465f965e23b4ded5e6d6e7053b5
cookie: bblastvisit=1710450095
cookie: bblastactivity=0

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:35 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=26010
etag: W/"659a-567f2cb0e1e80-gzip"
last-modified: Wed, 21 Mar 2018 21:22:50 GMT
vary: Accept-Encoding
cache-control: max-age=691200
cf-cache-status: HIT
age: 2967
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jxsQLQgUOMO6Sg00bSR58LCm9j1xaPULZk4oy4svL%2BLAlOHR1ndCvsAA3fo5tgx4xGO3pRRaLVQXxFUnpnk%2FC%2FKZE6WAMkcl9DCP7zow%2FrU%2FYqIMifngAVzTL2%2ByI5qo0KnNm0Yp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86473329cdf9b7a8-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://www.unknowncheats.me/forum/clientscript/vbulletin_md5.js

msedge.exe

Remote address:

104.26.12.251:443

Request

GET /forum/clientscript/vbulletin_md5.js HTTP/2.0
host: www.unknowncheats.me
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: bbsessionhash=d1720465f965e23b4ded5e6d6e7053b5
cookie: bblastvisit=1710450095
cookie: bblastactivity=0

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:35 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1221
etag: W/"4c5-53d4c388b10c0-gzip"
last-modified: Sun, 25 Sep 2016 03:00:59 GMT
vary: Accept-Encoding
cache-control: max-age=691200
cf-cache-status: HIT
age: 4899
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0scFVF53AJarl3r7x8FqTwbBTyrYlTzVWBPzKWUz%2Bwss7fUN9t3pgKDe1S6%2Ft9fllqzCSkonNBRFqEd%2F49zKrmx%2FM6n5KlxqdmItN%2BDhRZQ7VFKCSL8sx5MoHT1B%2B1YMcftW%2BMpa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8647332a5ea8b7a8-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://www.unknowncheats.me/forum/clientscript/prettify/prettify.css

msedge.exe

Remote address:

104.26.12.251:443

Request

GET /forum/clientscript/prettify/prettify.css HTTP/2.0
host: www.unknowncheats.me
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: bbsessionhash=d1720465f965e23b4ded5e6d6e7053b5
cookie: bblastvisit=1710450095
cookie: bblastactivity=0

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:35 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"1558-4e3aff65e4dc0-gzip"
last-modified: Sun, 11 Aug 2013 18:13:19 GMT
vary: Accept-Encoding
cache-control: max-age=691200
cf-cache-status: HIT
age: 5488
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IZWTz3TocdXEOHDxzA4mHH3C0Yh81rvjGFSDmeBojdI3BdrFwZ4x6pEJwPg8vVnsm7%2BS7jZYzA8TKLpE23sHGyVOi62v2jJqwrpzTELgGFtwC7qecxgb1GnszpIaHCP6XyGnPD%2Bv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8647332a5ea7b7a8-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://www.unknowncheats.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

msedge.exe

Remote address:

104.26.12.251:443

Request

GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/2.0
host: www.unknowncheats.me
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:36 GMT
content-type: application/javascript
last-modified: Fri, 08 Mar 2024 17:53:27 GMT
etag: W/"65eb5097-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7g7KNb4mV2Rf6VGuoz0Aoj5BtVp511lBe9D8bMhsQC5d6bPv6bsR7RswBfgIZtCKSrFlCEhpdGItE3tkWwGLNtGD3UGb%2FhW%2FBLL6SnmPLvR2Foa9lJXYbmJCYY%2BXKSQ%2FqtbWcT5P"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8647332c98bfb7a8-AMS
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sat, 16 Mar 2024 21:01:36 GMT
cache-control: max-age=172800
cache-control: public
content-encoding: gzip
GET

https://www.unknowncheats.me/forum/ambience/misc/ucdownloads.png

msedge.exe

Remote address:

104.26.12.251:443

Request

GET /forum/ambience/misc/ucdownloads.png HTTP/2.0
host: www.unknowncheats.me
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: bbsessionhash=d1720465f965e23b4ded5e6d6e7053b5
cookie: bblastvisit=1710450095
cookie: bblastactivity=0

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:36 GMT
content-type: image/png
content-length: 29869
cf-bgj: imgq:85,h2pri
cf-polished: origSize=33571, status=webp_bigger
etag: "8323-527863ed80a40"
last-modified: Wed, 23 Dec 2015 01:00:17 GMT
cache-control: max-age=691200
cf-cache-status: HIT
age: 679
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cqZ08eMPRzQn%2B4n33tJ0TAJiRocMiVoU8MIrK%2FLPeY3AkRiRqoHZlKIF8PCH9adOEZ3D3XMm5AFzQkQL0DP1MhnTDc9Gl6z%2BC%2FSSvcJcF9O8%2BnGxpQdEevOxO0Vb6HYENYkLPruP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8647332f2b03b7a8-AMS
alt-svc: h3=":443"; ma=86400
GET

https://www.unknowncheats.me/forum/ambience/misc/forum_banner_x.png

msedge.exe

Remote address:

104.26.12.251:443

Request

GET /forum/ambience/misc/forum_banner_x.png HTTP/2.0
host: www.unknowncheats.me
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: bbsessionhash=d1720465f965e23b4ded5e6d6e7053b5
cookie: bblastvisit=1710450095
cookie: bblastactivity=0
cookie: _ga=GA1.1.512387923.1710450096
cookie: _ga_WW5GLB1G9F=GS1.1.1710450095.1.0.1710450095.0.0.0

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:36 GMT
content-type: image/webp
content-length: 144
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=293
content-disposition: inline; filename="forum_banner_x.webp"
etag: "125-54ccd28332380"
last-modified: Mon, 10 Apr 2017 10:08:30 GMT
vary: Accept
cache-control: max-age=691200
cf-cache-status: HIT
age: 1714
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tGmDEKSYxYEK3BMS2FGWI3TKHfQiqbXbA%2Fl5l3amQn0sevoSovqKjPcKbZuNDezaLZ9ArNtIcDhmmUuQjFOBYQ1R825fYQ2WQ7ozgLRSbohfQENgu5YH7hOVO%2BrAeLgXHayFwm2i"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8647332f9b88b7a8-AMS
alt-svc: h3=":443"; ma=86400
GET

https://www.unknowncheats.me/forum/ambience/misc/ambience_nav_home.png

msedge.exe

Remote address:

104.26.12.251:443

Request

GET /forum/ambience/misc/ambience_nav_home.png HTTP/2.0
host: www.unknowncheats.me
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: bbsessionhash=d1720465f965e23b4ded5e6d6e7053b5
cookie: bblastvisit=1710450095
cookie: bblastactivity=0
cookie: _ga=GA1.1.512387923.1710450096
cookie: _ga_WW5GLB1G9F=GS1.1.1710450095.1.0.1710450095.0.0.0

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:36 GMT
content-type: image/webp
content-length: 248
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=310
content-disposition: inline; filename="ambience_nav_home.webp"
etag: "136-526e0500b4940"
last-modified: Mon, 14 Dec 2015 19:02:21 GMT
vary: Accept
cache-control: max-age=691200
cf-cache-status: HIT
age: 6876
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=67gpNJUwgxK07PDioQRCXrz7WPrpcclEgvRC3URNZXinzsdOnHTED4lbsCA0mIHwHOHe0FLBpVRrKtUpguxEaIHXy0QWMtnD1N1c67vsU3%2Fai058tvnlC5Kd%2Bpo4OjYM9%2F6FCm6H"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 864733305c7bb7a8-AMS
alt-svc: h3=":443"; ma=86400
GET

https://www.unknowncheats.me/forum/ambience/misc/ambience_nav_forum.png

msedge.exe

Remote address:

104.26.12.251:443

Request

GET /forum/ambience/misc/ambience_nav_forum.png HTTP/2.0
host: www.unknowncheats.me
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: bbsessionhash=d1720465f965e23b4ded5e6d6e7053b5
cookie: bblastvisit=1710450095
cookie: bblastactivity=0
cookie: _ga=GA1.1.512387923.1710450096
cookie: _ga_WW5GLB1G9F=GS1.1.1710450095.1.0.1710450095.0.0.0

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:36 GMT
content-type: image/webp
content-length: 226
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=277
content-disposition: inline; filename="ambience_nav_forum.webp"
etag: "115-526e0500b4940"
last-modified: Mon, 14 Dec 2015 19:02:21 GMT
vary: Accept
cache-control: max-age=691200
cf-cache-status: HIT
age: 6876
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n%2BUXlh0oHdqAEHsw1Q2DlWVs8%2FYwbamIJtx3jBz9IPuJI9Vc7AAgX6eTDWLdp7szdkJGD8N5o4QZSjZsL%2F8o5Y8ka%2FQb0IjCKjfBwzGLZgjy51SYp1Yodr8krvWQqbpF%2Bqn%2BcqZw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86473330ccddb7a8-AMS
alt-svc: h3=":443"; ma=86400
GET

https://www.unknowncheats.me/forum/ambience/misc/ambience_nav_ucwiki.png

msedge.exe

Remote address:

104.26.12.251:443

Request

GET /forum/ambience/misc/ambience_nav_ucwiki.png HTTP/2.0
host: www.unknowncheats.me
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: bbsessionhash=d1720465f965e23b4ded5e6d6e7053b5
cookie: bblastvisit=1710450095
cookie: bblastactivity=0
cookie: _ga=GA1.1.512387923.1710450096
cookie: _ga_WW5GLB1G9F=GS1.1.1710450095.1.0.1710450095.0.0.0

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:36 GMT
content-type: image/webp
content-length: 246
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=320
content-disposition: inline; filename="ambience_nav_ucwiki.webp"
etag: "140-526e0500b4940"
last-modified: Mon, 14 Dec 2015 19:02:21 GMT
vary: Accept
cache-control: max-age=691200
cf-cache-status: HIT
age: 6876
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AuChTKxxnrOjfr0KCycYnzabO7iBaq19yYO2jW%2Fpr774W1xh1GkXEQtVkW3w5%2F%2BYuv2f2j3FE%2BQO0GhfZaOhQM68bNv5BZ8VRntJLM26xwaSizEVtHrkO%2FONU57qVNfgUGeHYevE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 864733312d35b7a8-AMS
alt-svc: h3=":443"; ma=86400
GET

https://www.unknowncheats.me/forum/ambience/misc/ambience_nav_downloads.png

msedge.exe

Remote address:

104.26.12.251:443

Request

GET /forum/ambience/misc/ambience_nav_downloads.png HTTP/2.0
host: www.unknowncheats.me
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: bbsessionhash=d1720465f965e23b4ded5e6d6e7053b5
cookie: bblastvisit=1710450095
cookie: bblastactivity=0
cookie: _ga=GA1.1.512387923.1710450096
cookie: _ga_WW5GLB1G9F=GS1.1.1710450095.1.0.1710450095.0.0.0

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:36 GMT
content-type: image/webp
content-length: 264
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=315
content-disposition: inline; filename="ambience_nav_downloads.webp"
etag: "13b-526e0500b4940"
last-modified: Mon, 14 Dec 2015 19:02:21 GMT
vary: Accept
cache-control: max-age=691200
cf-cache-status: HIT
age: 2787
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pTlPvXP7gClEi%2BpjonPuOm6nT7UWQWjs8cagqu%2BUlOW9QOsnKLjsYKwnFs1za%2FkwxyZ%2BcmhjavRmX0PMYr7QJp40SmIYof%2BywiOUaqvDGFQr%2FvydYSAMx%2FmuvAIyWVTD3BchGxJv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 864733319d9ab7a8-AMS
alt-svc: h3=":443"; ma=86400
GET

https://www.unknowncheats.me/forum/ambience/misc/ambience_nav_faq.png

msedge.exe

Remote address:

104.26.12.251:443

Request

GET /forum/ambience/misc/ambience_nav_faq.png HTTP/2.0
host: www.unknowncheats.me
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: bbsessionhash=d1720465f965e23b4ded5e6d6e7053b5
cookie: bblastvisit=1710450095
cookie: bblastactivity=0
cookie: _ga=GA1.1.512387923.1710450096
cookie: _ga_WW5GLB1G9F=GS1.1.1710450095.1.0.1710450095.0.0.0

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:36 GMT
content-type: image/webp
content-length: 222
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=281
content-disposition: inline; filename="ambience_nav_faq.webp"
etag: "119-526e0500b4940"
last-modified: Mon, 14 Dec 2015 19:02:21 GMT
vary: Accept
cache-control: max-age=691200
cf-cache-status: HIT
age: 4538
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jHjYYvK2whw8cboePDiaJn1XKQvC3d6OoUt6OHSjWdz5GNIxycZkF96Tx9XJ9uXkdL7ZHXMgGwfFbhnntqclFxYvLzdJgnK6yONtOD9vfrephSVdLKSPxNl8OlD35TVXnsqzKFkb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 864733320e0ab7a8-AMS
alt-svc: h3=":443"; ma=86400
GET

https://www.unknowncheats.me/forum/ambience/misc/ambience_nav_reg.png

msedge.exe

Remote address:

104.26.12.251:443

Request

GET /forum/ambience/misc/ambience_nav_reg.png HTTP/2.0
host: www.unknowncheats.me
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: bbsessionhash=d1720465f965e23b4ded5e6d6e7053b5
cookie: bblastvisit=1710450095
cookie: bblastactivity=0
cookie: _ga=GA1.1.512387923.1710450096
cookie: _ga_WW5GLB1G9F=GS1.1.1710450095.1.0.1710450095.0.0.0

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:37 GMT
content-type: image/webp
content-length: 250
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=307
content-disposition: inline; filename="ambience_nav_reg.webp"
etag: "133-526e0500b4940"
last-modified: Mon, 14 Dec 2015 19:02:21 GMT
vary: Accept
cache-control: max-age=691200
cf-cache-status: HIT
age: 5489
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZwIZnEl8Bdf7M2%2FW70wUsUQqWWOc4zdCGy4Q44oKr7V5lu9yeudZdl416ttmHu%2FQCL3bR6WZmjPYAQzM4nTJYpN1co5h6N0U03y%2FPDw1wlWxSkLi%2BfIK9eWXB8egQyhPQzhSDR%2FF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 864733327ea2b7a8-AMS
alt-svc: h3=":443"; ma=86400
GET

https://www.unknowncheats.me/forum/ambience/misc/navbits_start.gif

msedge.exe

Remote address:

104.26.12.251:443

Request

GET /forum/ambience/misc/navbits_start.gif HTTP/2.0
host: www.unknowncheats.me
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: bbsessionhash=d1720465f965e23b4ded5e6d6e7053b5
cookie: bblastvisit=1710450095
cookie: bblastactivity=0
cookie: _ga=GA1.1.512387923.1710450096
cookie: _ga_WW5GLB1G9F=GS1.1.1710450095.1.0.1710450095.0.0.0

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:37 GMT
content-type: image/gif
content-length: 174
cf-bgj: imgq:85,h2pri
cf-polished: status=not_needed
etag: "ae-4eb8b5c474a00"
last-modified: Tue, 19 Nov 2013 17:54:48 GMT
cache-control: max-age=691200
cf-cache-status: HIT
age: 3239
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5odcDgrJ7sGyl%2F4pwUlOk07ehovzv%2F2Z35iWb%2FSrfJorgqo3zJy%2FRcYjLeRNsUYgm9ednOEwDxW%2B9ttnnl6Eq%2BJJ9nFLZLrnUQQbgy%2B7Dkovp51Djg2cyb0h29CU5ZyC5z1brMq%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86473332ef24b7a8-AMS
alt-svc: h3=":443"; ma=86400
GET

https://www.unknowncheats.me/forum/ambience/misc/navbits_finallink.gif

msedge.exe

Remote address:

104.26.12.251:443

Request

GET /forum/ambience/misc/navbits_finallink.gif HTTP/2.0
host: www.unknowncheats.me
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: bbsessionhash=d1720465f965e23b4ded5e6d6e7053b5
cookie: bblastvisit=1710450095
cookie: bblastactivity=0
cookie: _ga=GA1.1.512387923.1710450096
cookie: _ga_WW5GLB1G9F=GS1.1.1710450095.1.0.1710450095.0.0.0

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:37 GMT
content-type: image/webp
content-length: 204
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=gif, origSize=257
content-disposition: inline; filename="navbits_finallink.webp"
etag: "101-4eb8b5c3807c0"
last-modified: Tue, 19 Nov 2013 17:54:47 GMT
vary: Accept
cache-control: max-age=691200
cf-cache-status: HIT
age: 4575
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ooDEKg8sLLqh656R%2BlM1N1YhfkwIuJuhWsYu4MjR5Rj%2BfchQASSceFfwfyk0Padem5BljTOpYPwMTsL0vp021aPloW1ehFXYlzkGmvTD4a0iGJ12MfkOwX8xKlbOOraC%2Fs%2FxoRAR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 864733332f5eb7a8-AMS
alt-svc: h3=":443"; ma=86400
GET

https://www.unknowncheats.me/forum/clientscript/vbulletin_editor.css?v=387

msedge.exe

Remote address:

104.26.12.251:443

Request

GET /forum/clientscript/vbulletin_editor.css?v=387 HTTP/2.0
host: www.unknowncheats.me
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: bbsessionhash=d1720465f965e23b4ded5e6d6e7053b5
cookie: bblastvisit=1710450095
cookie: bblastactivity=0
cookie: _ga=GA1.1.512387923.1710450096
cookie: _ga_WW5GLB1G9F=GS1.1.1710450095.1.0.1710450095.0.0.0

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:37 GMT
content-type: image/webp
content-length: 74274
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=gif, origSize=196112
content-disposition: inline; filename="mw3-hack-release.webp"
etag: "2fe10-609c109bc3e8d"
last-modified: Fri, 10 Nov 2023 00:02:36 GMT
vary: Accept
cache-control: max-age=691200
cf-cache-status: HIT
age: 4270
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jZgVNuebDsJHUpHjW0fo3yi1oJn5B4SSUrHa076xfYt%2FlbetPk%2FKJAi5mP8f3fk3YVdVMjv7tYFSP6FtJ7hohxnBuqn3wRVlZ4l5yjFT5if%2F%2FBR6qWBtddNFW7ZdqIt%2FPxnr%2BLD1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 864733356963b7a8-AMS
alt-svc: h3=":443"; ma=86400
GET

https://www.unknowncheats.me/forum/images/ez/mw3-hack-release.gif

msedge.exe

Remote address:

104.26.12.251:443

Request

GET /forum/images/ez/mw3-hack-release.gif HTTP/2.0
host: www.unknowncheats.me
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: bbsessionhash=d1720465f965e23b4ded5e6d6e7053b5
cookie: bblastvisit=1710450095
cookie: bblastactivity=0
cookie: _ga=GA1.1.512387923.1710450096
cookie: _ga_WW5GLB1G9F=GS1.1.1710450095.1.0.1710450095.0.0.0

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:37 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=3232
etag: W/"ca0-4e3aff64f0b80-gzip"
last-modified: Sun, 11 Aug 2013 18:13:18 GMT
vary: Accept-Encoding
cache-control: max-age=691200
cf-cache-status: HIT
age: 1274
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6GGWoMpWMLIJzpMRFw7a4fn%2B148vrCpXPMPim5Zw2qXJbsWOMkGPgMOxY%2FuAlPmAqTD1VK%2BIpgEcXaKcEBk3xl4xcESg%2FPn%2FSTRgBXBsclV13ZV30j0wClfmvBnuC0%2FFYIynEmFm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 864733356961b7a8-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://www.unknowncheats.me/forum/images/ez/proxy-seller/offer.gif

msedge.exe

Remote address:

104.26.12.251:443

Request

GET /forum/images/ez/proxy-seller/offer.gif HTTP/2.0
host: www.unknowncheats.me
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: bbsessionhash=d1720465f965e23b4ded5e6d6e7053b5
cookie: bblastvisit=1710450095
cookie: bblastactivity=0
cookie: _ga=GA1.1.512387923.1710450096
cookie: _ga_WW5GLB1G9F=GS1.1.1710450095.1.0.1710450095.0.0.0

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:37 GMT
content-type: image/gif
content-length: 408210
cf-bgj: imgq:85,h2pri
cf-polished: status=not_needed
etag: "63a92-5debb5f26b947"
last-modified: Wed, 11 May 2022 12:13:40 GMT
cache-control: max-age=691200
cf-cache-status: HIT
age: 5489
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d9tfQBGoBJ8zdL4ulHmH4b7aLiURITDXTdixiHsT2XNtgJvnH3CSAIngA2nbjF92E%2Bg7MkeHGtknZQAgDp07Hlgs1SSnio85sD1RrkoqVW%2BEYIWIndhdfB8b5FAAYRDlVcEbKoA8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86473335e9d0b7a8-AMS
alt-svc: h3=":443"; ma=86400
GET

https://www.unknowncheats.me/forum/ambience/buttons/download_file.gif

msedge.exe

Remote address:

104.26.12.251:443

Request

GET /forum/ambience/buttons/download_file.gif HTTP/2.0
host: www.unknowncheats.me
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: bbsessionhash=d1720465f965e23b4ded5e6d6e7053b5
cookie: bblastvisit=1710450095
cookie: bblastactivity=0
cookie: _ga=GA1.1.512387923.1710450096
cookie: _ga_WW5GLB1G9F=GS1.1.1710450095.1.0.1710450095.0.0.0

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:37 GMT
content-type: image/webp
content-length: 122
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=203
content-disposition: inline; filename="ambience_nav_x.webp"
etag: "cb-526e0500b4940"
last-modified: Mon, 14 Dec 2015 19:02:21 GMT
vary: Accept
cache-control: max-age=691200
cf-cache-status: HIT
age: 5542
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nq7xrkwFClClJhK7TYwcrnggitj0OA%2BEU3RkZ38SV%2F0FuOBK0RkLC%2BKOgzVqaF5nSyNaNtupDnVfVkE%2F8Ppttk3gl6BKML00Sxlt2BkSeHII7KBzqG3w6ZEacissiHFfB3TeJqgJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86473335e9d7b7a8-AMS
alt-svc: h3=":443"; ma=86400
GET

https://www.unknowncheats.me/forum/images/ez/cs2-hack.gif

msedge.exe

Remote address:

104.26.12.251:443

Request

GET /forum/images/ez/cs2-hack.gif HTTP/2.0
host: www.unknowncheats.me
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: bbsessionhash=d1720465f965e23b4ded5e6d6e7053b5
cookie: bblastvisit=1710450095
cookie: bblastactivity=0
cookie: _ga=GA1.1.512387923.1710450096
cookie: _ga_WW5GLB1G9F=GS1.1.1710450095.1.0.1710450095.0.0.0

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:37 GMT
content-type: image/webp
content-length: 3484
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=gif, origSize=4756
content-disposition: inline; filename="download_file.webp"
etag: "1294-54e7c04ae5b40"
last-modified: Mon, 01 May 2017 20:10:45 GMT
vary: Accept
cache-control: max-age=691200
cf-cache-status: HIT
age: 440
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dqno0dNAmuLuB8dMQVsBInVpUooVE55Dmb89aALN4NHwHkn8ERjgHo5CFzxWPQ8xb2EjalpwXZAJd6%2B%2B01RLV1RJGZDNqfpetZgD05QjMsDeOjMddKunuFvWfUHc45KBejRj9Y6B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86473335e9d1b7a8-AMS
alt-svc: h3=":443"; ma=86400
GET

https://www.unknowncheats.me/forum/ambience/misc/close.gif

msedge.exe

Remote address:

104.26.12.251:443

Request

GET /forum/ambience/misc/close.gif HTTP/2.0
host: www.unknowncheats.me
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: bbsessionhash=d1720465f965e23b4ded5e6d6e7053b5
cookie: bblastvisit=1710450095
cookie: bblastactivity=0
cookie: _ga=GA1.1.512387923.1710450096
cookie: _ga_WW5GLB1G9F=GS1.1.1710450095.1.0.1710450095.0.0.0

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:37 GMT
content-type: image/webp
content-length: 38418
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=gif, origSize=131284
content-disposition: inline; filename="cs2-hack.webp"
etag: "200d4-608102c8d83bb"
last-modified: Thu, 19 Oct 2023 11:37:00 GMT
vary: Accept
cache-control: max-age=691200
cf-cache-status: HIT
age: 3201
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=98n3tAOt4dPN2lkSwszXB3NoHwHPha1YwaCQsvAfiH0LQXv8qWgY2vzwElDYrXSKWO4fAVeY%2BrOt1uWQtyC%2B0nSOU3oLPxQy7r89RCbQV%2B360C%2FynDKharM7s%2FRndKJ471pt%2FfTD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86473335e9d3b7a8-AMS
alt-svc: h3=":443"; ma=86400
GET

https://www.unknowncheats.me/forum/ambience/misc/back2.png

msedge.exe

Remote address:

104.26.12.251:443

Request

GET /forum/ambience/misc/back2.png HTTP/2.0
host: www.unknowncheats.me
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.unknowncheats.me/forum/clientscript/vbulletin_css/style-01a2078a-00033.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: bbsessionhash=d1720465f965e23b4ded5e6d6e7053b5
cookie: bblastvisit=1710450095
cookie: bblastactivity=0
cookie: _ga=GA1.1.512387923.1710450096
cookie: _ga_WW5GLB1G9F=GS1.1.1710450095.1.0.1710450095.0.0.0

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:37 GMT
content-type: image/webp
content-length: 2460
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=3356
content-disposition: inline; filename="back2.webp"
etag: "d1c-526e0500b4940"
last-modified: Mon, 14 Dec 2015 19:02:21 GMT
vary: Accept
cache-control: max-age=691200
cf-cache-status: HIT
age: 5489
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xaqpg7l6kk%2BMXFa8u7fiMQaOu7U0oQXfCAXeWuWbI1we1N8y1xubtnJrCNySMWnsKMvY2CEee1dN8g5gzzzXlQg5MCHRsDYxLZLK%2BFfescG%2BpfiKMpR4AYeqWlMjAeNGH6UUj69C"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86473335e9d6b7a8-AMS
alt-svc: h3=":443"; ma=86400
GET

https://www.unknowncheats.me/forum/ambience/misc/ambience_nav_x.png

msedge.exe

Remote address:

104.26.12.251:443

Request

GET /forum/ambience/misc/ambience_nav_x.png HTTP/2.0
host: www.unknowncheats.me
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: bbsessionhash=d1720465f965e23b4ded5e6d6e7053b5
cookie: bblastvisit=1710450095
cookie: bblastactivity=0
cookie: _ga=GA1.1.512387923.1710450096
cookie: _ga_WW5GLB1G9F=GS1.1.1710450095.1.0.1710450095.0.0.0

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:37 GMT
content-type: image/gif
content-length: 428
cf-bgj: imgq:85,h2pri
cf-polished: status=not_needed
etag: "1ac-4eb8b5bfafec0"
last-modified: Tue, 19 Nov 2013 17:54:43 GMT
cache-control: max-age=691200
cf-cache-status: HIT
age: 5489
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HpFJun7J5r6m5n4Si6IUJP8O77j%2FlmSUQlkwWXBKt%2FXbTpQfbAjpDbpH9RM3bCI1ZCU4NusjRf4KEAfcXgYph%2BKWwJUTt%2BIx1WoEBtGndHDOwMACIZqXp%2FDy%2FtZgRXWQITjM8zBk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86473335e9d4b7a8-AMS
alt-svc: h3=":443"; ma=86400
GET

https://www.unknowncheats.me/forum/ambience/misc/strip_back.png

msedge.exe

Remote address:

104.26.12.251:443

Request

GET /forum/ambience/misc/strip_back.png HTTP/2.0
host: www.unknowncheats.me
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.unknowncheats.me/forum/clientscript/vbulletin_css/style-01a2078a-00033.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: bbsessionhash=d1720465f965e23b4ded5e6d6e7053b5
cookie: bblastvisit=1710450095
cookie: bblastactivity=0
cookie: _ga=GA1.1.512387923.1710450096
cookie: _ga_WW5GLB1G9F=GS1.1.1710450095.1.0.1710450095.0.0.0

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:37 GMT
content-type: image/webp
content-length: 426
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=649
content-disposition: inline; filename="strip_back.webp"
etag: "289-526e0501a8b80"
last-modified: Mon, 14 Dec 2015 19:02:22 GMT
vary: Accept
cache-control: max-age=691200
cf-cache-status: HIT
age: 5542
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HdFPDoU1biJAty7rbDWm1UwHuy3qoWfHAi5C8pE3kmR%2BIm73xJ6M48qpnD%2BFdjyJ44dYOGRO6fw3XBx8lku0Z07Qx2ivVOnYFXFmXvkzkB0QM%2B0Exf0Hpi9BFxz3KUq%2BvVTGArb6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 864733365a33b7a8-AMS
alt-svc: h3=":443"; ma=86400
GET

https://www.unknowncheats.me/cdn-cgi/challenge-platform/scripts/jsd/main.js

msedge.exe

Remote address:

104.26.12.251:443

Request

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/2.0
host: www.unknowncheats.me
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.1.512387923.1710450096
cookie: _ga_WW5GLB1G9F=GS1.1.1710450095.1.0.1710450095.0.0.0

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:01:37 GMT
content-length: 0
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/ace796eb5511/main.js
cache-control: max-age=300, public
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qinpqm9QcsiqmXVIwzedjrhbWIEZ7AclHsgIw6K4T1CNrnEVNxp3d0%2FgjKFsNolyQ%2BKFij7cUB5Z119per4p07VymUvUOXn6p4rQl8spEf8BYsv1tI4Lq4mZqHdL5k01RMafbS7q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 864733374afbb7a8-AMS
alt-svc: h3=":443"; ma=86400
GET

https://www.unknowncheats.me/cdn-cgi/challenge-platform/h/b/scripts/jsd/ace796eb5511/main.js

msedge.exe

Remote address:

104.26.12.251:443

Request

GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/ace796eb5511/main.js HTTP/2.0
host: www.unknowncheats.me
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.1.512387923.1710450096
cookie: _ga_WW5GLB1G9F=GS1.1.1710450095.1.0.1710450095.0.0.0

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:37 GMT
content-type: application/javascript; charset=UTF-8
content-encoding: br
vary: accept-encoding
cache-control: max-age=14400, public
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=twjuc28TlMf7P4GQDUJE7u24vfNK6lCYOLKz6x6I1RNSGBWetLxj%2F7QT%2BG4y7zaCN0SzHTj3JDYLzp2Oo7rh3wZUNQfkpI8NeT9rbMAeeLgrZF2ShbseeuhX%2FE1exLetaeiD04PS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86473337bb6fb7a8-AMS
alt-svc: h3=":443"; ma=86400
POST

https://www.unknowncheats.me/cdn-cgi/challenge-platform/h/b/jsd/r/86473324c916b7a8

msedge.exe

Remote address:

104.26.12.251:443

Request

POST /cdn-cgi/challenge-platform/h/b/jsd/r/86473324c916b7a8 HTTP/2.0
host: www.unknowncheats.me
content-length: 14126
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: */*
origin: https://www.unknowncheats.me
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.1.512387923.1710450096
cookie: _ga_WW5GLB1G9F=GS1.1.1710450095.1.0.1710450095.0.0.0

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:38 GMT
content-type: text/plain; charset=UTF-8
set-cookie: cf_clearance=34JKYoSqAwQdj10Z6bipIGYTFPCvqilLe5tS515qCSI-1710450098-1.0.1.1-OGPaEfypHjKHn6v1pzxvRjWXaWCHZA5R5elHH.eh99D7gG75_uKvM0lIs.Kia4BmRA9sJCGGn4dDNrlHfcEvYw; path=/; expires=Fri, 14-Mar-25 21:01:38 GMT; domain=.unknowncheats.me; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yASVE0mmgie1iFXaMe4qmm1IxKK%2Ffu6M9mvkPJFRUcQkZRuJweVMJeFqFSpeDj98D4qkFEyzadx1fO9sEbkhbzeZ9ih2c5SelV8UHWU%2Fv40wJXVcZwEGsGkk6p8ElKrDX9pgJmLm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 864733391cd8b7a8-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877&act=down&actionhash=guest

msedge.exe

Remote address:

104.26.12.251:443

Request

GET /forum/downloads.php?do=file&id=43877&act=down&actionhash=guest HTTP/2.0
host: www.unknowncheats.me
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: bbsessionhash=d1720465f965e23b4ded5e6d6e7053b5
cookie: bblastvisit=1710450095
cookie: bblastactivity=0
cookie: _ga=GA1.1.512387923.1710450096
cookie: _ga_WW5GLB1G9F=GS1.1.1710450095.1.0.1710450095.0.0.0
cookie: cf_clearance=34JKYoSqAwQdj10Z6bipIGYTFPCvqilLe5tS515qCSI-1710450098-1.0.1.1-OGPaEfypHjKHn6v1pzxvRjWXaWCHZA5R5elHH.eh99D7gG75_uKvM0lIs.Kia4BmRA9sJCGGn4dDNrlHfcEvYw

Response

HTTP/2.0 403

date: Thu, 14 Mar 2024 21:01:41 GMT
content-type: text/html; charset=ISO-8859-1
cache-control: private
pragma: private
x-ua-compatible: IE=7
vary: Accept-Encoding
set-cookie: bblastactivity=0; expires=Fri, 14-Mar-2025 21:01:40 GMT; Max-Age=31536000; path=/forum/; secure
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CHA9wk4H%2FFiTM4yr77nS0V6Y0NsgBPntmqgwB6fZ64PYjB%2FFxBxBV1qzyc%2FbN5CMvAF3IKUNtR1m4itbVCjvb%2FJmNJ%2B6SmQf4RPRn6GqbIrPapLWKPgJ%2Bdl2kE28BopWqKai33Oz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 864733476c55b7a8-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://www.unknowncheats.me/forum/clientscript/vbulletin_md5.js?v=387

msedge.exe

Remote address:

104.26.12.251:443

Request

GET /forum/clientscript/vbulletin_md5.js?v=387 HTTP/2.0
host: www.unknowncheats.me
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877&act=down&actionhash=guest
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: bbsessionhash=d1720465f965e23b4ded5e6d6e7053b5
cookie: bblastvisit=1710450095
cookie: bblastactivity=0
cookie: _ga=GA1.1.512387923.1710450096
cookie: cf_clearance=34JKYoSqAwQdj10Z6bipIGYTFPCvqilLe5tS515qCSI-1710450098-1.0.1.1-OGPaEfypHjKHn6v1pzxvRjWXaWCHZA5R5elHH.eh99D7gG75_uKvM0lIs.Kia4BmRA9sJCGGn4dDNrlHfcEvYw
cookie: lotame_domain_check=unknowncheats.me
cookie: _ga_WW5GLB1G9F=GS1.1.1710450095.1.0.1710450100.0.0.0

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:41 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"1558-4e3aff65e4dc0-gzip"
last-modified: Sun, 11 Aug 2013 18:13:19 GMT
vary: Accept-Encoding
cache-control: max-age=691200
cf-cache-status: HIT
age: 4015
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4MTddxQ58vimZm3g38SeUON%2BNh8Ll8UHX1PUc0D1WoFRbh6elQrskfs%2BgCn0vaf7LORFtrUWb2cBEuIeucUqL1PWT0l0XsbrpvBjUtr7Knyy3bVShtlC2rIuQOPRys%2Fj0l8d5vqc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8647334cb96cb7a8-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://www.unknowncheats.me/forum/ambience/misc/cat_back.png

msedge.exe

Remote address:

104.26.12.251:443

Request

GET /forum/ambience/misc/cat_back.png HTTP/2.0
host: www.unknowncheats.me
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.unknowncheats.me/forum/clientscript/vbulletin_css/style-01a2078a-00033.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: bbsessionhash=d1720465f965e23b4ded5e6d6e7053b5
cookie: bblastvisit=1710450095
cookie: bblastactivity=0
cookie: _ga=GA1.1.512387923.1710450096
cookie: cf_clearance=34JKYoSqAwQdj10Z6bipIGYTFPCvqilLe5tS515qCSI-1710450098-1.0.1.1-OGPaEfypHjKHn6v1pzxvRjWXaWCHZA5R5elHH.eh99D7gG75_uKvM0lIs.Kia4BmRA9sJCGGn4dDNrlHfcEvYw
cookie: lotame_domain_check=unknowncheats.me
cookie: _ga_WW5GLB1G9F=GS1.1.1710450095.1.0.1710450100.0.0.0

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:41 GMT
content-type: image/webp
content-length: 114
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=199
content-disposition: inline; filename="cat_back.webp"
etag: "c7-526e0501a8b80"
last-modified: Mon, 14 Dec 2015 19:02:22 GMT
vary: Accept
cache-control: max-age=691200
cf-cache-status: HIT
age: 6881
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aedJn15o5h3wVn4xQ2JN9JQYj7yzKO0VDnqHQIr7kP7GCnDmH3CnHEo4YYMQfjp5oKV5fWfmnitOVvUF%2FnQiNrSSUA0dwEP%2FU%2BGDuZlnRxoRS06dSmhgg675nSppes8jRq%2FXxeAo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8647334d29e2b7a8-AMS
alt-svc: h3=":443"; ma=86400
GET

https://www.unknowncheats.me/favicon.ico

msedge.exe

Remote address:

104.26.12.251:443

Request

GET /favicon.ico HTTP/2.0
host: www.unknowncheats.me
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877&act=down&actionhash=guest
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.1.512387923.1710450096
cookie: cf_clearance=34JKYoSqAwQdj10Z6bipIGYTFPCvqilLe5tS515qCSI-1710450098-1.0.1.1-OGPaEfypHjKHn6v1pzxvRjWXaWCHZA5R5elHH.eh99D7gG75_uKvM0lIs.Kia4BmRA9sJCGGn4dDNrlHfcEvYw
cookie: lotame_domain_check=unknowncheats.me
cookie: _ga_WW5GLB1G9F=GS1.1.1710450095.1.1.1710450100.0.0.0

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:42 GMT
content-type: image/vnd.microsoft.icon
last-modified: Sun, 11 Aug 2013 16:51:38 GMT
etag: W/"47e-4e3aed23efa80"
cache-control: max-age=691200
cf-cache-status: HIT
age: 2670
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JPS%2BQgb5LZm2lTDRPh1QANJtFueOYNixoejNYrAVgZvtDZ%2Bo8V8SY7a8UAhJOmUfXVmVWlaxiEYnOOOrM7jnZX%2F2zp3yjISKYCc%2F3PgF2ibFiwrd0ROrtZ9LR%2B4Qxnu%2BRv1Z2oad"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86473355ba0bb7a8-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
POST

https://www.unknowncheats.me/forum/login.php?do=login

msedge.exe

Remote address:

104.26.12.251:443

Request

POST /forum/login.php?do=login HTTP/2.0
host: www.unknowncheats.me
content-length: 298
cache-control: max-age=0
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
origin: https://www.unknowncheats.me
upgrade-insecure-requests: 1
dnt: 1
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877&act=down&actionhash=guest
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: bbsessionhash=d1720465f965e23b4ded5e6d6e7053b5
cookie: bblastvisit=1710450095
cookie: bblastactivity=0
cookie: _ga=GA1.1.512387923.1710450096
cookie: cf_clearance=34JKYoSqAwQdj10Z6bipIGYTFPCvqilLe5tS515qCSI-1710450098-1.0.1.1-OGPaEfypHjKHn6v1pzxvRjWXaWCHZA5R5elHH.eh99D7gG75_uKvM0lIs.Kia4BmRA9sJCGGn4dDNrlHfcEvYw
cookie: FCCDCF=%5Bnull%2Cnull%2Cnull%2C%5B%22CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA%22%2C%222~~dv.2072.70.89.93.108.122.149.2223.196.2253.2299.259.2328.2331.2357.311.313.323.2373.338.358.2415.385.415.449.2506.2526.486.494.495.2567.2568.2571.2572.2575.540.574.2624.609.2677.2710.2878.2898.864.981.1029.1048.1051.1067.1095.1097.1126.3234.1201.1205.1211.1276.1301.1329.1344.1365.1415.1423.1449.1451.1516.1570.1577.1598.1616.1651.1716.1735.1753.1765.1782.1870.1878.1889.1917.1958.1985%22%2C%2297543CFB-A3D3-4954-B24F-A64ECFF1C33C%22%5D%5D
cookie: _ga_WW5GLB1G9F=GS1.1.1710450095.1.1.1710450108.0.0.0
cookie: __eoi=ID=e21a8e2c9a50a3c6:T=1710450108:RT=1710450108:S=AA-Afjb5eUF17EnrnNz3_4eJKY8m

Response

HTTP/2.0 403

date: Thu, 14 Mar 2024 21:01:56 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: cjNF4C++pYHB3EWq/QFT6lGJ+wM5l2f2k/iB+pVHB6kPCEC+UkvCtX16NPWCExR8K08TlHdJnGD71fYLEXZpGlUs/VJ2zP0jG03+U2BdmiKLOSiORBdhkwnpCFeWAGhJRNEVCW4k5unTTE5llnU5Ag==$2pHIFGDwIk7/yij9KURz3A==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DGxGTEVwFqi4yw1UcRQ%2FOf5cPEdDGUS5nWsADW9bz2ZqrTQtDZFDsex4TJWVCk%2BwvNiHj8UQe8MfkdxAwU7jybkcV9DCrf377UWEIKAgU70ul2J6ErNDLx1VQNumQ1G7vPhxS4M7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 864733ab5c93b7a8-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://www.unknowncheats.me/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=864733ab5c93b7a8

msedge.exe

Remote address:

104.26.12.251:443

Request

GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=864733ab5c93b7a8 HTTP/2.0
host: www.unknowncheats.me
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.unknowncheats.me/forum/login.php?do=login&__cf_chl_rt_tk=oys2UE5fdUVVeBheJtCWONjMeFxu0iK76eQUmIAz.Iw-1710450116-0.0.1.1-1642
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.1.512387923.1710450096
cookie: cf_clearance=34JKYoSqAwQdj10Z6bipIGYTFPCvqilLe5tS515qCSI-1710450098-1.0.1.1-OGPaEfypHjKHn6v1pzxvRjWXaWCHZA5R5elHH.eh99D7gG75_uKvM0lIs.Kia4BmRA9sJCGGn4dDNrlHfcEvYw
cookie: FCCDCF=%5Bnull%2Cnull%2Cnull%2C%5B%22CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA%22%2C%222~~dv.2072.70.89.93.108.122.149.2223.196.2253.2299.259.2328.2331.2357.311.313.323.2373.338.358.2415.385.415.449.2506.2526.486.494.495.2567.2568.2571.2572.2575.540.574.2624.609.2677.2710.2878.2898.864.981.1029.1048.1051.1067.1095.1097.1126.3234.1201.1205.1211.1276.1301.1329.1344.1365.1415.1423.1449.1451.1516.1570.1577.1598.1616.1651.1716.1735.1753.1765.1782.1870.1878.1889.1917.1958.1985%22%2C%2297543CFB-A3D3-4954-B24F-A64ECFF1C33C%22%5D%5D
cookie: _ga_WW5GLB1G9F=GS1.1.1710450095.1.1.1710450108.0.0.0
cookie: __eoi=ID=e21a8e2c9a50a3c6:T=1710450108:RT=1710450108:S=AA-Afjb5eUF17EnrnNz3_4eJKY8m

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:56 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4oJtkED9mUfXk2i6SV1o9Evs5EIggWpy7GVzah7%2F6wrZWXClF5D4Dj%2FWkF29taZl8Rv2HR%2BlS0Bwp1Kl35zxqwoSmyHVrZJMlBvOvMCDb0OiBYChhwcmNDMrXJ1Z%2ByZm96EDuSbn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 864733ac1d62b7a8-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
POST

https://www.unknowncheats.me/cdn-cgi/challenge-platform/h/b/flow/ov1/759878661:1710447130:7dfE57-zyV_WVyzXWRxS5FryW-7AHdUWxdkX3qiH340/864733ab5c93b7a8/73ef8c59f4a6074

msedge.exe

Remote address:

104.26.12.251:443

Request

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/759878661:1710447130:7dfE57-zyV_WVyzXWRxS5FryW-7AHdUWxdkX3qiH340/864733ab5c93b7a8/73ef8c59f4a6074 HTTP/2.0
host: www.unknowncheats.me
content-length: 1996
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
content-type: application/x-www-form-urlencoded
sec-ch-ua-model:
cf-challenge: 73ef8c59f4a6074
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.unknowncheats.me
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/forum/login.php?do=login
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.1.512387923.1710450096
cookie: cf_clearance=34JKYoSqAwQdj10Z6bipIGYTFPCvqilLe5tS515qCSI-1710450098-1.0.1.1-OGPaEfypHjKHn6v1pzxvRjWXaWCHZA5R5elHH.eh99D7gG75_uKvM0lIs.Kia4BmRA9sJCGGn4dDNrlHfcEvYw
cookie: FCCDCF=%5Bnull%2Cnull%2Cnull%2C%5B%22CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA%22%2C%222~~dv.2072.70.89.93.108.122.149.2223.196.2253.2299.259.2328.2331.2357.311.313.323.2373.338.358.2415.385.415.449.2506.2526.486.494.495.2567.2568.2571.2572.2575.540.574.2624.609.2677.2710.2878.2898.864.981.1029.1048.1051.1067.1095.1097.1126.3234.1201.1205.1211.1276.1301.1329.1344.1365.1415.1423.1449.1451.1516.1570.1577.1598.1616.1651.1716.1735.1753.1765.1782.1870.1878.1889.1917.1958.1985%22%2C%2297543CFB-A3D3-4954-B24F-A64ECFF1C33C%22%5D%5D
cookie: __eoi=ID=e21a8e2c9a50a3c6:T=1710450108:RT=1710450108:S=AA-Afjb5eUF17EnrnNz3_4eJKY8m
cookie: _ga_WW5GLB1G9F=GS1.1.1710450095.1.1.1710450115.0.0.0
cookie: cf_chl_3=73ef8c59f4a6074

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:56 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: C22qwUjAp35VKBdR3Qvj6OFAldUVYKkh8olTnosGcwFgGlEzFpKGTkcqJNYpOcLL$mVav6oSwHN+QWsXogvTRPQ==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R6I%2B6Nj8uWPwXaJkYB2yjasAH8wHo0K1X2ND92iE74mIWCyNYuC3eAhxGuPBXJhighkAtH5O%2FrHXXh5vy1ld8768BLuAqZeu2U9yc2UKwG3e5Q6KCWOcezg99kU%2Bg0Zp0p54QwTB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 864733ad8ea3b7a8-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
POST

https://www.unknowncheats.me/cdn-cgi/challenge-platform/h/b/flow/ov1/759878661:1710447130:7dfE57-zyV_WVyzXWRxS5FryW-7AHdUWxdkX3qiH340/864733ab5c93b7a8/73ef8c59f4a6074

msedge.exe

Remote address:

104.26.12.251:443

Request

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/759878661:1710447130:7dfE57-zyV_WVyzXWRxS5FryW-7AHdUWxdkX3qiH340/864733ab5c93b7a8/73ef8c59f4a6074 HTTP/2.0
host: www.unknowncheats.me
content-length: 3382
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
content-type: application/x-www-form-urlencoded
sec-ch-ua-model:
cf-challenge: 73ef8c59f4a6074
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.unknowncheats.me
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/forum/login.php?do=login
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.1.512387923.1710450096
cookie: cf_clearance=34JKYoSqAwQdj10Z6bipIGYTFPCvqilLe5tS515qCSI-1710450098-1.0.1.1-OGPaEfypHjKHn6v1pzxvRjWXaWCHZA5R5elHH.eh99D7gG75_uKvM0lIs.Kia4BmRA9sJCGGn4dDNrlHfcEvYw
cookie: FCCDCF=%5Bnull%2Cnull%2Cnull%2C%5B%22CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA%22%2C%222~~dv.2072.70.89.93.108.122.149.2223.196.2253.2299.259.2328.2331.2357.311.313.323.2373.338.358.2415.385.415.449.2506.2526.486.494.495.2567.2568.2571.2572.2575.540.574.2624.609.2677.2710.2878.2898.864.981.1029.1048.1051.1067.1095.1097.1126.3234.1201.1205.1211.1276.1301.1329.1344.1365.1415.1423.1449.1451.1516.1570.1577.1598.1616.1651.1716.1735.1753.1765.1782.1870.1878.1889.1917.1958.1985%22%2C%2297543CFB-A3D3-4954-B24F-A64ECFF1C33C%22%5D%5D
cookie: __eoi=ID=e21a8e2c9a50a3c6:T=1710450108:RT=1710450108:S=AA-Afjb5eUF17EnrnNz3_4eJKY8m
cookie: _ga_WW5GLB1G9F=GS1.1.1710450095.1.1.1710450115.0.0.0
cookie: cf_chl_3=73ef8c59f4a6074

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:01 GMT
content-type: text/html; charset=UTF-8
set-cookie: cf_chl_rc_m=;Expires=Wed, 13 Mar 2024 21:02:01 GMT;SameSite=Strict
cf-chl-out: 3mLecTeScbFyFDAQ1+RRlKGxBZl/Wli1oGIlGtX6cIzR7ZoOXaYBonI59v6RphPq23UdPOGEcXbZPSpNVu8mRw==$4lpWnDeh6dos3RMWxZ5RAQ==
cf-chl-out-s: JaVmXv1F8KSYSvb3tmy6Ug/3v0YZFyDfm4/4Tq/Yg0U+REUi2xnXYvxVW8Zw9udF82prfOJdN8TH22Vn3pao54laFtkKbLT1B09gECp+WkNwwRX/+2MyTJwdqsr8UCOKHBYpJ6LLNYyr2CzbZkW+OKmCVHrItkMkp1WEsjsHXEVDbwKyzBoir8NkSBgb5HD5h2cP7hRm6HyKxNRb7xrSxCjFSTOb6SJiUCemYhp7b+Zj+RSHSkRlP35tvEUA2OqIrsih0+16qw2DfYxV4BrSrf3MGKm/y9mn8NQC/23Iu5I1GTsEDaKHeMdjC/PM8s21rZBIqT5IOTlZ9a/het/NfvU8XT9XX0CJ+Uftg0NbUnurGxOpuyTpDqvxB3ocrN+aUPxm9D5eU0/TUnXAQXSxCyabVE2L4surXutKOoONs59R9h6sDbin6i/IGP1Abff4IAOayI0MCncjcefSWM1iwSADXP2KMxROkHJHFlGJY8fqP7fZ35keIPYB2lQtwa1bLGCHPCemJeaNi4iK5O0PirSEdpbp8XI7VooTo1qHJd+/S2pW0dwA/jT8SNcHx3FN$1cgdsUeixvqmMq/Yp317gw==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hg22ibCPSDKe7m4pD%2FeBhwDcluiYb91MzsNLzhMLEf9FNaTKigliMJu7euOPYFGJzxc7kbu5r83uIdmKfFPNGxBHXyTv9Z2etPxHhVhI8XQjXNXUHH9g9VQYAU%2BZqhdvGP988GnY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 864733c958b8b7a8-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
POST

https://www.unknowncheats.me/forum/login.php?do=login

msedge.exe

Remote address:

104.26.12.251:443

Request

POST /forum/login.php?do=login HTTP/2.0
host: www.unknowncheats.me
content-length: 5458
cache-control: max-age=0
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-arch: "x86"
sec-ch-ua-platform: "Windows"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model: ""
origin: https://www.unknowncheats.me
upgrade-insecure-requests: 1
dnt: 1
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://www.unknowncheats.me/forum/login.php?do=login&__cf_chl_tk=oys2UE5fdUVVeBheJtCWONjMeFxu0iK76eQUmIAz.Iw-1710450116-0.0.1.1-1642
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: bbsessionhash=d1720465f965e23b4ded5e6d6e7053b5
cookie: bblastvisit=1710450095
cookie: bblastactivity=0
cookie: _ga=GA1.1.512387923.1710450096
cookie: cf_clearance=34JKYoSqAwQdj10Z6bipIGYTFPCvqilLe5tS515qCSI-1710450098-1.0.1.1-OGPaEfypHjKHn6v1pzxvRjWXaWCHZA5R5elHH.eh99D7gG75_uKvM0lIs.Kia4BmRA9sJCGGn4dDNrlHfcEvYw
cookie: FCCDCF=%5Bnull%2Cnull%2Cnull%2C%5B%22CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA%22%2C%222~~dv.2072.70.89.93.108.122.149.2223.196.2253.2299.259.2328.2331.2357.311.313.323.2373.338.358.2415.385.415.449.2506.2526.486.494.495.2567.2568.2571.2572.2575.540.574.2624.609.2677.2710.2878.2898.864.981.1029.1048.1051.1067.1095.1097.1126.3234.1201.1205.1211.1276.1301.1329.1344.1365.1415.1423.1449.1451.1516.1570.1577.1598.1616.1651.1716.1735.1753.1765.1782.1870.1878.1889.1917.1958.1985%22%2C%2297543CFB-A3D3-4954-B24F-A64ECFF1C33C%22%5D%5D
cookie: __eoi=ID=e21a8e2c9a50a3c6:T=1710450108:RT=1710450108:S=AA-Afjb5eUF17EnrnNz3_4eJKY8m
cookie: _ga_WW5GLB1G9F=GS1.1.1710450095.1.1.1710450115.0.0.0
cookie: cf_chl_3=73ef8c59f4a6074

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:02 GMT
content-type: text/html; charset=ISO-8859-1
set-cookie: cf_chl_3=; path=/; expires=Thu, Jan 01 1970 00:00:00 UTC; domain=.unknowncheats.me; Secure
set-cookie: cf_clearance=5mK7OWXi2MUo2DJS4nxoinVk9Btdu5vD9zhMJLa5ACA-1710450116-1.0.1.1-cIEzYMW5.yC2lfSSLohGruhOIVLCTN9k5OFcLL6HZwZD4aZB_khHsXwqg.3wiYm5_N.7YGXRxdQHZLCvPRsOjQ; path=/; expires=Fri, 14-Mar-25 21:02:01 GMT; domain=.unknowncheats.me; HttpOnly; Secure; SameSite=None
cache-control: private
pragma: private
x-ua-compatible: IE=7
vary: Accept-Encoding
set-cookie: bblastactivity=0; expires=Fri, 14-Mar-2025 21:02:01 GMT; Max-Age=31536000; path=/forum/; secure
set-cookie: forum_experience=%2COERPemwzVmFpQT09%2C; expires=Fri, 12-Jul-2024 21:02:02 GMT; Max-Age=10368000; path=/
set-cookie: bbsessionhash=3b639d3dc7aae4425056c99371d7218a; path=/forum/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y9Dp%2FpD2XU1i9pTWBRJoFwQcea8daVaYnhfyGHFMAgM9DQf68f7qb68q%2BsFgcddxK50RBGpvtqaAicJVTmsz1m%2BfuGKMJeqO1uY%2BlkGtfiG5M5zrbtpbHywSn5Wr%2FPgvgIMfkQ8Y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 864733ca29b2b7a8-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877&act=down&actionhash=guest

msedge.exe

Remote address:

104.26.12.251:443

Request

GET /forum/downloads.php?do=file&id=43877&act=down&actionhash=guest HTTP/2.0
host: www.unknowncheats.me
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-arch: "x86"
sec-ch-ua-platform: "Windows"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model: ""
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
referer: https://www.unknowncheats.me/forum/login.php?do=login
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: bblastvisit=1710450095
cookie: bblastactivity=0
cookie: bbsessionhash=3b639d3dc7aae4425056c99371d7218a
cookie: _ga=GA1.1.512387923.1710450096
cookie: FCCDCF=%5Bnull%2Cnull%2Cnull%2C%5B%22CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA%22%2C%222~~dv.2072.70.89.93.108.122.149.2223.196.2253.2299.259.2328.2331.2357.311.313.323.2373.338.358.2415.385.415.449.2506.2526.486.494.495.2567.2568.2571.2572.2575.540.574.2624.609.2677.2710.2878.2898.864.981.1029.1048.1051.1067.1095.1097.1126.3234.1201.1205.1211.1276.1301.1329.1344.1365.1415.1423.1449.1451.1516.1570.1577.1598.1616.1651.1716.1735.1753.1765.1782.1870.1878.1889.1917.1958.1985%22%2C%2297543CFB-A3D3-4954-B24F-A64ECFF1C33C%22%5D%5D
cookie: __eoi=ID=e21a8e2c9a50a3c6:T=1710450108:RT=1710450108:S=AA-Afjb5eUF17EnrnNz3_4eJKY8m
cookie: cf_chl_3=73ef8c59f4a6074
cookie: cf_clearance=5mK7OWXi2MUo2DJS4nxoinVk9Btdu5vD9zhMJLa5ACA-1710450116-1.0.1.1-cIEzYMW5.yC2lfSSLohGruhOIVLCTN9k5OFcLL6HZwZD4aZB_khHsXwqg.3wiYm5_N.7YGXRxdQHZLCvPRsOjQ
cookie: forum_experience=%2COERPemwzVmFpQT09%2C
cookie: _ga_WW5GLB1G9F=GS1.1.1710450095.1.1.1710450121.0.0.0
cookie: lotame_domain_check=unknowncheats.me
cookie: panoramaId_expiry=1710536522676

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:02:05 GMT
content-type: text/html; charset=ISO-8859-1
location: https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877
cache-control: private
pragma: private
x-ua-compatible: IE=7
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8YBm6lvB7vYMzb%2FywmetEXQy%2Bm0YF7UuJj32JW52%2BT3luczAX3pAYDOShAuF%2BTSyiO9Tqe8cDIykmbRV2n9OAXZgP%2BA%2FPH2mBdxXI45QCvcqmSk6LIOFOQxAMm0pLLxhoDWzQL2J"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 864733e51c9db7a8-AMS
alt-svc: h3=":443"; ma=86400
GET

https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877

msedge.exe

Remote address:

104.26.12.251:443

Request

GET /forum/downloads.php?do=file&id=43877 HTTP/2.0
host: www.unknowncheats.me
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-arch: "x86"
sec-ch-ua-platform: "Windows"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model: ""
referer: https://www.unknowncheats.me/forum/login.php?do=login
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: bblastvisit=1710450095
cookie: bblastactivity=0
cookie: bbsessionhash=3b639d3dc7aae4425056c99371d7218a
cookie: _ga=GA1.1.512387923.1710450096
cookie: FCCDCF=%5Bnull%2Cnull%2Cnull%2C%5B%22CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA%22%2C%222~~dv.2072.70.89.93.108.122.149.2223.196.2253.2299.259.2328.2331.2357.311.313.323.2373.338.358.2415.385.415.449.2506.2526.486.494.495.2567.2568.2571.2572.2575.540.574.2624.609.2677.2710.2878.2898.864.981.1029.1048.1051.1067.1095.1097.1126.3234.1201.1205.1211.1276.1301.1329.1344.1365.1415.1423.1449.1451.1516.1570.1577.1598.1616.1651.1716.1735.1753.1765.1782.1870.1878.1889.1917.1958.1985%22%2C%2297543CFB-A3D3-4954-B24F-A64ECFF1C33C%22%5D%5D
cookie: __eoi=ID=e21a8e2c9a50a3c6:T=1710450108:RT=1710450108:S=AA-Afjb5eUF17EnrnNz3_4eJKY8m
cookie: cf_chl_3=73ef8c59f4a6074
cookie: cf_clearance=5mK7OWXi2MUo2DJS4nxoinVk9Btdu5vD9zhMJLa5ACA-1710450116-1.0.1.1-cIEzYMW5.yC2lfSSLohGruhOIVLCTN9k5OFcLL6HZwZD4aZB_khHsXwqg.3wiYm5_N.7YGXRxdQHZLCvPRsOjQ
cookie: forum_experience=%2COERPemwzVmFpQT09%2C
cookie: _ga_WW5GLB1G9F=GS1.1.1710450095.1.1.1710450121.0.0.0
cookie: lotame_domain_check=unknowncheats.me
cookie: panoramaId_expiry=1710536522676

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:06 GMT
content-type: text/html; charset=ISO-8859-1
cache-control: private
pragma: private
x-ua-compatible: IE=7
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A1oudvsZvtsJ9KYq5cN7CV7pllbf5%2FhHG8ROkJrYC0FpDqrGRolruDzoDIFEgG1iKQ7%2BlzzX16mbloT5VzZL6F%2BkAVfLCZxEBo2s%2B10YUtAUZrUBSPcQs0rms%2BoW5gp5m3ER2nTQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 864733e74f19b7a8-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://www.unknowncheats.me/forum/ambience/misc/ambience_nav_discord.png

msedge.exe

Remote address:

104.26.12.251:443

Request

GET /forum/ambience/misc/ambience_nav_discord.png HTTP/2.0
host: www.unknowncheats.me
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: bblastvisit=1710450095
cookie: bblastactivity=0
cookie: bbsessionhash=3b639d3dc7aae4425056c99371d7218a
cookie: _ga=GA1.1.512387923.1710450096
cookie: FCCDCF=%5Bnull%2Cnull%2Cnull%2C%5B%22CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA%22%2C%222~~dv.2072.70.89.93.108.122.149.2223.196.2253.2299.259.2328.2331.2357.311.313.323.2373.338.358.2415.385.415.449.2506.2526.486.494.495.2567.2568.2571.2572.2575.540.574.2624.609.2677.2710.2878.2898.864.981.1029.1048.1051.1067.1095.1097.1126.3234.1201.1205.1211.1276.1301.1329.1344.1365.1415.1423.1449.1451.1516.1570.1577.1598.1616.1651.1716.1735.1753.1765.1782.1870.1878.1889.1917.1958.1985%22%2C%2297543CFB-A3D3-4954-B24F-A64ECFF1C33C%22%5D%5D
cookie: __eoi=ID=e21a8e2c9a50a3c6:T=1710450108:RT=1710450108:S=AA-Afjb5eUF17EnrnNz3_4eJKY8m
cookie: cf_chl_3=73ef8c59f4a6074
cookie: cf_clearance=5mK7OWXi2MUo2DJS4nxoinVk9Btdu5vD9zhMJLa5ACA-1710450116-1.0.1.1-cIEzYMW5.yC2lfSSLohGruhOIVLCTN9k5OFcLL6HZwZD4aZB_khHsXwqg.3wiYm5_N.7YGXRxdQHZLCvPRsOjQ
cookie: forum_experience=%2COERPemwzVmFpQT09%2C
cookie: lotame_domain_check=unknowncheats.me
cookie: panoramaId_expiry=1710536522676
cookie: _ga_WW5GLB1G9F=GS1.1.1710450095.1.1.1710450125.0.0.0

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:06 GMT
content-type: image/webp
content-length: 238
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=423
content-disposition: inline; filename="ambience_nav_discord.webp"
etag: "1a7-54f650c7775c0"
last-modified: Sat, 13 May 2017 10:11:43 GMT
vary: Accept
cache-control: max-age=691200
cf-cache-status: HIT
age: 1363
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Ypt5JKGWW6MWmKhWIfnvBjP4rTsCBaetClr7ReubD234pSyD9u80SyDqeOoqsp23VplSNZojRUpp4au3r70kcFv1kNSV%2Bh%2FkqKh7flHAL9EuKz%2FbLU3FIpBfNnnALIVV9EpCZTq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 864733ed4d0fb7a8-AMS
alt-svc: h3=":443"; ma=86400
GET

https://www.unknowncheats.me/forum/ambience/misc/ambience_nav_cp.png

msedge.exe

Remote address:

104.26.12.251:443

Request

GET /forum/ambience/misc/ambience_nav_cp.png HTTP/2.0
host: www.unknowncheats.me
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: bblastvisit=1710450095
cookie: bblastactivity=0
cookie: bbsessionhash=3b639d3dc7aae4425056c99371d7218a
cookie: _ga=GA1.1.512387923.1710450096
cookie: FCCDCF=%5Bnull%2Cnull%2Cnull%2C%5B%22CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA%22%2C%222~~dv.2072.70.89.93.108.122.149.2223.196.2253.2299.259.2328.2331.2357.311.313.323.2373.338.358.2415.385.415.449.2506.2526.486.494.495.2567.2568.2571.2572.2575.540.574.2624.609.2677.2710.2878.2898.864.981.1029.1048.1051.1067.1095.1097.1126.3234.1201.1205.1211.1276.1301.1329.1344.1365.1415.1423.1449.1451.1516.1570.1577.1598.1616.1651.1716.1735.1753.1765.1782.1870.1878.1889.1917.1958.1985%22%2C%2297543CFB-A3D3-4954-B24F-A64ECFF1C33C%22%5D%5D
cookie: __eoi=ID=e21a8e2c9a50a3c6:T=1710450108:RT=1710450108:S=AA-Afjb5eUF17EnrnNz3_4eJKY8m
cookie: cf_chl_3=73ef8c59f4a6074
cookie: cf_clearance=5mK7OWXi2MUo2DJS4nxoinVk9Btdu5vD9zhMJLa5ACA-1710450116-1.0.1.1-cIEzYMW5.yC2lfSSLohGruhOIVLCTN9k5OFcLL6HZwZD4aZB_khHsXwqg.3wiYm5_N.7YGXRxdQHZLCvPRsOjQ
cookie: forum_experience=%2COERPemwzVmFpQT09%2C
cookie: lotame_domain_check=unknowncheats.me
cookie: panoramaId_expiry=1710536522676
cookie: _ga_WW5GLB1G9F=GS1.1.1710450095.1.1.1710450125.0.0.0

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:06 GMT
content-type: image/gif
content-length: 65
cf-bgj: imgq:85,h2pri
cf-polished: status=not_needed
etag: "41-4eb8b5c3807c0"
last-modified: Tue, 19 Nov 2013 17:54:47 GMT
cache-control: max-age=691200
cf-cache-status: HIT
age: 1253
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=coQjoNc%2FCM1R9fmKGod34t2eetAiX9rSlZ5CJr9xSQYL51LRZtdtukT%2BsXAEtfDcqavrjgh8bKDrax4RnflHHdl10GSeOGHG%2FmoHXxfDpmgNu8KVNtBvu1nC27eQ7khxcFwGoOqy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 864733ed4d15b7a8-AMS
alt-svc: h3=":443"; ma=86400
GET

https://www.unknowncheats.me/forum/ambience/misc/q_links.gif

msedge.exe

Remote address:

104.26.12.251:443

Request

GET /forum/ambience/misc/q_links.gif HTTP/2.0
host: www.unknowncheats.me
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: bblastvisit=1710450095
cookie: bblastactivity=0
cookie: bbsessionhash=3b639d3dc7aae4425056c99371d7218a
cookie: _ga=GA1.1.512387923.1710450096
cookie: FCCDCF=%5Bnull%2Cnull%2Cnull%2C%5B%22CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA%22%2C%222~~dv.2072.70.89.93.108.122.149.2223.196.2253.2299.259.2328.2331.2357.311.313.323.2373.338.358.2415.385.415.449.2506.2526.486.494.495.2567.2568.2571.2572.2575.540.574.2624.609.2677.2710.2878.2898.864.981.1029.1048.1051.1067.1095.1097.1126.3234.1201.1205.1211.1276.1301.1329.1344.1365.1415.1423.1449.1451.1516.1570.1577.1598.1616.1651.1716.1735.1753.1765.1782.1870.1878.1889.1917.1958.1985%22%2C%2297543CFB-A3D3-4954-B24F-A64ECFF1C33C%22%5D%5D
cookie: __eoi=ID=e21a8e2c9a50a3c6:T=1710450108:RT=1710450108:S=AA-Afjb5eUF17EnrnNz3_4eJKY8m
cookie: cf_chl_3=73ef8c59f4a6074
cookie: cf_clearance=5mK7OWXi2MUo2DJS4nxoinVk9Btdu5vD9zhMJLa5ACA-1710450116-1.0.1.1-cIEzYMW5.yC2lfSSLohGruhOIVLCTN9k5OFcLL6HZwZD4aZB_khHsXwqg.3wiYm5_N.7YGXRxdQHZLCvPRsOjQ
cookie: forum_experience=%2COERPemwzVmFpQT09%2C
cookie: lotame_domain_check=unknowncheats.me
cookie: panoramaId_expiry=1710536522676
cookie: _ga_WW5GLB1G9F=GS1.1.1710450095.1.1.1710450125.0.0.0

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:06 GMT
content-type: image/webp
content-length: 232
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=gif, origSize=440
content-disposition: inline; filename="q_links.webp"
etag: "1b8-4eb8b5c568c40"
last-modified: Tue, 19 Nov 2013 17:54:49 GMT
vary: Accept
cache-control: max-age=691200
cf-cache-status: HIT
age: 1363
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2EWo47aL6fsGSC6JQv523B9mIf0XX1fA%2BHmBAU3XNg9j86YJXaN%2FWfDK0ZkjxCj2pT9vOnkdQBJTlsxKiwyytXNAmu24buX7BqOAdz5yMcui2RmVuwSxGnlT6AE2P8KiE6eUXbdh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 864733ed4d13b7a8-AMS
alt-svc: h3=":443"; ma=86400
GET

https://www.unknowncheats.me/forum/ambience/misc/ambience_nav_search.gif

msedge.exe

Remote address:

104.26.12.251:443

Request

GET /forum/ambience/misc/ambience_nav_search.gif HTTP/2.0
host: www.unknowncheats.me
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: bblastvisit=1710450095
cookie: bblastactivity=0
cookie: bbsessionhash=3b639d3dc7aae4425056c99371d7218a
cookie: _ga=GA1.1.512387923.1710450096
cookie: FCCDCF=%5Bnull%2Cnull%2Cnull%2C%5B%22CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA%22%2C%222~~dv.2072.70.89.93.108.122.149.2223.196.2253.2299.259.2328.2331.2357.311.313.323.2373.338.358.2415.385.415.449.2506.2526.486.494.495.2567.2568.2571.2572.2575.540.574.2624.609.2677.2710.2878.2898.864.981.1029.1048.1051.1067.1095.1097.1126.3234.1201.1205.1211.1276.1301.1329.1344.1365.1415.1423.1449.1451.1516.1570.1577.1598.1616.1651.1716.1735.1753.1765.1782.1870.1878.1889.1917.1958.1985%22%2C%2297543CFB-A3D3-4954-B24F-A64ECFF1C33C%22%5D%5D
cookie: __eoi=ID=e21a8e2c9a50a3c6:T=1710450108:RT=1710450108:S=AA-Afjb5eUF17EnrnNz3_4eJKY8m
cookie: cf_chl_3=73ef8c59f4a6074
cookie: cf_clearance=5mK7OWXi2MUo2DJS4nxoinVk9Btdu5vD9zhMJLa5ACA-1710450116-1.0.1.1-cIEzYMW5.yC2lfSSLohGruhOIVLCTN9k5OFcLL6HZwZD4aZB_khHsXwqg.3wiYm5_N.7YGXRxdQHZLCvPRsOjQ
cookie: forum_experience=%2COERPemwzVmFpQT09%2C
cookie: lotame_domain_check=unknowncheats.me
cookie: panoramaId_expiry=1710536522676
cookie: _ga_WW5GLB1G9F=GS1.1.1710450095.1.1.1710450125.0.0.0

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:06 GMT
content-type: image/webp
content-length: 250
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=307
content-disposition: inline; filename="ambience_nav_cp.webp"
etag: "133-526e0500b4940"
last-modified: Mon, 14 Dec 2015 19:02:21 GMT
vary: Accept
cache-control: max-age=691200
cf-cache-status: HIT
age: 1363
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OUOmUl3qrjIo0wrMHtBr59bFQOviklCFxKi8E0qwpS2ALtyLyJEhi5G4xLC6JDVn9O17fAYI2gXrVq9xarwArg2hdmP6pcsf%2FfUs0YBLBEiFmE6HRyFuwk7N9Dne3U0r39IMb29E"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 864733ed4d11b7a8-AMS
alt-svc: h3=":443"; ma=86400
GET

https://www.unknowncheats.me/forum/ambience/misc/menu_open.gif

msedge.exe

Remote address:

104.26.12.251:443

Request

GET /forum/ambience/misc/menu_open.gif HTTP/2.0
host: www.unknowncheats.me
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: bblastvisit=1710450095
cookie: bblastactivity=0
cookie: bbsessionhash=3b639d3dc7aae4425056c99371d7218a
cookie: _ga=GA1.1.512387923.1710450096
cookie: FCCDCF=%5Bnull%2Cnull%2Cnull%2C%5B%22CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA%22%2C%222~~dv.2072.70.89.93.108.122.149.2223.196.2253.2299.259.2328.2331.2357.311.313.323.2373.338.358.2415.385.415.449.2506.2526.486.494.495.2567.2568.2571.2572.2575.540.574.2624.609.2677.2710.2878.2898.864.981.1029.1048.1051.1067.1095.1097.1126.3234.1201.1205.1211.1276.1301.1329.1344.1365.1415.1423.1449.1451.1516.1570.1577.1598.1616.1651.1716.1735.1753.1765.1782.1870.1878.1889.1917.1958.1985%22%2C%2297543CFB-A3D3-4954-B24F-A64ECFF1C33C%22%5D%5D
cookie: __eoi=ID=e21a8e2c9a50a3c6:T=1710450108:RT=1710450108:S=AA-Afjb5eUF17EnrnNz3_4eJKY8m
cookie: cf_chl_3=73ef8c59f4a6074
cookie: cf_clearance=5mK7OWXi2MUo2DJS4nxoinVk9Btdu5vD9zhMJLa5ACA-1710450116-1.0.1.1-cIEzYMW5.yC2lfSSLohGruhOIVLCTN9k5OFcLL6HZwZD4aZB_khHsXwqg.3wiYm5_N.7YGXRxdQHZLCvPRsOjQ
cookie: forum_experience=%2COERPemwzVmFpQT09%2C
cookie: lotame_domain_check=unknowncheats.me
cookie: panoramaId_expiry=1710536522676
cookie: _ga_WW5GLB1G9F=GS1.1.1710450095.1.1.1710450125.0.0.0

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:06 GMT
content-type: image/webp
content-length: 246
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=gif, origSize=446
content-disposition: inline; filename="ambience_nav_search.webp"
etag: "1be-4eb8b5bcd3800"
last-modified: Tue, 19 Nov 2013 17:54:40 GMT
vary: Accept
cache-control: max-age=691200
cf-cache-status: HIT
age: 1363
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HtkyIFUjT%2BqmdyqBsyS5IqXEvuwmFT6jK72%2B%2Byl%2Feq13Ohg7aBNFjfQjBZQ4sCc2NpAT2Re0NqJxR2hWlbm%2BKusxt%2BVPCfSwqc%2Fk7wbI6NNLrG3UPZAP0UQqM5aTLUZ44eBLhD6N"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 864733ed4d14b7a8-AMS
alt-svc: h3=":443"; ma=86400
GET

https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877&act=down&actionhash=1710450126-b124aabd4f2bbabe77b6f39fcf4c1889906ff6fc

msedge.exe

Remote address:

104.26.12.251:443

Request

GET /forum/downloads.php?do=file&id=43877&act=down&actionhash=1710450126-b124aabd4f2bbabe77b6f39fcf4c1889906ff6fc HTTP/2.0
host: www.unknowncheats.me
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-arch: "x86"
sec-ch-ua-platform: "Windows"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model: ""
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: bblastvisit=1710450095
cookie: bblastactivity=0
cookie: bbsessionhash=3b639d3dc7aae4425056c99371d7218a
cookie: _ga=GA1.1.512387923.1710450096
cookie: FCCDCF=%5Bnull%2Cnull%2Cnull%2C%5B%22CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA%22%2C%222~~dv.2072.70.89.93.108.122.149.2223.196.2253.2299.259.2328.2331.2357.311.313.323.2373.338.358.2415.385.415.449.2506.2526.486.494.495.2567.2568.2571.2572.2575.540.574.2624.609.2677.2710.2878.2898.864.981.1029.1048.1051.1067.1095.1097.1126.3234.1201.1205.1211.1276.1301.1329.1344.1365.1415.1423.1449.1451.1516.1570.1577.1598.1616.1651.1716.1735.1753.1765.1782.1870.1878.1889.1917.1958.1985%22%2C%2297543CFB-A3D3-4954-B24F-A64ECFF1C33C%22%5D%5D
cookie: __eoi=ID=e21a8e2c9a50a3c6:T=1710450108:RT=1710450108:S=AA-Afjb5eUF17EnrnNz3_4eJKY8m
cookie: cf_chl_3=73ef8c59f4a6074
cookie: cf_clearance=5mK7OWXi2MUo2DJS4nxoinVk9Btdu5vD9zhMJLa5ACA-1710450116-1.0.1.1-cIEzYMW5.yC2lfSSLohGruhOIVLCTN9k5OFcLL6HZwZD4aZB_khHsXwqg.3wiYm5_N.7YGXRxdQHZLCvPRsOjQ
cookie: forum_experience=%2COERPemwzVmFpQT09%2C
cookie: lotame_domain_check=unknowncheats.me
cookie: panoramaId_expiry=1710536522676
cookie: _ga_WW5GLB1G9F=GS1.1.1710450095.1.1.1710450125.0.0.0

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:13 GMT
content-type: application/zip; name="UnbanMe_[unknowncheats.me]_.zip";
content-length: 1866802
x-ua-compatible: IE=7
pragma: public
expires: 0
cache-control: must-revalidate, post-check=0, pre-check=0, private
content-disposition: attachment; filename="UnbanMe_[unknowncheats.me]_.zip";
content-transfer-encoding: binary
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XiiIGgmlLsnoDdWopKpF%2BzxbiVaNWjgZHLZYADxx21R3oJP7j0Yq6UGEZHC7MMYfKr8zAlSFEmXhLWe5txVQ4yXhN2ChpJhd9PpLZg720KX018%2FiC6xVZnOehqZChf6RZR1Kf%2BwC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86473413ac90b7a8-AMS
alt-svc: h3=":443"; ma=86400
DNS

68.159.190.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

68.159.190.20.in-addr.arpa

IN PTR

Response
DNS

251.12.26.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

251.12.26.104.in-addr.arpa

IN PTR

Response
DNS

13.86.106.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

13.86.106.20.in-addr.arpa

IN PTR

Response
DNS

240.221.184.93.in-addr.arpa

Remote address:

8.8.8.8:53

Request

240.221.184.93.in-addr.arpa

IN PTR

Response
DNS

95.221.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.221.229.192.in-addr.arpa

IN PTR

Response
DNS

cdn.adligature.com

msedge.exe

Remote address:

8.8.8.8:53

Request

cdn.adligature.com

IN A

Response

cdn.adligature.com

IN A

188.114.96.2

cdn.adligature.com

IN A

188.114.97.2
GET

https://cdn.adligature.com/ucheats/prod/rules.js

msedge.exe

Remote address:

188.114.96.2:443

Request

GET /ucheats/prod/rules.js HTTP/2.0
host: cdn.adligature.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:37 GMT
content-type: application/javascript
age: 393
cache-control: public, max-age=1800, s-maxage=600, must-revalidate
cf-bgj: minify
cf-polished: origSize=216209
etag: W/"3d16e6969e7ddcb7e86de70e8afb7689"
expires: Thu, 14 Mar 2024 20:56:12 GMT
last-modified: Mon, 11 Mar 2024 18:15:00 GMT
x-guploader-uploadid: ABPtcPrCO6xilmRR54i8kiWehLE9qJ9J3uJpI2FjHhQk3CyqkLvPdFxkszhRMqgzC2lIa3gvrPXgUJ3fqA
x-goog-generation: 1710180900842561
x-goog-hash: crc32c=sgi32w==
x-goog-hash: md5=PRbmlp593LfobecOivt2iQ==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 216209
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o8yq0mqMvXA2pzddbKMJMz%2BWxd76Cviz8hFvJLGLw7nQe8dWV0VgtzyxVsXWe886Ax0tBCIgvAegvJ7d%2BnQwjfta1%2FZd0lLi20CpfvrM5N5Rpk21pGizd1NlCakjDf1RWLGWBcA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 86473332a9376514-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://cdn.adligature.com/ucheats/prod/prebid-8.40.0.js

msedge.exe

Remote address:

188.114.96.2:443

Request

GET /ucheats/prod/prebid-8.40.0.js HTTP/2.0
host: cdn.adligature.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:37 GMT
content-type: application/javascript
cache-control: public, max-age=900, s-maxage=300, must-revalidate
cf-bgj: minify
cf-polished: origSize=412461
etag: W/"e78ef4b109301ffb6fe3a60b8b3a528c"
expires: Thu, 14 Mar 2024 21:04:52 GMT
last-modified: Mon, 11 Mar 2024 18:14:57 GMT
x-guploader-uploadid: ABPtcPoiBZT9PRAD95dIkCpEVOxnjWysuImX7yaSz8yxNPdw1sDU89_XMHDogdD0SNl52LtIZKw
x-goog-generation: 1710180897862424
x-goog-hash: crc32c=FXfwGQ==
x-goog-hash: md5=5470sQkwH/tv46YLizpSjA==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 412461
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ol%2ByX2Qr5833B8pIAYlzdvoCe4UdeLQR7aNitEXnHZbcmFcZNGQp8gMajHG0XIaMqXZ8R7omhpXthvmqmQ3p6dkhke76vxK8AJlaYJOOhf1wZxO%2FL2pwiosJxP%2BH7LTSJGDNP7I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 86473335ef026514-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
DNS

apps.identrust.com

msedge.exe

Remote address:

8.8.8.8:53

Request

apps.identrust.com

IN A

Response

apps.identrust.com

IN CNAME

identrust.edgesuite.net

identrust.edgesuite.net

IN CNAME

a1952.dscq.akamai.net

a1952.dscq.akamai.net

IN A

96.17.179.205

a1952.dscq.akamai.net

IN A

96.17.179.184
DNS

apps.identrust.com

msedge.exe

Remote address:

8.8.8.8:53

Request

apps.identrust.com

IN A
DNS

2.96.114.188.in-addr.arpa

Remote address:

8.8.8.8:53

Request

2.96.114.188.in-addr.arpa

IN PTR

Response
GET

http://apps.identrust.com/roots/dstrootcax3.p7c

msedge.exe

Remote address:

96.17.179.205:80

Request

GET /roots/dstrootcax3.p7c HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/10.0
Host: apps.identrust.com

Response

HTTP/1.1 200 OK

X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
Referrer-Policy: same-origin
Last-Modified: Fri, 13 Oct 2023 16:28:31 GMT
ETag: "37d-6079b8c0929c0"
Accept-Ranges: bytes
Content-Length: 893
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
Content-Type: application/pkcs7-mime
Cache-Control: max-age=3600
Expires: Thu, 14 Mar 2024 22:01:36 GMT
Date: Thu, 14 Mar 2024 21:01:36 GMT
Connection: keep-alive
DNS

pro.ip-api.com

msedge.exe

Remote address:

8.8.8.8:53

Request

pro.ip-api.com

IN A

Response

pro.ip-api.com

IN A

208.95.112.2
DNS

pro.ip-api.com

msedge.exe

Remote address:

8.8.8.8:53

Request

pro.ip-api.com

IN A
DNS

232.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

232.179.250.142.in-addr.arpa

IN PTR

Response

232.179.250.142.in-addr.arpa

IN PTR

lhr25s31-in-f81e100net
DNS

232.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

232.179.250.142.in-addr.arpa

IN PTR
DNS

238.16.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

238.16.217.172.in-addr.arpa

IN PTR

Response

238.16.217.172.in-addr.arpa

IN PTR

lhr48s28-in-f141e100net

238.16.217.172.in-addr.arpa

IN PTR

mad08s04-in-f14�I
DNS

238.16.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

238.16.217.172.in-addr.arpa

IN PTR
DNS

205.179.17.96.in-addr.arpa

Remote address:

8.8.8.8:53

Request

205.179.17.96.in-addr.arpa

IN PTR

Response

205.179.17.96.in-addr.arpa

IN PTR

a96-17-179-205deploystaticakamaitechnologiescom
DNS

205.179.17.96.in-addr.arpa

Remote address:

8.8.8.8:53

Request

205.179.17.96.in-addr.arpa

IN PTR
DNS

securepubads.g.doubleclick.net

msedge.exe

Remote address:

8.8.8.8:53

Request

securepubads.g.doubleclick.net

IN A

Response

securepubads.g.doubleclick.net

IN CNAME

securepubads46.g.doubleclick.net

securepubads46.g.doubleclick.net

IN A

172.217.169.34
DNS

ajax.googleapis.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ajax.googleapis.com

IN A

Response

ajax.googleapis.com

IN A

142.250.187.202
DNS

c.amazon-adsystem.com

msedge.exe

Remote address:

8.8.8.8:53

Request

c.amazon-adsystem.com

IN A

Response

c.amazon-adsystem.com

IN CNAME

d1ykf07e75w7ss.cloudfront.net

d1ykf07e75w7ss.cloudfront.net

IN A

13.224.223.9
GET

https://securepubads.g.doubleclick.net/tag/js/gpt.js

msedge.exe

Remote address:

172.217.169.34:443

Request

GET /tag/js/gpt.js HTTP/2.0
host: securepubads.g.doubleclick.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403130101/pubads_impl.js

msedge.exe

Remote address:

172.217.169.34:443

Request

GET /pagead/managed/js/gpt/m202403130101/pubads_impl.js HTTP/2.0
host: securepubads.g.doubleclick.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://c.amazon-adsystem.com/aax2/apstag.js

msedge.exe

Remote address:

13.224.223.9:443

Request

GET /aax2/apstag.js HTTP/2.0
host: c.amazon-adsystem.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript
last-modified: Wed, 06 Mar 2024 21:59:50 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
via: 1.1 5dcf6621f285f97fa4781de4d191d288.cloudfront.net (CloudFront), 1.1 5da47734f496c05ba90c546c024fb778.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
date: Thu, 14 Mar 2024 20:44:17 GMT
cache-control: max-age=3600
etag: W/"4f9091ca1740c69dd8d2e945b57ade3e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: LHR61-C2
x-amz-cf-id: xnQE9V05Amdg9qYv2DYLNSTzk0DwrOclC7roip0jIXNvBSUc4dL31g==
age: 1044
GET

https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.unknowncheats.me&pubid=7e29cf92-dbd2-479a-865a-9cb3658a40f8

msedge.exe

Remote address:

13.224.223.9:443

Request

GET /cdn/prod/config?src=600&u=https%3A%2F%2Fwww.unknowncheats.me&pubid=7e29cf92-dbd2-479a-865a-9cb3658a40f8 HTTP/2.0
host: c.amazon-adsystem.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.unknowncheats.me
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/json;charset=UTF-8
content-length: 1894
access-control-allow-origin: https://www.unknowncheats.me
access-control-allow-credentials: true
cache-control: max-age=21550, s-maxage=21600
date: Thu, 14 Mar 2024 16:17:26 GMT
server: Server
x-cache: Hit from cloudfront
via: 1.1 5da47734f496c05ba90c546c024fb778.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
x-amz-cf-id: WMmM8r12mqI-w7wmE1Sh3hrPBjmKimNQxWg2m8P3DXcULA2tm2FiRQ==
age: 17053
GET

https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js

msedge.exe

Remote address:

13.224.223.9:443

Request

GET /bao-csm/aps-comm/aps_csm.js HTTP/2.0
host: c.amazon-adsystem.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.unknowncheats.me
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
server: AmazonS3
content-encoding: gzip
date: Thu, 14 Mar 2024 08:09:03 GMT
cache-control: public, max-age=86400
etag: W/"a4d296427fc806b21335359e398c025c"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 5da47734f496c05ba90c546c024fb778.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
x-amz-cf-id: asBT61zLPtUPr5tTWeMtu5GkcozCz6-2zLA4JyXSa5-mcEW7pstFKw==
age: 70719
HEAD

https://cdn.adligature.com/

msedge.exe

Remote address:

188.114.96.2:443

Request

HEAD / HTTP/2.0
host: cdn.adligature.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:37 GMT
content-type: text/html
x-guploader-uploadid: ABPtcPpJyxqwjAKAGxasCAxEy4_Ntj5ApTAO0OsUmBwYfd2DWM5Wfml2uUUf1olKAkfsA0Z7ae8
x-goog-generation: 1516138953284078
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 3
content-language: en
x-goog-hash: crc32c=1qb8Eg==
x-goog-hash: md5=02+PlCXEqAAK2cSpcYWspQ==
x-goog-storage-class: MULTI_REGIONAL
expires: Thu, 14 Mar 2024 21:57:19 GMT
cache-control: public, max-age=3600
age: 258
last-modified: Tue, 16 Jan 2018 21:42:33 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GjkHHRwMtDy5Ett9CFI1cWEGBn5pzHtojZuv7kjM9MLlgj7JuxSl%2BWfqeuBUggHP6OPEJvR9kGJQJf9xow2pidiI9dddsYHNWAm%2F9G6QZhRqgjBlCdayxfdGbWWd0RsWFhFHru8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-origin: *
server: cloudflare
cf-ray: 86473337fbd2dc8b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
HEAD

https://cdn.adligature.com/

msedge.exe

Remote address:

188.114.96.2:443

Request

HEAD / HTTP/2.0
host: cdn.adligature.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:41 GMT
content-type: text/html
x-guploader-uploadid: ABPtcPpJyxqwjAKAGxasCAxEy4_Ntj5ApTAO0OsUmBwYfd2DWM5Wfml2uUUf1olKAkfsA0Z7ae8
x-goog-generation: 1516138953284078
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 3
content-language: en
x-goog-hash: crc32c=1qb8Eg==
x-goog-hash: md5=02+PlCXEqAAK2cSpcYWspQ==
x-goog-storage-class: MULTI_REGIONAL
expires: Thu, 14 Mar 2024 21:57:19 GMT
cache-control: public, max-age=3600
age: 262
last-modified: Tue, 16 Jan 2018 21:42:33 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K5w5iFkwXEL%2Bwqz5f4bCeShcdljy6s3bkzPiuI6z%2Fjz%2BWyWDWsFLnvtf0uARVaVoTc9pKhiD2aV8jon0XBFbfnwfP5QKwSQQ7IzP7szScWfx22WAxaRfvRoG9vMHlcVYeJftxtQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-origin: *
server: cloudflare
cf-ray: 8647334dfc23dc8b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
HEAD

https://cdn.adligature.com/

msedge.exe

Remote address:

188.114.96.2:443

Request

HEAD / HTTP/2.0
host: cdn.adligature.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:02 GMT
content-type: text/html
x-guploader-uploadid: ABPtcPpJyxqwjAKAGxasCAxEy4_Ntj5ApTAO0OsUmBwYfd2DWM5Wfml2uUUf1olKAkfsA0Z7ae8
x-goog-generation: 1516138953284078
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 3
content-language: en
x-goog-hash: crc32c=1qb8Eg==
x-goog-hash: md5=02+PlCXEqAAK2cSpcYWspQ==
x-goog-storage-class: MULTI_REGIONAL
expires: Thu, 14 Mar 2024 21:57:19 GMT
cache-control: public, max-age=3600
age: 283
last-modified: Tue, 16 Jan 2018 21:42:33 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=frH%2BIdwVG9uEI7q2fvCpJ2X7lk0oIRREyWUbJ74NzOB3c1LpGC%2FW%2FL53zVFsU0rhLrf16kKKLnhqQplMoHVTSiCLWCpZMARJNmaJf1DzdWU2q7pg5H83ZqDVdwVOUlU9e98pqUM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-origin: *
server: cloudflare
cf-ray: 864733d16896dc8b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
HEAD

https://cdn.adligature.com/

msedge.exe

Remote address:

188.114.96.2:443

Request

HEAD / HTTP/2.0
host: cdn.adligature.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:11 GMT
content-type: text/html
x-guploader-uploadid: ABPtcPpJyxqwjAKAGxasCAxEy4_Ntj5ApTAO0OsUmBwYfd2DWM5Wfml2uUUf1olKAkfsA0Z7ae8
x-goog-generation: 1516138953284078
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 3
content-language: en
x-goog-hash: crc32c=1qb8Eg==
x-goog-hash: md5=02+PlCXEqAAK2cSpcYWspQ==
x-goog-storage-class: MULTI_REGIONAL
expires: Thu, 14 Mar 2024 21:57:19 GMT
cache-control: public, max-age=3600
age: 292
last-modified: Tue, 16 Jan 2018 21:42:33 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lPWdJdwrDCspXQD4PqTQrzEi2H8BfTSV%2FqFq%2FdHKGQCCq4JOGm6Y2UxqgZbMUmyhw8wfVtoLRlYLllX6fH4HGRcoJ33uv0sX5aRf8bnAhsJtZ2KmDr%2B0mZUFPFTUruDORbiQc6s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-origin: *
server: cloudflare
cf-ray: 8647340b1a58dc8b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

msedge.exe

Remote address:

142.250.187.202:443

Request

GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/2.0
host: ajax.googleapis.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://pro.ip-api.com/json/?key=ZxSSLwZtxrKxQbv&fields=status,countryCode,region,timezone,mobile,continentCode

msedge.exe

Remote address:

208.95.112.2:443

Request

GET /json/?key=ZxSSLwZtxrKxQbv&fields=status,countryCode,region,timezone,mobile,continentCode HTTP/1.1
Host: pro.ip-api.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.unknowncheats.me
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.unknowncheats.me/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Access-Control-Allow-Origin: *
Content-Type: application/json; charset=utf-8
Date: Thu, 14 Mar 2024 21:01:38 GMT
Content-Length: 117
DNS

9.223.224.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

9.223.224.13.in-addr.arpa

IN PTR

Response

9.223.224.13.in-addr.arpa

IN PTR

server-13-224-223-9lhr61r cloudfrontnet
DNS

34.169.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

34.169.217.172.in-addr.arpa

IN PTR

Response

34.169.217.172.in-addr.arpa

IN PTR

lhr48s08-in-f21e100net
DNS

202.187.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

202.187.250.142.in-addr.arpa

IN PTR

Response

202.187.250.142.in-addr.arpa

IN PTR

lhr25s33-in-f101e100net
DNS

2.112.95.208.in-addr.arpa

Remote address:

8.8.8.8:53

Request

2.112.95.208.in-addr.arpa

IN PTR

Response
DNS

idrs.adtelligent.com

msedge.exe

Remote address:

8.8.8.8:53

Request

idrs.adtelligent.com

IN A

Response

idrs.adtelligent.com

IN A

62.149.0.74
DNS

us-central1-wrapper-analytics-prod.cloudfunctions.net

msedge.exe

Remote address:

8.8.8.8:53

Request

us-central1-wrapper-analytics-prod.cloudfunctions.net

IN A

Response

us-central1-wrapper-analytics-prod.cloudfunctions.net

IN A

216.239.36.54
DNS

id5-sync.com

msedge.exe

Remote address:

8.8.8.8:53

Request

id5-sync.com

IN A

Response

id5-sync.com

IN A

162.19.138.83

id5-sync.com

IN A

162.19.138.120

id5-sync.com

IN A

162.19.138.119

id5-sync.com

IN A

162.19.138.116

id5-sync.com

IN A

162.19.138.118

id5-sync.com

IN A

141.95.98.64

id5-sync.com

IN A

162.19.138.117

id5-sync.com

IN A

162.19.138.82

id5-sync.com

IN A

141.95.33.120

id5-sync.com

IN A

141.95.98.65
DNS

gum.criteo.com

msedge.exe

Remote address:

8.8.8.8:53

Request

gum.criteo.com

IN A

Response

gum.criteo.com

IN CNAME

gum.nl3.vip.prod.criteo.com

gum.nl3.vip.prod.criteo.com

IN A

178.250.1.11
DNS

id.a-mx.com

msedge.exe

Remote address:

8.8.8.8:53

Request

id.a-mx.com

IN A

Response

id.a-mx.com

IN A

79.127.227.46

id.a-mx.com

IN A

79.127.216.47
DNS

tagan.adlightning.com

msedge.exe

Remote address:

8.8.8.8:53

Request

tagan.adlightning.com

IN A

Response

tagan.adlightning.com

IN A

216.137.44.72

tagan.adlightning.com

IN A

216.137.44.76

tagan.adlightning.com

IN A

216.137.44.108

tagan.adlightning.com

IN A

216.137.44.59
DNS

fundingchoicesmessages.google.com

msedge.exe

Remote address:

8.8.8.8:53

Request

fundingchoicesmessages.google.com

IN A

Response

fundingchoicesmessages.google.com

IN CNAME

www3.l.google.com

www3.l.google.com

IN A

172.217.16.238
OPTIONS

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.unknowncheats.me%2F&domain=www.unknowncheats.me&cw=1&lsw=1

msedge.exe

Remote address:

178.250.1.11:443

Request

OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.unknowncheats.me%2F&domain=www.unknowncheats.me&cw=1&lsw=1 HTTP/2.0
host: gum.criteo.com
accept: */*
access-control-request-method: GET
access-control-request-headers: content-type
origin: https://www.unknowncheats.me
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-mode: cors
sec-fetch-site: cross-site
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/json; charset=utf-8
date: Thu, 14 Mar 2024 21:01:40 GMT
server: Kestrel
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.unknowncheats.me
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 214773
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
GET

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.unknowncheats.me%2F&domain=www.unknowncheats.me&cw=1&lsw=1

msedge.exe

Remote address:

178.250.1.11:443

Request

GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.unknowncheats.me%2F&domain=www.unknowncheats.me&cw=1&lsw=1 HTTP/2.0
host: gum.criteo.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: */*
origin: https://www.unknowncheats.me
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/json; charset=utf-8
date: Thu, 14 Mar 2024 21:01:39 GMT
server: Kestrel
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://www.unknowncheats.me
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 244058
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
GET

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.unknowncheats.me%2F&domain=www.unknowncheats.me&cw=1&lsw=1

msedge.exe

Remote address:

178.250.1.11:443

Request

GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.unknowncheats.me%2F&domain=www.unknowncheats.me&cw=1&lsw=1 HTTP/2.0
host: gum.criteo.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: */*
origin: https://www.unknowncheats.me
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/json; charset=utf-8
date: Thu, 14 Mar 2024 21:01:41 GMT
server: Kestrel
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://www.unknowncheats.me
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 203683
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
POST

https://id5-sync.com/api/config/prebid

msedge.exe

Remote address:

162.19.138.83:443

Request

POST /api/config/prebid HTTP/2.0
host: id5-sync.com
content-length: 122
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://www.unknowncheats.me
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

vary: Origin
vary: Access-Control-Request-Method
vary: Access-Control-Request-Headers
access-control-allow-origin: https://www.unknowncheats.me
vary: Origin
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
date: Thu, 14 Mar 2024 21:01:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
POST

https://id5-sync.com/g/v2/1102.json

msedge.exe

Remote address:

162.19.138.83:443

Request

POST /g/v2/1102.json HTTP/2.0
host: id5-sync.com
content-length: 379
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://www.unknowncheats.me
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

p3p: CP="CAO PSA OUR"
set-cookie: id5=0; Max-Age=7775999; Expires=Wed, 12 Jun 2024 21:01:40 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
access-control-allow-origin: https://www.unknowncheats.me
vary: Origin
access-control-allow-credentials: true
content-type: application/json
date: Thu, 14 Mar 2024 21:01:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
OPTIONS

https://us-central1-wrapper-analytics-prod.cloudfunctions.net/send_pageviews

msedge.exe

Remote address:

216.239.36.54:443

Request

OPTIONS /send_pageviews HTTP/2.0
host: us-central1-wrapper-analytics-prod.cloudfunctions.net
accept: */*
access-control-request-method: POST
access-control-request-headers: content-type
origin: https://www.unknowncheats.me
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-mode: cors
sec-fetch-site: cross-site
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://id.a-mx.com/sync/?tagId=&ref=https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877&u=https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877&act=down&actionhash=guest&tl=https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877&act=down&actionhash=guest&nf=0&rt=true&v=8.40.0&av=2.0&vg=advpbjs&us_privacy=null&am=null&gdpr=0&gdpr_consent=

msedge.exe

Remote address:

79.127.227.46:443

Request

GET /sync/?tagId=&ref=https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877&u=https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877&act=down&actionhash=guest&tl=https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877&act=down&actionhash=guest&nf=0&rt=true&v=8.40.0&av=2.0&vg=advpbjs&us_privacy=null&am=null&gdpr=0&gdpr_consent= HTTP/1.1
Host: id.a-mx.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
Accept: */*
Origin: https://www.unknowncheats.me
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.unknowncheats.me/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

date: Thu, 14 Mar 2024 21:01:41 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.unknowncheats.me
content-type: application/json
content-length: 66
GET

https://tagan.adlightning.com/advally-mcm/op.js

msedge.exe

Remote address:

216.137.44.72:443

Request

GET /advally-mcm/op.js HTTP/2.0
host: tagan.adlightning.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript
content-length: 6653
last-modified: Thu, 14 Mar 2024 19:24:26 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-git_commit: 904ac2d
content-encoding: gzip
x-amz-version-id: _9P_gnGsIPvDNsK_wNto3.GRTeAfzXun
accept-ranges: bytes
server: AmazonS3
date: Thu, 14 Mar 2024 20:26:34 GMT
cache-control: max-age=3600
etag: "7c2211ebf261dcb4c69acc1a4c3b2f75"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5f684ddc3ff7bc889dac29fa9e51915a.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P2
x-amz-cf-id: ots28wQo01lr7U5V-U9RDkjRKZ6YCWrHUydpv5oBaVTy8C8TOZNhPg==
age: 2108
GET

https://tagan.adlightning.com/advally-mcm/b-904ac2d-12d92d49.js

msedge.exe

Remote address:

216.137.44.72:443

Request

GET /advally-mcm/b-904ac2d-12d92d49.js HTTP/2.0
host: tagan.adlightning.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript
content-length: 25769
date: Mon, 12 Feb 2024 15:30:30 GMT
last-modified: Mon, 12 Feb 2024 15:30:17 GMT
etag: "c0cf3ee0d8e9c832cbeafbee996bed47"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000
x-amz-meta-git_commit: 904ac2d
content-encoding: gzip
x-amz-version-id: oANubeOFy7dRhb3Ym9KiNySjuyvgUG.B
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 5f684ddc3ff7bc889dac29fa9e51915a.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P2
x-amz-cf-id: D8q0ix4uXqDaoN4DqJ6tbNjhUXwQEp7gAQzz-k9ymMmjd4gaugqpNg==
age: 2698272
GET

https://tagan.adlightning.com/advally-mcm/bl-258c125-fcf6aea2.js

msedge.exe

Remote address:

216.137.44.72:443

Request

GET /advally-mcm/bl-258c125-fcf6aea2.js HTTP/2.0
host: tagan.adlightning.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript
content-length: 35521
date: Thu, 14 Mar 2024 19:26:33 GMT
last-modified: Thu, 14 Mar 2024 19:23:59 GMT
etag: "66364083710acc713ffdecd80d4e873e"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000
x-amz-meta-git_commit: 258c125
content-encoding: gzip
x-amz-version-id: 1DCeTEQT4.PQaadv.FN4bBVDj2qztb25
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 5f684ddc3ff7bc889dac29fa9e51915a.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P2
x-amz-cf-id: Ny-bTPBcozQBn8DZMVTJawE4-nXS4h2SgElwzkM0eGbV7VLPebhPFQ==
age: 5709
DNS

config.aps.amazon-adsystem.com

msedge.exe

Remote address:

8.8.8.8:53

Request

config.aps.amazon-adsystem.com

IN A

Response

config.aps.amazon-adsystem.com

IN A

52.84.90.40

config.aps.amazon-adsystem.com

IN A

52.84.90.106

config.aps.amazon-adsystem.com

IN A

52.84.90.126

config.aps.amazon-adsystem.com

IN A

52.84.90.86
DNS

aax.amazon-adsystem.com

msedge.exe

Remote address:

8.8.8.8:53

Request

aax.amazon-adsystem.com

IN A

Response

aax.amazon-adsystem.com

IN CNAME

aax-dtb-cf.amazon-adsystem.com

aax-dtb-cf.amazon-adsystem.com

IN CNAME

aax-dtb-cf.amazon-adsystem.amazon.com

aax-dtb-cf.amazon-adsystem.amazon.com

IN CNAME

d1jvc9b8z3vcjs.cloudfront.net

d1jvc9b8z3vcjs.cloudfront.net

IN A

18.155.122.233
GET

https://config.aps.amazon-adsystem.com/configs/7e29cf92-dbd2-479a-865a-9cb3658a40f8

msedge.exe

Remote address:

52.84.90.40:443

Request

GET /configs/7e29cf92-dbd2-479a-865a-9cb3658a40f8 HTTP/2.0
host: config.aps.amazon-adsystem.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript
content-length: 563
server: CloudFront
date: Thu, 14 Mar 2024 20:02:59 GMT
cache-control: max-age=3600
x-cache: Hit from cloudfront
via: 1.1 b65847a7ad45381be5cfdaa6e8987064.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: Drq0o0TOOxut0maWsUkEhf5ObDe0K0jhiQ1Crt9rEw-8a8iEj-ftCQ==
age: 3521
GET

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%3Fdo%3Dfile%26id%3D43877&pid=HLKMWNq2cgL7a&cb=0&ws=1280x609&v=24.305.1002&t=1500&slots=%5B%7B%22sd%22%3A%22advally-adhesion-slot%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22Top_Leaderboard_2%22%2C%22s%22%3A%5B%22468x60%22%2C%22320x100%22%5D%7D%2C%7B%22sd%22%3A%22Skyscraper_Downloads_Page_1%22%2C%22s%22%3A%5B%22160x600%22%5D%7D%2C%7B%22sd%22%3A%22Footer_Downloads_Page_2%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&sg=%7B%22ortb2%22%3A%7B%22site%22%3A%7B%22name%22%3A%22UnknownCheats%22%2C%22domain%22%3A%22unknowncheats.me%22%2C%22cattax%22%3A7%2C%22cat%22%3A%5B%5D%2C%22sectioncat%22%3A%5B%5D%2C%22pagecat%22%3A%5B%5D%2C%22page%22%3A%22https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%22%7D%7D%7D&schain=1.0%2C1!advally.com%2CP33S16%2C1%2C%2C%2C&pubid=7e29cf92-dbd2-479a-865a-9cb3658a40f8&gdprl=%7B%22status%22%3A%22no-cmp%22%2C%22cmpTimeout%22%3A2000%7D

msedge.exe

Remote address:

18.155.122.233:443

Request

GET /e/dtb/bid?src=600&u=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%3Fdo%3Dfile%26id%3D43877&pid=HLKMWNq2cgL7a&cb=0&ws=1280x609&v=24.305.1002&t=1500&slots=%5B%7B%22sd%22%3A%22advally-adhesion-slot%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22Top_Leaderboard_2%22%2C%22s%22%3A%5B%22468x60%22%2C%22320x100%22%5D%7D%2C%7B%22sd%22%3A%22Skyscraper_Downloads_Page_1%22%2C%22s%22%3A%5B%22160x600%22%5D%7D%2C%7B%22sd%22%3A%22Footer_Downloads_Page_2%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&sg=%7B%22ortb2%22%3A%7B%22site%22%3A%7B%22name%22%3A%22UnknownCheats%22%2C%22domain%22%3A%22unknowncheats.me%22%2C%22cattax%22%3A7%2C%22cat%22%3A%5B%5D%2C%22sectioncat%22%3A%5B%5D%2C%22pagecat%22%3A%5B%5D%2C%22page%22%3A%22https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%22%7D%7D%7D&schain=1.0%2C1!advally.com%2CP33S16%2C1%2C%2C%2C&pubid=7e29cf92-dbd2-479a-865a-9cb3658a40f8&gdprl=%7B%22status%22%3A%22no-cmp%22%2C%22cmpTimeout%22%3A2000%7D HTTP/2.0
host: aax.amazon-adsystem.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.unknowncheats.me
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/javascript;charset=UTF-8
content-length: 23
access-control-allow-origin: https://www.unknowncheats.me
access-control-allow-credentials: true
timing-allow-origin: *
date: Thu, 14 Mar 2024 21:01:40 GMT
server: Server
x-cache: Miss from cloudfront
via: 1.1 5cb605e8100138acccc04f094724133e.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P4
x-amz-cf-id: tj-FB-cNwRNOWp_twCHoVv7XZjt1RjsmHDWMb3grH-z4TrekjimqhA==
GET

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%3Fdo%3Dfile%26id%3D43877%26act%3Ddown%26actionhash%3Dguest&pr=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%3Fdo%3Dfile%26id%3D43877&pid=Q0XBdy9BK3paU&cb=0&ws=1280x609&v=24.305.1002&t=1500&slots=%5B%7B%22sd%22%3A%22advally-adhesion-slot%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22Top_Leaderboard_2%22%2C%22s%22%3A%5B%22468x60%22%2C%22320x100%22%5D%7D%5D&sg=%7B%22ortb2%22%3A%7B%22site%22%3A%7B%22name%22%3A%22UnknownCheats%22%2C%22domain%22%3A%22unknowncheats.me%22%2C%22cattax%22%3A7%2C%22cat%22%3A%5B%5D%2C%22sectioncat%22%3A%5B%5D%2C%22pagecat%22%3A%5B%5D%2C%22page%22%3A%22https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%22%7D%7D%7D&schain=1.0%2C1!advally.com%2CP33S16%2C1%2C%2C%2C&pubid=7e29cf92-dbd2-479a-865a-9cb3658a40f8&gdprl=%7B%22status%22%3A%22no-cmp%22%2C%22cmpTimeout%22%3A2000%7D

msedge.exe

Remote address:

18.155.122.233:443

Request

GET /e/dtb/bid?src=600&u=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%3Fdo%3Dfile%26id%3D43877%26act%3Ddown%26actionhash%3Dguest&pr=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%3Fdo%3Dfile%26id%3D43877&pid=Q0XBdy9BK3paU&cb=0&ws=1280x609&v=24.305.1002&t=1500&slots=%5B%7B%22sd%22%3A%22advally-adhesion-slot%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22Top_Leaderboard_2%22%2C%22s%22%3A%5B%22468x60%22%2C%22320x100%22%5D%7D%5D&sg=%7B%22ortb2%22%3A%7B%22site%22%3A%7B%22name%22%3A%22UnknownCheats%22%2C%22domain%22%3A%22unknowncheats.me%22%2C%22cattax%22%3A7%2C%22cat%22%3A%5B%5D%2C%22sectioncat%22%3A%5B%5D%2C%22pagecat%22%3A%5B%5D%2C%22page%22%3A%22https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%22%7D%7D%7D&schain=1.0%2C1!advally.com%2CP33S16%2C1%2C%2C%2C&pubid=7e29cf92-dbd2-479a-865a-9cb3658a40f8&gdprl=%7B%22status%22%3A%22no-cmp%22%2C%22cmpTimeout%22%3A2000%7D HTTP/2.0
host: aax.amazon-adsystem.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.unknowncheats.me
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/javascript;charset=UTF-8
content-length: 23
access-control-allow-origin: https://www.unknowncheats.me
access-control-allow-credentials: true
timing-allow-origin: *
date: Thu, 14 Mar 2024 21:01:40 GMT
server: Server
x-cache: Miss from cloudfront
via: 1.1 5cb605e8100138acccc04f094724133e.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P4
x-amz-cf-id: pW_RorWIL5VxAmPlSVsoatSQw125jGGwPt9qvISD78FeYpQDmCpNYQ==
GET

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%3Fdo%3Dfile%26id%3D43877&pr=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Flogin.php%3Fdo%3Dlogin&pid=HNCnugxhSzCC4&cb=0&ws=1280x609&v=24.305.1002&t=1500&slots=%5B%7B%22sd%22%3A%22Footer_Downloads_Page_2%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&sg=%7B%22ortb2%22%3A%7B%22site%22%3A%7B%22name%22%3A%22UnknownCheats%22%2C%22domain%22%3A%22unknowncheats.me%22%2C%22cattax%22%3A7%2C%22cat%22%3A%5B%5D%2C%22sectioncat%22%3A%5B%5D%2C%22pagecat%22%3A%5B%5D%2C%22page%22%3A%22https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%22%7D%7D%7D&schain=1.0%2C1!advally.com%2CP33S16%2C1%2C%2C%2C&pubid=7e29cf92-dbd2-479a-865a-9cb3658a40f8&gdpre=1&gdprc=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

msedge.exe

Remote address:

18.155.122.233:443

Request

GET /e/dtb/bid?src=600&u=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%3Fdo%3Dfile%26id%3D43877&pr=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Flogin.php%3Fdo%3Dlogin&pid=HNCnugxhSzCC4&cb=0&ws=1280x609&v=24.305.1002&t=1500&slots=%5B%7B%22sd%22%3A%22Footer_Downloads_Page_2%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&sg=%7B%22ortb2%22%3A%7B%22site%22%3A%7B%22name%22%3A%22UnknownCheats%22%2C%22domain%22%3A%22unknowncheats.me%22%2C%22cattax%22%3A7%2C%22cat%22%3A%5B%5D%2C%22sectioncat%22%3A%5B%5D%2C%22pagecat%22%3A%5B%5D%2C%22page%22%3A%22https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%22%7D%7D%7D&schain=1.0%2C1!advally.com%2CP33S16%2C1%2C%2C%2C&pubid=7e29cf92-dbd2-479a-865a-9cb3658a40f8&gdpre=1&gdprc=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D HTTP/2.0
host: aax.amazon-adsystem.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.unknowncheats.me
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/javascript;charset=UTF-8
content-length: 23
access-control-allow-origin: https://www.unknowncheats.me
access-control-allow-credentials: true
timing-allow-origin: *
date: Thu, 14 Mar 2024 21:02:11 GMT
server: Server
x-cache: Miss from cloudfront
via: 1.1 5cb605e8100138acccc04f094724133e.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P4
x-amz-cf-id: -o4y2i0RrHsBQScxUoY0Eq2pYs0T0CUL4Va3rdvJgoamQAmQ3FF3fw==
OPTIONS

https://idrs.adtelligent.com/get?gdpr=0&gdprConsent=

msedge.exe

Remote address:

62.149.0.74:443

Request

OPTIONS /get?gdpr=0&gdprConsent= HTTP/1.1
Host: idrs.adtelligent.com
Connection: keep-alive
Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.unknowncheats.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Sec-Fetch-Dest: empty
Referer: https://www.unknowncheats.me/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: VertaMedia 1.0
Date: Thu, 14 Mar 2024 21:01:40 GMT
Content-Length: 0
Access-Control-Allow-Origin: https://www.unknowncheats.me
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Access-Control-Allow-Methods: OPTIONS,GET,POST
Access-Control-Allow-Headers: content-type
OPTIONS

https://idrs.adtelligent.com/get?gdpr=1&gdprConsent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA

msedge.exe

Remote address:

62.149.0.74:443

Request

OPTIONS /get?gdpr=1&gdprConsent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA HTTP/1.1
Host: idrs.adtelligent.com
Connection: keep-alive
Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.unknowncheats.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Sec-Fetch-Dest: empty
Referer: https://www.unknowncheats.me/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: VertaMedia 1.0
Date: Thu, 14 Mar 2024 21:02:02 GMT
Content-Length: 0
Access-Control-Allow-Origin: https://www.unknowncheats.me
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Access-Control-Allow-Methods: OPTIONS,GET,POST
Access-Control-Allow-Headers: content-type
DNS

6.39.156.108.in-addr.arpa

Remote address:

8.8.8.8:53

Request

6.39.156.108.in-addr.arpa

IN PTR

Response

6.39.156.108.in-addr.arpa

IN PTR

server-108-156-39-6lhr50r cloudfrontnet
DNS

54.36.239.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

54.36.239.216.in-addr.arpa

IN PTR

Response
DNS

11.1.250.178.in-addr.arpa

Remote address:

8.8.8.8:53

Request

11.1.250.178.in-addr.arpa

IN PTR

Response
DNS

72.44.137.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

72.44.137.216.in-addr.arpa

IN PTR

Response

72.44.137.216.in-addr.arpa

IN PTR

server-216-137-44-72lhr61r cloudfrontnet
DNS

46.227.127.79.in-addr.arpa

Remote address:

8.8.8.8:53

Request

46.227.127.79.in-addr.arpa

IN PTR

Response

46.227.127.79.in-addr.arpa

IN PTR

unn-79-127-227-46 datapacketcom
DNS

83.138.19.162.in-addr.arpa

Remote address:

8.8.8.8:53

Request

83.138.19.162.in-addr.arpa

IN PTR

Response

83.138.19.162.in-addr.arpa

IN PTR

ns31532338 ip-162-19-138eu
DNS

cdn.id5-sync.com

msedge.exe

Remote address:

8.8.8.8:53

Request

cdn.id5-sync.com

IN A

Response

cdn.id5-sync.com

IN A

104.22.52.86

cdn.id5-sync.com

IN A

172.67.38.106

cdn.id5-sync.com

IN A

104.22.53.86
DNS

cdn.hadronid.net

msedge.exe

Remote address:

8.8.8.8:53

Request

cdn.hadronid.net

IN A

Response

cdn.hadronid.net

IN A

104.22.52.173

cdn.hadronid.net

IN A

104.22.53.173

cdn.hadronid.net

IN A

172.67.36.110
DNS

tags.crwdcntrl.net

msedge.exe

Remote address:

8.8.8.8:53

Request

tags.crwdcntrl.net

IN A

Response

tags.crwdcntrl.net

IN A

18.245.143.83

tags.crwdcntrl.net

IN A

18.245.143.58

tags.crwdcntrl.net

IN A

18.245.143.100

tags.crwdcntrl.net

IN A

18.245.143.118
DNS

1.15.210.52.in-addr.arpa

msedge.exe

Remote address:

8.8.8.8:53

Request

1.15.210.52.in-addr.arpa

IN PTR

Response

1.15.210.52.in-addr.arpa

IN PTR

ec2-52-210-15-1 eu-west-1compute amazonawscom
DNS

1.15.210.52.in-addr.arpa

msedge.exe

Remote address:

8.8.8.8:53

Request

1.15.210.52.in-addr.arpa

IN PTR
DNS

lb.eu-1-id5-sync.com

msedge.exe

Remote address:

8.8.8.8:53

Request

lb.eu-1-id5-sync.com

IN A

Response

lb.eu-1-id5-sync.com

IN A

162.19.138.117

lb.eu-1-id5-sync.com

IN A

141.95.98.64

lb.eu-1-id5-sync.com

IN A

162.19.138.120

lb.eu-1-id5-sync.com

IN A

141.95.33.120

lb.eu-1-id5-sync.com

IN A

162.19.138.83

lb.eu-1-id5-sync.com

IN A

162.19.138.119

lb.eu-1-id5-sync.com

IN A

162.19.138.118

lb.eu-1-id5-sync.com

IN A

141.95.98.65

lb.eu-1-id5-sync.com

IN A

162.19.138.82

lb.eu-1-id5-sync.com

IN A

162.19.138.116
DNS

lb.eu-1-id5-sync.com

msedge.exe

Remote address:

8.8.8.8:53

Request

lb.eu-1-id5-sync.com

IN A

Response

lb.eu-1-id5-sync.com

IN A

162.19.138.117

lb.eu-1-id5-sync.com

IN A

141.95.98.64

lb.eu-1-id5-sync.com

IN A

162.19.138.120

lb.eu-1-id5-sync.com

IN A

141.95.33.120

lb.eu-1-id5-sync.com

IN A

162.19.138.83

lb.eu-1-id5-sync.com

IN A

162.19.138.119

lb.eu-1-id5-sync.com

IN A

162.19.138.118

lb.eu-1-id5-sync.com

IN A

141.95.98.65

lb.eu-1-id5-sync.com

IN A

162.19.138.82

lb.eu-1-id5-sync.com

IN A

162.19.138.116
GET

https://lb.eu-1-id5-sync.com/lb/v1

msedge.exe

Remote address:

162.19.138.117:443

Request

GET /lb/v1 HTTP/2.0
host: lb.eu-1-id5-sync.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.unknowncheats.me
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

vary: Origin
vary: Access-Control-Request-Method
vary: Access-Control-Request-Headers
access-control-allow-origin: https://www.unknowncheats.me
vary: Origin
content-type: application/json;charset=UTF-8
date: Thu, 14 Mar 2024 21:01:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
GET

https://tags.crwdcntrl.net/lt/c/16576/sync.min.js

msedge.exe

Remote address:

18.245.143.83:443

Request

GET /lt/c/16576/sync.min.js HTTP/2.0
host: tags.crwdcntrl.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/javascript
last-modified: Wed, 14 Feb 2024 17:39:34 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Thu, 14 Mar 2024 00:25:22 GMT
cache-control: public, max-age=86400
etag: W/"0f107a0e7753aa69cd07ded21852408c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8dbddccb44fea3c0ae7cceef434a136a.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR5-P1
x-amz-cf-id: hF0KJfeIAZWDl_BjvFLqXOZil02bN2RJ9Kd-E5V4sJI7qSurdWHq5w==
age: 74179
GET

https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%3Fdo%3Dfile%26id%3D43877&ref=&_it=amazon&partner_id=549

msedge.exe

Remote address:

104.22.52.173:443

Request

GET /hadron.js?url=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%3Fdo%3Dfile%26id%3D43877&ref=&_it=amazon&partner_id=549 HTTP/2.0
host: cdn.hadronid.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:40 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"4f8d7eccb8b77bff110a91871ebadcc0"
last-modified: Thu, 07 Mar 2024 15:57:22 GMT
x-amz-id-2: wVIO1wrs31x1jKRIz3dKPn3IKJaxmFZdB4TaOgRyJwNYeBol3+8I/Y1HD2dEOHBU8sCH74De62g=
x-amz-request-id: GPA71GZPJYF3GMCR
cf-cache-status: HIT
age: 1746
expires: Thu, 14 Mar 2024 22:01:40 GMT
cache-control: public, max-age=3600
vary: Accept-Encoding
server: cloudflare
cf-ray: 8647334ae94db95a-AMS
content-encoding: gzip
GET

https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%3Fdo%3Dfile%26id%3D43877%26act%3Ddown%26actionhash%3Dguest&ref=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%3Fdo%3Dfile%26id%3D43877&_it=amazon&partner_id=549

msedge.exe

Remote address:

104.22.52.173:443

Request

GET /hadron.js?url=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%3Fdo%3Dfile%26id%3D43877%26act%3Ddown%26actionhash%3Dguest&ref=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%3Fdo%3Dfile%26id%3D43877&_it=amazon&partner_id=549 HTTP/2.0
host: cdn.hadronid.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:41 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"4f8d7eccb8b77bff110a91871ebadcc0"
last-modified: Thu, 07 Mar 2024 15:57:22 GMT
x-amz-id-2: wVIO1wrs31x1jKRIz3dKPn3IKJaxmFZdB4TaOgRyJwNYeBol3+8I/Y1HD2dEOHBU8sCH74De62g=
x-amz-request-id: GPA71GZPJYF3GMCR
cf-cache-status: HIT
age: 1747
expires: Thu, 14 Mar 2024 22:01:41 GMT
cache-control: public, max-age=3600
vary: Accept-Encoding
server: cloudflare
cf-ray: 8647334e8e04b95a-AMS
content-encoding: gzip
GET

https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Flogin.php%3Fdo%3Dlogin&ref=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Flogin.php%3Fdo%3Dlogin%26__cf_chl_tk%3Doys2UE5fdUVVeBheJtCWONjMeFxu0iK76eQUmIAz.Iw-1710450116-0.0.1.1-1642&_it=amazon&partner_id=549

msedge.exe

Remote address:

104.22.52.173:443

Request

GET /hadron.js?url=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Flogin.php%3Fdo%3Dlogin&ref=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Flogin.php%3Fdo%3Dlogin%26__cf_chl_tk%3Doys2UE5fdUVVeBheJtCWONjMeFxu0iK76eQUmIAz.Iw-1710450116-0.0.1.1-1642&_it=amazon&partner_id=549 HTTP/2.0
host: cdn.hadronid.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:02 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"4f8d7eccb8b77bff110a91871ebadcc0"
last-modified: Thu, 07 Mar 2024 15:57:22 GMT
x-amz-id-2: wVIO1wrs31x1jKRIz3dKPn3IKJaxmFZdB4TaOgRyJwNYeBol3+8I/Y1HD2dEOHBU8sCH74De62g=
x-amz-request-id: GPA71GZPJYF3GMCR
cf-cache-status: HIT
age: 1750
expires: Thu, 14 Mar 2024 22:02:02 GMT
cache-control: public, max-age=3600
vary: Accept-Encoding
server: cloudflare
cf-ray: 864733d26eb7b95a-AMS
content-encoding: gzip
GET

https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%3Fdo%3Dfile%26id%3D43877&ref=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Flogin.php%3Fdo%3Dlogin&_it=amazon&partner_id=549

msedge.exe

Remote address:

104.22.52.173:443

Request

GET /hadron.js?url=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%3Fdo%3Dfile%26id%3D43877&ref=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Flogin.php%3Fdo%3Dlogin&_it=amazon&partner_id=549 HTTP/2.0
host: cdn.hadronid.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:11 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"4f8d7eccb8b77bff110a91871ebadcc0"
last-modified: Thu, 07 Mar 2024 15:57:22 GMT
x-amz-id-2: wVIO1wrs31x1jKRIz3dKPn3IKJaxmFZdB4TaOgRyJwNYeBol3+8I/Y1HD2dEOHBU8sCH74De62g=
x-amz-request-id: GPA71GZPJYF3GMCR
cf-cache-status: HIT
age: 1748
expires: Thu, 14 Mar 2024 22:02:11 GMT
cache-control: public, max-age=3600
vary: Accept-Encoding
server: cloudflare
cf-ray: 8647340be87bb95a-AMS
content-encoding: gzip
GET

https://cdn.id5-sync.com/api/1.0/id5-api.js

msedge.exe

Remote address:

104.22.52.86:443

Request

GET /api/1.0/id5-api.js HTTP/2.0
host: cdn.id5-sync.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:40 GMT
content-type: text/javascript;charset=utf-8
x-amz-id-2: HyTlQoxqXp/Tnqb8z0RJFJETK2IB/ZgjPWGiiARJPHuosUEQMR5mrTzRuetPJmdgXq9PCCXwbgZXMO6I/m+4mw==
x-amz-request-id: G3B4P02PZ77AM1HF
last-modified: Thu, 29 Feb 2024 12:45:12 GMT
etag: W/"a6dbc54d2082e9b3a0fa778f082e665d"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
cf-cache-status: HIT
age: 80
expires: Thu, 14 Mar 2024 22:01:40 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 8647334aeb257752-AMS
content-encoding: gzip
DNS

bcp.crwdcntrl.net

msedge.exe

Remote address:

8.8.8.8:53

Request

bcp.crwdcntrl.net

IN A

Response

bcp.crwdcntrl.net

IN A

54.155.211.205

bcp.crwdcntrl.net

IN A

34.252.235.9

bcp.crwdcntrl.net

IN A

54.220.33.129

bcp.crwdcntrl.net

IN A

54.72.51.53

bcp.crwdcntrl.net

IN A

54.194.222.229

bcp.crwdcntrl.net

IN A

54.72.96.86

bcp.crwdcntrl.net

IN A

52.211.239.186

bcp.crwdcntrl.net

IN A

52.31.251.249
DNS

bcp.crwdcntrl.net

msedge.exe

Remote address:

8.8.8.8:53

Request

bcp.crwdcntrl.net

IN A

Response

bcp.crwdcntrl.net

IN A

52.211.239.186

bcp.crwdcntrl.net

IN A

54.194.222.229

bcp.crwdcntrl.net

IN A

52.31.251.249

bcp.crwdcntrl.net

IN A

52.212.53.200

bcp.crwdcntrl.net

IN A

34.252.235.9

bcp.crwdcntrl.net

IN A

54.155.211.205

bcp.crwdcntrl.net

IN A

54.72.51.53

bcp.crwdcntrl.net

IN A

54.220.33.129
DNS

id.hadron.ad.gt

msedge.exe

Remote address:

8.8.8.8:53

Request

id.hadron.ad.gt

IN A

Response

id.hadron.ad.gt

IN CNAME

id.hadron.ad.gt.cdn.cloudflare.net

id.hadron.ad.gt.cdn.cloudflare.net

IN A

104.22.4.69

id.hadron.ad.gt.cdn.cloudflare.net

IN A

104.22.5.69

id.hadron.ad.gt.cdn.cloudflare.net

IN A

172.67.23.234
DNS

id.hadron.ad.gt

msedge.exe

Remote address:

8.8.8.8:53

Request

id.hadron.ad.gt

IN A

Response

id.hadron.ad.gt

IN CNAME

id.hadron.ad.gt.cdn.cloudflare.net

id.hadron.ad.gt.cdn.cloudflare.net

IN A

104.22.5.69

id.hadron.ad.gt.cdn.cloudflare.net

IN A

172.67.23.234

id.hadron.ad.gt.cdn.cloudflare.net

IN A

104.22.4.69
POST

https://bcp.crwdcntrl.net/6/map

msedge.exe

Remote address:

54.155.211.205:443

Request

POST /6/map HTTP/2.0
host: bcp.crwdcntrl.net
content-length: 108
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://www.unknowncheats.me
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:41 GMT
content-type: application/json;charset=utf-8
content-length: 60
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.16.29
access-control-allow-credentials: true
access-control-allow-origin: https://www.unknowncheats.me
server: Jetty(9.4.38.v20210224)
POST

https://bcp.crwdcntrl.net/6/map

msedge.exe

Remote address:

54.155.211.205:443

Request

POST /6/map HTTP/2.0
host: bcp.crwdcntrl.net
content-length: 108
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://www.unknowncheats.me
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:41 GMT
content-type: application/json;charset=utf-8
content-length: 60
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.10.102
access-control-allow-credentials: true
access-control-allow-origin: https://www.unknowncheats.me
server: Jetty(9.4.38.v20210224)
POST

https://bcp.crwdcntrl.net/6/map

msedge.exe

Remote address:

54.155.211.205:443

Request

POST /6/map HTTP/2.0
host: bcp.crwdcntrl.net
content-length: 405
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://www.unknowncheats.me
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:02 GMT
content-type: application/json;charset=utf-8
content-length: 61
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.25.76
access-control-allow-credentials: true
access-control-allow-origin: https://www.unknowncheats.me
x-consent: absent
server: Jetty(9.4.38.v20210224)
GET

https://idrs.adtelligent.com/get?gdpr=0&gdprConsent=

msedge.exe

Remote address:

62.149.0.74:443

Request

GET /get?gdpr=0&gdprConsent= HTTP/1.1
Host: idrs.adtelligent.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
Accept: */*
Origin: https://www.unknowncheats.me
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.unknowncheats.me/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: VertaMedia 1.0
Date: Thu, 14 Mar 2024 21:01:41 GMT
Content-Type: application/json
Content-Length: 65
Access-Control-Allow-Origin: https://www.unknowncheats.me
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Set-Cookie: vmuid=2a46763032a2366e; expires=Wed, 15 May 2024 21:01:41 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None
GET

https://idrs.adtelligent.com/get?gdpr=1&gdprConsent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA

msedge.exe

Remote address:

62.149.0.74:443

Request

GET /get?gdpr=1&gdprConsent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA HTTP/1.1
Host: idrs.adtelligent.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
Accept: */*
Origin: https://www.unknowncheats.me
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.unknowncheats.me/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: vmuid=2a46763032a2366e

Response

HTTP/1.1 200 OK

Server: VertaMedia 1.0
Date: Thu, 14 Mar 2024 21:02:02 GMT
Content-Type: application/json
Content-Length: 65
Access-Control-Allow-Origin: https://www.unknowncheats.me
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Set-Cookie: vmuid=2a46763032a2366e; expires=Wed, 15 May 2024 21:02:02 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None
DNS

a.nel.cloudflare.com

msedge.exe

Remote address:

8.8.8.8:53

Request

a.nel.cloudflare.com

IN A

Response

a.nel.cloudflare.com

IN A

35.190.80.1
DNS

a.nel.cloudflare.com

msedge.exe

Remote address:

8.8.8.8:53

Request

a.nel.cloudflare.com

IN A

Response

a.nel.cloudflare.com

IN A

35.190.80.1
OPTIONS

https://a.nel.cloudflare.com/report/v4?s=CHA9wk4H%2FFiTM4yr77nS0V6Y0NsgBPntmqgwB6fZ64PYjB%2FFxBxBV1qzyc%2FbN5CMvAF3IKUNtR1m4itbVCjvb%2FJmNJ%2B6SmQf4RPRn6GqbIrPapLWKPgJ%2Bdl2kE28BopWqKai33Oz

msedge.exe

Remote address:

35.190.80.1:443

Request

OPTIONS /report/v4?s=CHA9wk4H%2FFiTM4yr77nS0V6Y0NsgBPntmqgwB6fZ64PYjB%2FFxBxBV1qzyc%2FbN5CMvAF3IKUNtR1m4itbVCjvb%2FJmNJ%2B6SmQf4RPRn6GqbIrPapLWKPgJ%2Bdl2kE28BopWqKai33Oz HTTP/2.0
host: a.nel.cloudflare.com
origin: https://www.unknowncheats.me
access-control-request-method: POST
access-control-request-headers: content-type
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
OPTIONS

https://a.nel.cloudflare.com/report/v4?s=XiiIGgmlLsnoDdWopKpF%2BzxbiVaNWjgZHLZYADxx21R3oJP7j0Yq6UGEZHC7MMYfKr8zAlSFEmXhLWe5txVQ4yXhN2ChpJhd9PpLZg720KX018%2FiC6xVZnOehqZChf6RZR1Kf%2BwC

msedge.exe

Remote address:

35.190.80.1:443

Request

OPTIONS /report/v4?s=XiiIGgmlLsnoDdWopKpF%2BzxbiVaNWjgZHLZYADxx21R3oJP7j0Yq6UGEZHC7MMYfKr8zAlSFEmXhLWe5txVQ4yXhN2ChpJhd9PpLZg720KX018%2FiC6xVZnOehqZChf6RZR1Kf%2BwC HTTP/2.0
host: a.nel.cloudflare.com
origin: https://www.unknowncheats.me
access-control-request-method: POST
access-control-request-headers: content-type
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
OPTIONS

https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=549&sync=0&domain=www.unknowncheats.me&url=https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877

msedge.exe

Remote address:

104.22.4.69:443

Request

OPTIONS /v1/hadron.json?_it=amazon&partner_id=549&sync=0&domain=www.unknowncheats.me&url=https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877 HTTP/2.0
host: id.hadron.ad.gt
accept: */*
access-control-request-method: GET
access-control-request-headers: content-type
origin: https://www.unknowncheats.me
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-mode: cors
sec-fetch-site: cross-site
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:42 GMT
content-type: application/json
content-length: 0
expires: Fri, 14 Mar 2025 21:01:42 GMT
cache-control: max-age=31536000
cache-control: public, no-transform
debug: OPTIONS block
allow: POST, OPTIONS, GET
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 86473351380466ce-AMS
OPTIONS

https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=549&sync=0&domain=www.unknowncheats.me&url=https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877&act=down&actionhash=guest

msedge.exe

Remote address:

104.22.4.69:443

Request

OPTIONS /v1/hadron.json?_it=amazon&partner_id=549&sync=0&domain=www.unknowncheats.me&url=https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877&act=down&actionhash=guest HTTP/2.0
host: id.hadron.ad.gt
accept: */*
access-control-request-method: GET
access-control-request-headers: content-type
origin: https://www.unknowncheats.me
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-mode: cors
sec-fetch-site: cross-site
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:42 GMT
content-type: application/json
content-length: 0
expires: Fri, 14 Mar 2025 21:01:42 GMT
cache-control: max-age=31536000
cache-control: public, no-transform
debug: OPTIONS block
allow: POST, OPTIONS, GET
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 86473351380066ce-AMS
GET

https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=549&sync=0&domain=www.unknowncheats.me&url=https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877&act=down&actionhash=guest

msedge.exe

Remote address:

104.22.4.69:443

Request

GET /v1/hadron.json?_it=amazon&partner_id=549&sync=0&domain=www.unknowncheats.me&url=https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877&act=down&actionhash=guest HTTP/2.0
host: id.hadron.ad.gt
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: */*
origin: https://www.unknowncheats.me
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:42 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
cache-control: private,max-age=30
debug: NON-OPTIONS
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 86473352390a66ce-AMS
content-encoding: gzip
OPTIONS

https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=549&sync=0&domain=www.unknowncheats.me&url=https://www.unknowncheats.me/forum/login.php?do=login

msedge.exe

Remote address:

104.22.4.69:443

Request

OPTIONS /v1/hadron.json?_it=amazon&partner_id=549&sync=0&domain=www.unknowncheats.me&url=https://www.unknowncheats.me/forum/login.php?do=login HTTP/2.0
host: id.hadron.ad.gt
accept: */*
access-control-request-method: GET
access-control-request-headers: content-type
origin: https://www.unknowncheats.me
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-mode: cors
sec-fetch-site: cross-site
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:02 GMT
content-type: application/json
content-length: 0
expires: Fri, 14 Mar 2025 21:02:02 GMT
cache-control: max-age=31536000
cache-control: public, no-transform
debug: OPTIONS block
allow: POST, OPTIONS, GET
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 864733d38d7666ce-AMS
GET

https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=549&sync=0&domain=www.unknowncheats.me&url=https://www.unknowncheats.me/forum/login.php?do=login

msedge.exe

Remote address:

104.22.4.69:443

Request

GET /v1/hadron.json?_it=amazon&partner_id=549&sync=0&domain=www.unknowncheats.me&url=https://www.unknowncheats.me/forum/login.php?do=login HTTP/2.0
host: id.hadron.ad.gt
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: */*
origin: https://www.unknowncheats.me
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:03 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
cache-control: private,max-age=30
debug: NON-OPTIONS
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 864733d46e7766ce-AMS
content-encoding: gzip
OPTIONS

https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=549&sync=0&domain=www.unknowncheats.me&url=https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877

msedge.exe

Remote address:

104.22.4.69:443

Request

OPTIONS /v1/hadron.json?_it=amazon&partner_id=549&sync=0&domain=www.unknowncheats.me&url=https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877 HTTP/2.0
host: id.hadron.ad.gt
accept: */*
access-control-request-method: GET
access-control-request-headers: content-type
origin: https://www.unknowncheats.me
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-mode: cors
sec-fetch-site: cross-site
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:12 GMT
content-type: application/json
content-length: 0
expires: Fri, 14 Mar 2025 21:02:12 GMT
cache-control: max-age=31536000
cache-control: public, no-transform
debug: OPTIONS block
allow: POST, OPTIONS, GET
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8647340d8c9e66ce-AMS
GET

https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=549&sync=0&domain=www.unknowncheats.me&url=https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877

msedge.exe

Remote address:

104.22.4.69:443

Request

GET /v1/hadron.json?_it=amazon&partner_id=549&sync=0&domain=www.unknowncheats.me&url=https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877 HTTP/2.0
host: id.hadron.ad.gt
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: */*
origin: https://www.unknowncheats.me
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:12 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
cache-control: private,max-age=30
debug: NON-OPTIONS
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8647340e7d9566ce-AMS
content-encoding: gzip
DNS

40.90.84.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

40.90.84.52.in-addr.arpa

IN PTR

Response

40.90.84.52.in-addr.arpa

IN PTR

server-52-84-90-40lhr62r cloudfrontnet
DNS

40.90.84.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

40.90.84.52.in-addr.arpa

IN PTR

Response

40.90.84.52.in-addr.arpa

IN PTR

server-52-84-90-40lhr62r cloudfrontnet
DNS

233.122.155.18.in-addr.arpa

Remote address:

8.8.8.8:53

Request

233.122.155.18.in-addr.arpa

IN PTR

Response

233.122.155.18.in-addr.arpa

IN PTR

server-18-155-122-233cdg52r cloudfrontnet
DNS

233.122.155.18.in-addr.arpa

Remote address:

8.8.8.8:53

Request

233.122.155.18.in-addr.arpa

IN PTR

Response

233.122.155.18.in-addr.arpa

IN PTR

server-18-155-122-233cdg52r cloudfrontnet
DNS

74.0.149.62.in-addr.arpa

Remote address:

8.8.8.8:53

Request

74.0.149.62.in-addr.arpa

IN PTR

Response

74.0.149.62.in-addr.arpa

IN PTR

0-74cc86365-03-tmpcccolocallcom
DNS

74.0.149.62.in-addr.arpa

Remote address:

8.8.8.8:53

Request

74.0.149.62.in-addr.arpa

IN PTR

Response

74.0.149.62.in-addr.arpa

IN PTR

0-74cc86365-03-tmpcccolocallcom
DNS

83.143.245.18.in-addr.arpa

Remote address:

8.8.8.8:53

Request

83.143.245.18.in-addr.arpa

IN PTR

Response

83.143.245.18.in-addr.arpa

IN PTR

server-18-245-143-83lhr5r cloudfrontnet
DNS

83.143.245.18.in-addr.arpa

Remote address:

8.8.8.8:53

Request

83.143.245.18.in-addr.arpa

IN PTR

Response

83.143.245.18.in-addr.arpa

IN PTR

server-18-245-143-83lhr5r cloudfrontnet
DNS

173.52.22.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

173.52.22.104.in-addr.arpa

IN PTR

Response
DNS

173.52.22.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

173.52.22.104.in-addr.arpa

IN PTR

Response
DNS

86.52.22.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

86.52.22.104.in-addr.arpa

IN PTR

Response
DNS

86.52.22.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

86.52.22.104.in-addr.arpa

IN PTR

Response
DNS

117.138.19.162.in-addr.arpa

Remote address:

8.8.8.8:53

Request

117.138.19.162.in-addr.arpa

IN PTR

Response

117.138.19.162.in-addr.arpa

IN PTR

ns31533568 ip-162-19-138eu
DNS

117.138.19.162.in-addr.arpa

Remote address:

8.8.8.8:53

Request

117.138.19.162.in-addr.arpa

IN PTR

Response

117.138.19.162.in-addr.arpa

IN PTR

ns31533568 ip-162-19-138eu
DNS

48e143e2b4cf63ba0296ab04ca42ed77.safeframe.googlesyndication.com

Remote address:

8.8.8.8:53

Request

48e143e2b4cf63ba0296ab04ca42ed77.safeframe.googlesyndication.com

IN A

Response

48e143e2b4cf63ba0296ab04ca42ed77.safeframe.googlesyndication.com

IN CNAME

pagead-googlehosted.l.google.com

pagead-googlehosted.l.google.com

IN A

216.58.204.65
DNS

48e143e2b4cf63ba0296ab04ca42ed77.safeframe.googlesyndication.com

Remote address:

8.8.8.8:53

Request

48e143e2b4cf63ba0296ab04ca42ed77.safeframe.googlesyndication.com

IN A
DNS

205.211.155.54.in-addr.arpa

Remote address:

8.8.8.8:53

Request

205.211.155.54.in-addr.arpa

IN PTR

Response

205.211.155.54.in-addr.arpa

IN PTR

ec2-54-155-211-205 eu-west-1compute amazonawscom
DNS

205.211.155.54.in-addr.arpa

Remote address:

8.8.8.8:53

Request

205.211.155.54.in-addr.arpa

IN PTR

Response

205.211.155.54.in-addr.arpa

IN PTR

ec2-54-155-211-205 eu-west-1compute amazonawscom
DNS

secure.adnxs.com

Remote address:

8.8.8.8:53

Request

secure.adnxs.com

IN A

Response

secure.adnxs.com

IN CNAME

g.geo.appnexusgslb.net

g.geo.appnexusgslb.net

IN CNAME

ib.anycast.adnxs.com

ib.anycast.adnxs.com

IN A

185.89.211.84

ib.anycast.adnxs.com

IN A

185.89.210.180

ib.anycast.adnxs.com

IN A

185.89.210.46

ib.anycast.adnxs.com

IN A

185.89.210.244

ib.anycast.adnxs.com

IN A

185.89.210.153

ib.anycast.adnxs.com

IN A

185.89.210.122

ib.anycast.adnxs.com

IN A

185.89.211.116

ib.anycast.adnxs.com

IN A

185.89.211.12

ib.anycast.adnxs.com

IN A

185.89.210.90

ib.anycast.adnxs.com

IN A

185.89.210.212

ib.anycast.adnxs.com

IN A

185.89.210.141

ib.anycast.adnxs.com

IN A

185.89.210.20
DNS

secure.adnxs.com

Remote address:

8.8.8.8:53

Request

secure.adnxs.com

IN A
DNS

1.80.190.35.in-addr.arpa

Remote address:

8.8.8.8:53

Request

1.80.190.35.in-addr.arpa

IN PTR

Response

1.80.190.35.in-addr.arpa

IN PTR

18019035bcgoogleusercontentcom
DNS

1.80.190.35.in-addr.arpa

Remote address:

8.8.8.8:53

Request

1.80.190.35.in-addr.arpa

IN PTR

Response

1.80.190.35.in-addr.arpa

IN PTR

18019035bcgoogleusercontentcom
DNS

69.4.22.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

69.4.22.104.in-addr.arpa

IN PTR

Response
DNS

69.4.22.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

69.4.22.104.in-addr.arpa

IN PTR

Response
DNS

a.ad.gt

msedge.exe

Remote address:

8.8.8.8:53

Request

a.ad.gt

IN A

Response

a.ad.gt

IN CNAME

a.ad.gt.cdn.cloudflare.net

a.ad.gt.cdn.cloudflare.net

IN A

104.22.5.69

a.ad.gt.cdn.cloudflare.net

IN A

104.22.4.69

a.ad.gt.cdn.cloudflare.net

IN A

172.67.23.234
DNS

a.ad.gt

msedge.exe

Remote address:

8.8.8.8:53

Request

a.ad.gt

IN A

Response

a.ad.gt

IN CNAME

a.ad.gt.cdn.cloudflare.net

a.ad.gt.cdn.cloudflare.net

IN A

104.22.5.69

a.ad.gt.cdn.cloudflare.net

IN A

172.67.23.234

a.ad.gt.cdn.cloudflare.net

IN A

104.22.4.69
GET

https://a.ad.gt/api/v1/u/matches/549?_it=amazon

msedge.exe

Remote address:

104.22.5.69:443

Request

GET /api/v1/u/matches/549?_it=amazon HTTP/2.0
host: a.ad.gt
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:42 GMT
content-type: application/javascript
cross-origin-resource-policy: cross-origin
content-encoding: gzip
last-modified: Thu, 14 Mar 2024 20:52:48 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 278
vary: Accept-Encoding
server: cloudflare
cf-ray: 86473354381165f2-AMS
DNS

10.180.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

10.180.250.142.in-addr.arpa

IN PTR

Response

10.180.250.142.in-addr.arpa

IN PTR

lhr25s32-in-f101e100net
DNS

10.180.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

10.180.250.142.in-addr.arpa

IN PTR
DNS

227.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

227.179.250.142.in-addr.arpa

IN PTR

Response

227.179.250.142.in-addr.arpa

IN PTR

lhr25s31-in-f31e100net
DNS

227.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

227.179.250.142.in-addr.arpa

IN PTR
DNS

69.5.22.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

69.5.22.104.in-addr.arpa

IN PTR

Response
DNS

69.5.22.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

69.5.22.104.in-addr.arpa

IN PTR
GET

https://48e143e2b4cf63ba0296ab04ca42ed77.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

msedge.exe

Remote address:

216.58.204.65:443

Request

GET /safeframe/1-0-40/html/container.html HTTP/2.0
host: 48e143e2b4cf63ba0296ab04ca42ed77.safeframe.googlesyndication.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://b6351696394dffd7514614659b5d9454.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

msedge.exe

Remote address:

216.58.204.65:443

Request

GET /safeframe/1-0-40/html/container.html HTTP/2.0
host: b6351696394dffd7514614659b5d9454.safeframe.googlesyndication.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

65.204.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

65.204.58.216.in-addr.arpa

IN PTR

Response

65.204.58.216.in-addr.arpa

IN PTR

lhr48s49-in-f11e100net

65.204.58.216.in-addr.arpa

IN PTR

lhr25s13-in-f1�G

65.204.58.216.in-addr.arpa

IN PTR

lhr25s13-in-f65�G
DNS

tpc.googlesyndication.com

msedge.exe

Remote address:

8.8.8.8:53

Request

tpc.googlesyndication.com

IN A

Response

tpc.googlesyndication.com

IN A

216.58.212.193
DNS

tpc.googlesyndication.com

msedge.exe

Remote address:

8.8.8.8:53

Request

tpc.googlesyndication.com

IN A

Response

tpc.googlesyndication.com

IN A

216.58.212.193
GET

https://tpc.googlesyndication.com/sodar/sodar2.js

msedge.exe

Remote address:

216.58.212.193:443

Request

GET /sodar/sodar2.js HTTP/2.0
host: tpc.googlesyndication.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

assets.revcontent.com

msedge.exe

Remote address:

8.8.8.8:53

Request

assets.revcontent.com

IN A

Response

assets.revcontent.com

IN A

18.245.218.56

assets.revcontent.com

IN A

18.245.218.76

assets.revcontent.com

IN A

18.245.218.9

assets.revcontent.com

IN A

18.245.218.24
DNS

assets.revcontent.com

msedge.exe

Remote address:

8.8.8.8:53

Request

assets.revcontent.com

IN A

Response

assets.revcontent.com

IN A

18.245.218.56

assets.revcontent.com

IN A

18.245.218.76

assets.revcontent.com

IN A

18.245.218.9

assets.revcontent.com

IN A

18.245.218.24
GET

https://assets.revcontent.com/master/delivery.js

msedge.exe

Remote address:

18.245.218.56:443

Request

GET /master/delivery.js HTTP/2.0
host: assets.revcontent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/javascript
last-modified: Mon, 04 Mar 2024 17:42:13 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Thu, 14 Mar 2024 09:16:25 GMT
cache-control: public,max-age=60
etag: W/"f78fb757af69495be01cc9e593535027"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1014ff80261d365548482ae1130a7842.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR5-P4
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: pkkt-e-s-VacHMHfc-2KXli4Yx052O4xqoAMfRhG4MlCVF9gBXqGfQ==
age: 42325
GET

https://assets.revcontent.com/master/rtbWidget.ceec523f.delivery.js

msedge.exe

Remote address:

18.245.218.56:443

Request

GET /master/rtbWidget.ceec523f.delivery.js HTTP/2.0
host: assets.revcontent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/javascript
last-modified: Mon, 04 Mar 2024 17:42:14 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Thu, 14 Mar 2024 10:25:13 GMT
cache-control: public,max-age=60
etag: W/"fc116b2312ded108e3d690041ca03025"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1014ff80261d365548482ae1130a7842.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR5-P4
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: gHaEIbNS0E-DO7eCsjHL0MeTGaYySIrcv6xf_2GS8AJdyPN0x4iEkw==
age: 38197
DNS

2.169.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

2.169.217.172.in-addr.arpa

IN PTR

Response

2.169.217.172.in-addr.arpa

IN PTR

lhr25s26-in-f21e100net
DNS

193.212.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

193.212.58.216.in-addr.arpa

IN PTR

Response

193.212.58.216.in-addr.arpa

IN PTR

ams16s21-in-f11e100net

193.212.58.216.in-addr.arpa

IN PTR

ams16s21-in-f193�H

193.212.58.216.in-addr.arpa

IN PTR

lhr25s27-in-f1�H
DNS

193.212.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

193.212.58.216.in-addr.arpa

IN PTR

Response

193.212.58.216.in-addr.arpa

IN PTR

ams16s21-in-f1931e100net

193.212.58.216.in-addr.arpa

IN PTR

lhr25s27-in-f1�J

193.212.58.216.in-addr.arpa

IN PTR

ams16s21-in-f1�J
DNS

56.218.245.18.in-addr.arpa

Remote address:

8.8.8.8:53

Request

56.218.245.18.in-addr.arpa

IN PTR

Response

56.218.245.18.in-addr.arpa

IN PTR

server-18-245-218-56lhr5r cloudfrontnet
DNS

ads.pubmatic.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ads.pubmatic.com

IN A

Response

ads.pubmatic.com

IN CNAME

pubmatic.edgekey.net

pubmatic.edgekey.net

IN CNAME

e6603.g.akamaiedge.net

e6603.g.akamaiedge.net

IN A

96.16.109.9
DNS

ads.pubmatic.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ads.pubmatic.com

IN A
GET

https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js

msedge.exe

Remote address:

96.16.109.9:443

Request

GET /AdServer/js/pwt/160835/4933/pwt.js HTTP/2.0
host: ads.pubmatic.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Sat, 29 Apr 2023 00:25:40 GMT
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: application/javascript
content-length: 68444
cache-control: max-age=29224
expires: Fri, 15 Mar 2024 05:08:54 GMT
date: Thu, 14 Mar 2024 21:01:50 GMT
vary: Accept-Encoding
GET

https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162797&gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA

msedge.exe

Remote address:

96.16.109.9:443

Request

GET /AdServer/js/user_sync.html?kdntuid=1&p=162797&gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA HTTP/2.0
host: ads.pubmatic.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: Apache
last-modified: Tue, 13 Feb 2024 04:57:54 GMT
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5685
content-type: text/html
cache-control: max-age=29248
expires: Fri, 15 Mar 2024 05:09:44 GMT
date: Thu, 14 Mar 2024 21:02:16 GMT
vary: Accept-Encoding
GET

https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID

msedge.exe

Remote address:

96.16.109.9:443

Request

GET /AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID HTTP/2.0
host: ads.pubmatic.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://public.servenobid.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: Apache
last-modified: Tue, 13 Feb 2024 04:57:54 GMT
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5685
content-type: text/html
cache-control: max-age=29247
expires: Fri, 15 Mar 2024 05:09:44 GMT
date: Thu, 14 Mar 2024 21:02:17 GMT
vary: Accept-Encoding
GET

https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=

msedge.exe

Remote address:

96.16.109.9:443

Request

GET /AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent= HTTP/2.0
host: ads.pubmatic.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: Apache
last-modified: Tue, 13 Feb 2024 04:57:54 GMT
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5685
content-type: text/html
cache-control: max-age=29246
expires: Fri, 15 Mar 2024 05:09:44 GMT
date: Thu, 14 Mar 2024 21:02:18 GMT
vary: Accept-Encoding
GET

https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=0

msedge.exe

Remote address:

96.16.109.9:443

Request

GET /AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=0 HTTP/2.0
host: ads.pubmatic.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: Apache
last-modified: Tue, 13 Feb 2024 04:57:54 GMT
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5685
content-type: text/html
cache-control: max-age=29245
expires: Fri, 15 Mar 2024 05:09:44 GMT
date: Thu, 14 Mar 2024 21:02:19 GMT
vary: Accept-Encoding
DNS

trends.revcontent.com

msedge.exe

Remote address:

8.8.8.8:53

Request

trends.revcontent.com

IN A

Response

trends.revcontent.com

IN A

52.31.85.16

trends.revcontent.com

IN A

63.33.0.55
DNS

trends.revcontent.com

msedge.exe

Remote address:

8.8.8.8:53

Request

trends.revcontent.com

IN A

Response

trends.revcontent.com

IN A

52.31.85.16

trends.revcontent.com

IN A

63.33.0.55
GET

https://trends.revcontent.com/api/demand/?w=272881

msedge.exe

Remote address:

52.31.85.16:443

Request

GET /api/demand/?w=272881 HTTP/2.0
host: trends.revcontent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.unknowncheats.me
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:50 GMT
content-type: application/json; charset=utf-8
content-length: 52
server: envoy
x-rc-region: eu-west-1c
access-control-allow-credentials: true
access-control-allow-origin: https://www.unknowncheats.me
vary: Origin
strict-transport-security: max-age=931536000; includeSubDomains
x-envoy-upstream-service-time: 2
OPTIONS

https://yeet.revcontent.com/yeet/events/api-errors

msedge.exe

Remote address:

52.31.85.16:443

Request

OPTIONS /yeet/events/api-errors HTTP/2.0
host: yeet.revcontent.com
accept: */*
access-control-request-method: POST
access-control-request-headers: content-type
origin: https://www.unknowncheats.me
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-mode: cors
sec-fetch-site: cross-site
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:50 GMT
content-length: 0
server: envoy
x-rc-region: eu-west-1c
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://www.unknowncheats.me
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time: 2
GET

https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=272881&width=728&rev_allow_cookies=0&site_url=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%3Fdo%3Dfile%26id%3D43877%26act%3Ddown%26actionhash%3Dguest&icr_url=&va=0&user_uuid=undefined&time=1710450109963&banner_size=728x90&up=pc&bn=chrome&bv=92&widget_width=0&style_id=0&an=false&mr=false

msedge.exe

Remote address:

52.31.85.16:443

Request

GET /api/delivery/?is_blocked=undefined&w=272881&width=728&rev_allow_cookies=0&site_url=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%3Fdo%3Dfile%26id%3D43877%26act%3Ddown%26actionhash%3Dguest&icr_url=&va=0&user_uuid=undefined&time=1710450109963&banner_size=728x90&up=pc&bn=chrome&bv=92&widget_width=0&style_id=0&an=false&mr=false HTTP/2.0
host: trends.revcontent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.unknowncheats.me
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:01:50 GMT
server: envoy
x-rc-region: eu-west-1c
access-control-allow-credentials: true
access-control-allow-origin: https://www.unknowncheats.me
vary: Origin
x-envoy-upstream-service-time: 2
POST

https://yeet.revcontent.com/yeet/events/api-errors

msedge.exe

Remote address:

52.31.85.16:443

Request

POST /yeet/events/api-errors HTTP/2.0
host: yeet.revcontent.com
content-length: 232
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: */*
origin: https://www.unknowncheats.me
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:50 GMT
content-type: application/json; charset=utf-8
server: envoy
x-rc-region: eu-west-1c
access-control-allow-credentials: true
access-control-allow-origin: https://www.unknowncheats.me
vary: Origin
strict-transport-security: max-age=931536000; includeSubDomains
content-encoding: gzip
x-envoy-upstream-service-time: 40
POST

https://trends.revcontent.com/event/impression

msedge.exe

Remote address:

52.31.85.16:443

Request

POST /event/impression HTTP/2.0
host: trends.revcontent.com
content-length: 2065
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/x-www-form-urlencoded; charset=UTF-8
accept: */*
origin: https://www.unknowncheats.me
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:01:50 GMT
server: envoy
x-rc-region: eu-west-1c
access-control-allow-credentials: true
access-control-allow-origin: https://www.unknowncheats.me
vary: Origin
strict-transport-security: max-age=931536000; includeSubDomains
x-envoy-upstream-service-time: 2
POST

https://trends.revcontent.com/event/view

msedge.exe

Remote address:

52.31.85.16:443

Request

POST /event/view HTTP/2.0
host: trends.revcontent.com
content-length: 1900
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/x-www-form-urlencoded; charset=UTF-8
accept: */*
origin: https://www.unknowncheats.me
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:01:51 GMT
server: envoy
x-rc-region: eu-west-1c
access-control-allow-credentials: true
access-control-allow-origin: https://www.unknowncheats.me
vary: Origin
strict-transport-security: max-age=931536000; includeSubDomains
x-envoy-upstream-service-time: 3
OPTIONS

https://yeet.revcontent.com/yeet/events/page-view

msedge.exe

Remote address:

52.31.85.16:443

Request

OPTIONS /yeet/events/page-view HTTP/2.0
host: yeet.revcontent.com
accept: */*
access-control-request-method: POST
access-control-request-headers: content-type
origin: https://www.unknowncheats.me
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-mode: cors
sec-fetch-site: cross-site
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:51 GMT
content-length: 0
server: envoy
x-rc-region: eu-west-1c
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://www.unknowncheats.me
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time: 2
OPTIONS

https://yeet.revcontent.com/yeet/events/widget-loaded

msedge.exe

Remote address:

52.31.85.16:443

Request

OPTIONS /yeet/events/widget-loaded HTTP/2.0
host: yeet.revcontent.com
accept: */*
access-control-request-method: POST
access-control-request-headers: content-type
origin: https://www.unknowncheats.me
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-mode: cors
sec-fetch-site: cross-site
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:51 GMT
content-length: 0
server: envoy
x-rc-region: eu-west-1c
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://www.unknowncheats.me
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time: 2
POST

https://yeet.revcontent.com/yeet/events/page-view

msedge.exe

Remote address:

52.31.85.16:443

Request

POST /yeet/events/page-view HTTP/2.0
host: yeet.revcontent.com
content-length: 218
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: */*
origin: https://www.unknowncheats.me
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:01:51 GMT
server: envoy
x-rc-region: eu-west-1c
access-control-allow-credentials: true
access-control-allow-origin: https://www.unknowncheats.me
vary: Origin
x-envoy-upstream-service-time: 2
POST

https://yeet.revcontent.com/yeet/events/widget-loaded

msedge.exe

Remote address:

52.31.85.16:443

Request

POST /yeet/events/widget-loaded HTTP/2.0
host: yeet.revcontent.com
content-length: 248
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: */*
origin: https://www.unknowncheats.me
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:01:51 GMT
server: envoy
x-rc-region: eu-west-1c
access-control-allow-credentials: true
access-control-allow-origin: https://www.unknowncheats.me
vary: Origin
x-envoy-upstream-service-time: 3
OPTIONS

https://yeet.revcontent.com/yeet/events/vcpm-event

msedge.exe

Remote address:

52.31.85.16:443

Request

OPTIONS /yeet/events/vcpm-event HTTP/2.0
host: yeet.revcontent.com
accept: */*
access-control-request-method: POST
access-control-request-headers: content-type
origin: https://www.unknowncheats.me
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-mode: cors
sec-fetch-site: cross-site
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:52 GMT
content-length: 0
server: envoy
x-rc-region: eu-west-1c
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://www.unknowncheats.me
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time: 2
OPTIONS

https://yeet.revcontent.com/yeet/events/vcpm-event

msedge.exe

Remote address:

52.31.85.16:443

Request

OPTIONS /yeet/events/vcpm-event HTTP/2.0
host: yeet.revcontent.com
accept: */*
access-control-request-method: POST
access-control-request-headers: content-type
origin: https://www.unknowncheats.me
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-mode: cors
sec-fetch-site: cross-site
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:52 GMT
content-length: 0
server: envoy
x-rc-region: eu-west-1c
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://www.unknowncheats.me
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time: 2
OPTIONS

https://yeet.revcontent.com/yeet/events/vcpm-event

msedge.exe

Remote address:

52.31.85.16:443

Request

OPTIONS /yeet/events/vcpm-event HTTP/2.0
host: yeet.revcontent.com
accept: */*
access-control-request-method: POST
access-control-request-headers: content-type
origin: https://www.unknowncheats.me
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-mode: cors
sec-fetch-site: cross-site
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:52 GMT
content-length: 0
server: envoy
x-rc-region: eu-west-1c
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://www.unknowncheats.me
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time: 2
POST

https://yeet.revcontent.com/yeet/events/vcpm-event

msedge.exe

Remote address:

52.31.85.16:443

Request

POST /yeet/events/vcpm-event HTTP/2.0
host: yeet.revcontent.com
content-length: 150
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: */*
origin: https://www.unknowncheats.me
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:01:52 GMT
server: envoy
x-rc-region: eu-west-1c
access-control-allow-credentials: true
access-control-allow-origin: https://www.unknowncheats.me
vary: Origin
x-envoy-upstream-service-time: 2
POST

https://yeet.revcontent.com/yeet/events/vcpm-event

msedge.exe

Remote address:

52.31.85.16:443

Request

POST /yeet/events/vcpm-event HTTP/2.0
host: yeet.revcontent.com
content-length: 148
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: */*
origin: https://www.unknowncheats.me
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:01:52 GMT
server: envoy
x-rc-region: eu-west-1c
access-control-allow-credentials: true
access-control-allow-origin: https://www.unknowncheats.me
vary: Origin
x-envoy-upstream-service-time: 3
POST

https://yeet.revcontent.com/yeet/events/vcpm-event

msedge.exe

Remote address:

52.31.85.16:443

Request

POST /yeet/events/vcpm-event HTTP/2.0
host: yeet.revcontent.com
content-length: 149
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: */*
origin: https://www.unknowncheats.me
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:01:52 GMT
server: envoy
x-rc-region: eu-west-1c
access-control-allow-credentials: true
access-control-allow-origin: https://www.unknowncheats.me
vary: Origin
x-envoy-upstream-service-time: 3
DNS

228.249.119.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

228.249.119.40.in-addr.arpa

IN PTR

Response
DNS

228.249.119.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

228.249.119.40.in-addr.arpa

IN PTR

Response
DNS

9.109.16.96.in-addr.arpa

Remote address:

8.8.8.8:53

Request

9.109.16.96.in-addr.arpa

IN PTR

Response

9.109.16.96.in-addr.arpa

IN PTR

a96-16-109-9deploystaticakamaitechnologiescom
DNS

9.109.16.96.in-addr.arpa

Remote address:

8.8.8.8:53

Request

9.109.16.96.in-addr.arpa

IN PTR

Response

9.109.16.96.in-addr.arpa

IN PTR

a96-16-109-9deploystaticakamaitechnologiescom
DNS

yeet.revcontent.com

msedge.exe

Remote address:

8.8.8.8:53

Request

yeet.revcontent.com

IN A

Response

yeet.revcontent.com

IN A

63.33.0.55

yeet.revcontent.com

IN A

52.31.85.16
DNS

yeet.revcontent.com

msedge.exe

Remote address:

8.8.8.8:53

Request

yeet.revcontent.com

IN A

Response

yeet.revcontent.com

IN A

52.31.85.16

yeet.revcontent.com

IN A

63.33.0.55
DNS

images.revcontent.com

msedge.exe

Remote address:

8.8.8.8:53

Request

images.revcontent.com

IN A

Response

images.revcontent.com

IN A

143.204.176.129

images.revcontent.com

IN A

143.204.176.113

images.revcontent.com

IN A

143.204.176.4

images.revcontent.com

IN A

143.204.176.97
DNS

images.revcontent.com

msedge.exe

Remote address:

8.8.8.8:53

Request

images.revcontent.com

IN A

Response

images.revcontent.com

IN A

143.204.176.129

images.revcontent.com

IN A

143.204.176.113

images.revcontent.com

IN A

143.204.176.4

images.revcontent.com

IN A

143.204.176.97
GET

https://images.revcontent.com/revcontent/image/fetch/f_webp,q_auto:eco,h_90,w_180,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/fbe6a23c385baa86e7e8c4eb80fef9d7.jpeg

msedge.exe

Remote address:

143.204.176.129:443

Request

GET /revcontent/image/fetch/f_webp,q_auto:eco,h_90,w_180,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/fbe6a23c385baa86e7e8c4eb80fef9d7.jpeg HTTP/2.0
host: images.revcontent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/webp
content-length: 1888
date: Mon, 11 Mar 2024 20:39:46 GMT
cf-ray: 862e5b0f788f5b28-IAD
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, no-transform, max-age=604800
content-disposition: inline; filename="fbe6a23c385baa86e7e8c4eb80fef9d7.webp"
etag: "3388e1fdb5879c717213067cfe5470e0"
last-modified: Fri, 01 Mar 2024 19:27:47 GMT
strict-transport-security: max-age=604800
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,x-content-type-options
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 3bc52f7e0135d4a9f867e6a9ee5796b0.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: NmaRdnlvxyTi2MEoZ6QuJQCyrtjDemy6RnFnigLOdyGi-SIklmks6g==
age: 260525
DNS

16.85.31.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

16.85.31.52.in-addr.arpa

IN PTR

Response

16.85.31.52.in-addr.arpa

IN PTR

ec2-52-31-85-16 eu-west-1compute amazonawscom
DNS

16.85.31.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

16.85.31.52.in-addr.arpa

IN PTR

Response

16.85.31.52.in-addr.arpa

IN PTR

ec2-52-31-85-16 eu-west-1compute amazonawscom
DNS

129.176.204.143.in-addr.arpa

Remote address:

8.8.8.8:53

Request

129.176.204.143.in-addr.arpa

IN PTR

Response

129.176.204.143.in-addr.arpa

IN PTR

server-143-204-176-129lhr50r cloudfrontnet
DNS

129.176.204.143.in-addr.arpa

Remote address:

8.8.8.8:53

Request

129.176.204.143.in-addr.arpa

IN PTR

Response

129.176.204.143.in-addr.arpa

IN PTR

server-143-204-176-129lhr50r cloudfrontnet
DNS

challenges.cloudflare.com

msedge.exe

Remote address:

8.8.8.8:53

Request

challenges.cloudflare.com

IN A

Response

challenges.cloudflare.com

IN A

104.17.3.184

challenges.cloudflare.com

IN A

104.17.2.184
DNS

challenges.cloudflare.com

msedge.exe

Remote address:

8.8.8.8:53

Request

challenges.cloudflare.com

IN A

Response

challenges.cloudflare.com

IN A

104.17.2.184

challenges.cloudflare.com

IN A

104.17.3.184
GET

https://challenges.cloudflare.com/turnstile/v0/b/ace796eb5511/api.js?onload=BrnBEe5&render=explicit

msedge.exe

Remote address:

104.17.3.184:443

Request

GET /turnstile/v0/b/ace796eb5511/api.js?onload=BrnBEe5&render=explicit HTTP/2.0
host: challenges.cloudflare.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://www.unknowncheats.me
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:56 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 864733ae0b81dd2b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ufdit/0x4AAAAAAADnPIDROrmt1Wwj/light/normal

msedge.exe

Remote address:

104.17.3.184:443

Request

GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ufdit/0x4AAAAAAADnPIDROrmt1Wwj/light/normal HTTP/2.0
host: challenges.cloudflare.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:57 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
cf-ray: 864733b2bd8048ce-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/cgqGdwECWZ0l%2BqhlK11yd%2Bx5hS12pvhB1sHMXO%2F%2F%2F3U%3D

msedge.exe

Remote address:

104.17.3.184:443

Request

GET /cdn-cgi/challenge-platform/h/b/cmg/1/cgqGdwECWZ0l%2BqhlK11yd%2Bx5hS12pvhB1sHMXO%2F%2F%2F3U%3D HTTP/2.0
host: challenges.cloudflare.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ufdit/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:57 GMT
content-type: image/png
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 864733b36e7148ce-LHR
alt-svc: h3=":443"; ma=86400
GET

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=864733b2bd8048ce

msedge.exe

Remote address:

104.17.3.184:443

Request

GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=864733b2bd8048ce HTTP/2.0
host: challenges.cloudflare.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ufdit/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:57 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 864733b36e7a48ce-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
POST

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/474850368:1710447254:UqJo09sxm7LB7PDl5YJvehj4Ba6iBC2fxmN1DrZ0Z5I/864733b2bd8048ce/8b8ff972ea467eb

msedge.exe

Remote address:

104.17.3.184:443

Request

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/474850368:1710447254:UqJo09sxm7LB7PDl5YJvehj4Ba6iBC2fxmN1DrZ0Z5I/864733b2bd8048ce/8b8ff972ea467eb HTTP/2.0
host: challenges.cloudflare.com
content-length: 3379
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
cf-challenge: 8b8ff972ea467eb
content-type: application/x-www-form-urlencoded
accept: */*
origin: https://challenges.cloudflare.com
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ufdit/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:01:58 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: 3qIPV559mlhbTSPksECMYGEzAjg8208ti3Sb74x4Osd2oIDn4QomkciPJ7vBsvsU4kBwWLtFBlPutQwwe+8gpgYgCbLuZz47q0ipXAB4EQGR6cbQ8cDpPyyNCuo27tBu0TDGEwY7vLhqZTHbcsYOQyfX/dppwxnZCa0/LMirONVD3w6nExEOWaIiko+FGqly/yb/xVlarN9C2Jn/ZlRFFTO6T/xb83jxC2ImmveMwZcGipJwUC838+WIWPMjdsOKt3QQc/vKT8wczqoaj0GQavzCBaBtr6lrnz2ss6ee6uysN3KLZzK8rfGHWR/10ujqVqzg3+KQAcBTiRkU1TSw4kLDKCPHmscvOMxvkTIvrKMP55O3tPcu21nawNg7eDVYnHZdsB8VdLLLPrIN96MTwv/PyPXfAjmeM/qpTQHJoNlbRKN29rPBKu86qYmsbHIwGgQ5CE+hoSALNwZj5Xv15w==$iW2qqFA4vFLqaQO/0gadlw==
server: cloudflare
cf-ray: 864733b8bd7348ce-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/864733b2bd8048ce/1710450118578/2d3628da099cdcfa128736c0cc86f59f65da038c9a8dee2b89a3519633ce9053/ggreRUfHPEYIwkR

msedge.exe

Remote address:

104.17.3.184:443

Request

GET /cdn-cgi/challenge-platform/h/b/pat/864733b2bd8048ce/1710450118578/2d3628da099cdcfa128736c0cc86f59f65da038c9a8dee2b89a3519633ce9053/ggreRUfHPEYIwkR HTTP/2.0
host: challenges.cloudflare.com
cache-control: max-age=0
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ufdit/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 401

date: Thu, 14 Mar 2024 21:01:59 GMT
content-type: text/plain; charset=UTF-8
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gLTYo2gmc3PoShzbAzIb1n2XaA4yaje4riaNRljPOkFMAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAjiuk7Dajfy3wVQxyB8eLJm7Mj7PS4W1wLfvnZQmpHmjQ5NJ3RrZJ07NrLOTH3EtqTVNf5QX_GCsDfSm5nasWfFKknuKqv5UHOnr69Ra7iHwfhwANLte-D8Ki4EBwGscQj3SRyk_CB2ghrFu37y6iC8OL1RoXI9hwD38IQPK_-tGS_wOGwhFuzrDRfKvkDzhJy-0H9XhDYe5xedpczAkcyWUZZCqCV-FnarpuxbX5k80KP-USymOIjQn5IR85Qobg07FNapSPEnkWkwLgSEeeaLU_Juoh-f3_k9QZmG1WbhT_cuFNeAG-RJ_NNuvwr3Kg-x5H8Gh7rog70A6qSpjoUwIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIC02KNoJnNz6Eoc2wMyG9Z9l2gOMmo3uK4mjUZYzzpBTABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAnvwKKzhhiJjOCuPblFCzFrScOkAetWT8wXJwhvhLzrhs8WFuGIZ1sIpZAn8LzGENgfSrkMKcighkUa594hx7MKzaTos03IfprvikEk9yHp6sURRBwxDKoWlGI53q84nlOkxRrfPANVDZGvv9jO__--G8qxHQKBZzows0uXBxHhHSQkyQN0maj67VnA5zHUqDHgqCQVUT8XjHD8WDIuJSUz6q5Uc2xFtgd0qCAy2ULqFNw_OSYDLXAl3kod_tBqp16ehQSQ9KXJS5_SdU6PjcleN8XW_sm7WlDYgtPGIVKPhqpKbUn1l_zu18JbW4NoFpc8gfv3WcQTz-l1E3aBz41QIDAQAB", max-age=20
server: cloudflare
cf-ray: 864733c178f648ce-LHR
alt-svc: h3=":443"; ma=86400
GET

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/864733b2bd8048ce/1710450118585/qY8O56Eiv5kV89w

msedge.exe

Remote address:

104.17.3.184:443

Request

GET /cdn-cgi/challenge-platform/h/b/i/864733b2bd8048ce/1710450118585/qY8O56Eiv5kV89w HTTP/2.0
host: challenges.cloudflare.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ufdit/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:00 GMT
content-type: image/png
server: cloudflare
cf-ray: 864733c3bb9848ce-LHR
alt-svc: h3=":443"; ma=86400
POST

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/474850368:1710447254:UqJo09sxm7LB7PDl5YJvehj4Ba6iBC2fxmN1DrZ0Z5I/864733b2bd8048ce/8b8ff972ea467eb

msedge.exe

Remote address:

104.17.3.184:443

Request

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/474850368:1710447254:UqJo09sxm7LB7PDl5YJvehj4Ba6iBC2fxmN1DrZ0Z5I/864733b2bd8048ce/8b8ff972ea467eb HTTP/2.0
host: challenges.cloudflare.com
content-length: 27910
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
cf-challenge: 8b8ff972ea467eb
content-type: application/x-www-form-urlencoded
accept: */*
origin: https://challenges.cloudflare.com
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ufdit/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:01 GMT
content-type: text/html; charset=UTF-8
cf-chl-out: dYMMVhfnGoSZPAWx1k+eEwzcIQ6Ym6QUN8T5Ht7pkIEoAZ70+iZH+3YVLqzc9bUMbIajJVbDya+yJgMC7hqtGyrYZ59M083hcd4OZmWjP8CN8pHfItH+BK8Mr10gNTrf$kkMLQ8TAqsGm7+ErVlBdlw==
cf-chl-out-s: j0pJUam/HfitQPagWmvnaBuexRu5pg/jD2sU8nzPZOFNzghhjWAh1IHTmclT4/BhAVAvwcfILpZmUoR86vUhCbo/EUJwiGAbjj7DI0pHMsBdet+AU301gXbHUp9PgGfGmkFtCH6G31IHb4NbGBijXJISEkuL2qkqAQwqGkROYRRNTNbAlOsfIjW4ILtPgHupTevqHLrsIjUXf+VpW+R+2qxkHQyP7KZlnjtyNbtGFRjCp0AD3miC0GbGQrKQyg7y2I20qhJFhkXw1XnINdy5TJEUWtP559px9spaIHKqSXA8kNDto+pMBmFaGUzMEAvZLiA3rJzp8YWzMn4sa+d9DkDf5Ya6tf4aeXOjzycGM5SQA5I4ERM+cziJ9EaC/0zPKxlGSjf7HHtnIQBdCMmYTOnUl2qhf+l1EcYHkA36AdGd/BMKUbE9Tr+N5ict+c5wdVOiIk9lpuCPqPnDW05p0ko99QTXxW6LK5DLKt8TkkEADyiDne2XSvvbTwFC8XBKYRUCnLpaecNAj06ZtMvY5rgMPBeW8i26Uqu+8VEuSf+/OYxp1P4Q0QCWf9zNX0ooCJDPbmSyk+kUHxYO3TRloy2CS5R999ZEB+yqagbP6STAvUMNBCk/4za59eWUG8YQ0twq9VeQiCxvBsx54y5ZwQkEx6w/ebjuyc2uXkmZxrVY90D6HKTFMXWwUr20f1gX$8LKKc3kIjMtaXYyD3b1pTg==
server: cloudflare
cf-ray: 864733c7a9cb48ce-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
DNS

184.3.17.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

184.3.17.104.in-addr.arpa

IN PTR

Response
DNS

184.3.17.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

184.3.17.104.in-addr.arpa

IN PTR

Response
DNS

196.249.167.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

196.249.167.52.in-addr.arpa

IN PTR

Response
DNS

196.249.167.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

196.249.167.52.in-addr.arpa

IN PTR
OPTIONS

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.unknowncheats.me%2F&domain=www.unknowncheats.me&cw=1&lsw=1&gdprString=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1

msedge.exe

Remote address:

178.250.1.11:443

Request

OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.unknowncheats.me%2F&domain=www.unknowncheats.me&cw=1&lsw=1&gdprString=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1 HTTP/2.0
host: gum.criteo.com
accept: */*
access-control-request-method: GET
access-control-request-headers: content-type
origin: https://www.unknowncheats.me
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-mode: cors
sec-fetch-site: cross-site
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/json; charset=utf-8
date: Thu, 14 Mar 2024 21:02:02 GMT
server: Kestrel
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.unknowncheats.me
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 421111
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
GET

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.unknowncheats.me%2F&domain=www.unknowncheats.me&cw=1&lsw=1&gdprString=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1

msedge.exe

Remote address:

178.250.1.11:443

Request

GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.unknowncheats.me%2F&domain=www.unknowncheats.me&cw=1&lsw=1&gdprString=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1 HTTP/2.0
host: gum.criteo.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: */*
origin: https://www.unknowncheats.me
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/json; charset=utf-8
date: Thu, 14 Mar 2024 21:02:02 GMT
server: Kestrel
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://www.unknowncheats.me
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 313739
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
OPTIONS

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.unknowncheats.me%2F&domain=www.unknowncheats.me&cw=1&lsw=1&gdprString=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1

msedge.exe

Remote address:

178.250.1.11:443

Request

OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.unknowncheats.me%2F&domain=www.unknowncheats.me&cw=1&lsw=1&gdprString=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1 HTTP/2.0
host: gum.criteo.com
accept: */*
access-control-request-method: GET
access-control-request-headers: content-type
origin: https://www.unknowncheats.me
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-mode: cors
sec-fetch-site: cross-site
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/json; charset=utf-8
date: Thu, 14 Mar 2024 21:02:11 GMT
server: Kestrel
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.unknowncheats.me
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 252803
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
GET

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.unknowncheats.me%2F&domain=www.unknowncheats.me&cw=1&lsw=1&gdprString=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1

msedge.exe

Remote address:

178.250.1.11:443

Request

GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.unknowncheats.me%2F&domain=www.unknowncheats.me&cw=1&lsw=1&gdprString=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1 HTTP/2.0
host: gum.criteo.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: */*
origin: https://www.unknowncheats.me
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/json; charset=utf-8
date: Thu, 14 Mar 2024 21:02:11 GMT
server: Kestrel
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://www.unknowncheats.me
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 286676
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
GET

https://id.a-mx.com/sync/?tagId=&ref=https://www.unknowncheats.me/forum/login.php?do=login&__cf_chl_tk=oys2UE5fdUVVeBheJtCWONjMeFxu0iK76eQUmIAz.Iw-1710450116-0.0.1.1-1642&u=https://www.unknowncheats.me/forum/login.php?do=login&tl=https://www.unknowncheats.me/forum/login.php?do=login&nf=0&rt=true&v=8.40.0&av=2.0&vg=advpbjs&us_privacy=null&am=null&gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA

msedge.exe

Remote address:

79.127.227.46:443

Request

GET /sync/?tagId=&ref=https://www.unknowncheats.me/forum/login.php?do=login&__cf_chl_tk=oys2UE5fdUVVeBheJtCWONjMeFxu0iK76eQUmIAz.Iw-1710450116-0.0.1.1-1642&u=https://www.unknowncheats.me/forum/login.php?do=login&tl=https://www.unknowncheats.me/forum/login.php?do=login&nf=0&rt=true&v=8.40.0&av=2.0&vg=advpbjs&us_privacy=null&am=null&gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA HTTP/1.1
Host: id.a-mx.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
Accept: */*
Origin: https://www.unknowncheats.me
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.unknowncheats.me/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

date: Thu, 14 Mar 2024 21:02:02 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.unknowncheats.me
content-type: application/json
content-length: 66
DNS

86.23.85.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

86.23.85.13.in-addr.arpa

IN PTR

Response
DNS

86.23.85.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

86.23.85.13.in-addr.arpa

IN PTR

Response
DNS

154.239.44.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

154.239.44.20.in-addr.arpa

IN PTR

Response
DNS

154.239.44.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

154.239.44.20.in-addr.arpa

IN PTR
DNS

198.187.3.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

198.187.3.20.in-addr.arpa

IN PTR

Response
DNS

198.187.3.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

198.187.3.20.in-addr.arpa

IN PTR
DNS

134.71.91.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

134.71.91.104.in-addr.arpa

IN PTR

Response

134.71.91.104.in-addr.arpa

IN PTR

a104-91-71-134deploystaticakamaitechnologiescom
DNS

rtid.tapad.com

msedge.exe

Remote address:

8.8.8.8:53

Request

rtid.tapad.com

IN A

Response

rtid.tapad.com

IN A

35.244.252.209
DNS

rtid.tapad.com

msedge.exe

Remote address:

8.8.8.8:53

Request

rtid.tapad.com

IN A

Response

rtid.tapad.com

IN A

35.244.252.209
OPTIONS

https://rtid.tapad.com/acc/MX7zwKYH0e/ids?gdpr=true&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA

msedge.exe

Remote address:

35.244.252.209:443

Request

OPTIONS /acc/MX7zwKYH0e/ids?gdpr=true&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA HTTP/2.0
host: rtid.tapad.com
accept: */*
access-control-request-method: GET
access-control-request-headers: content-type
origin: https://www.unknowncheats.me
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-mode: cors
sec-fetch-site: cross-site
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://rtid.tapad.com/acc/MX7zwKYH0e/ids?gdpr=true&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA

msedge.exe

Remote address:

35.244.252.209:443

Request

GET /acc/MX7zwKYH0e/ids?gdpr=true&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA HTTP/2.0
host: rtid.tapad.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: */*
origin: https://www.unknowncheats.me
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

ib.adnxs-simple.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ib.adnxs-simple.com

IN A

Response

ib.adnxs-simple.com

IN CNAME

fra1-ib.adnxs-simple.com

fra1-ib.adnxs-simple.com

IN CNAME

fra1-ib.adnxs.com

fra1-ib.adnxs.com

IN A

37.252.171.21

fra1-ib.adnxs.com

IN A

37.252.173.215

fra1-ib.adnxs.com

IN A

37.252.171.52

fra1-ib.adnxs.com

IN A

37.252.171.53

fra1-ib.adnxs.com

IN A

37.252.171.85

fra1-ib.adnxs.com

IN A

37.252.171.149

fra1-ib.adnxs.com

IN A

37.252.172.123
DNS

ib.adnxs-simple.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ib.adnxs-simple.com

IN A

Response

ib.adnxs-simple.com

IN CNAME

ams3-ib.adnxs-simple.com

ams3-ib.adnxs-simple.com

IN CNAME

ams3-ib.adnxs.com

ams3-ib.adnxs.com

IN A

185.89.210.180

ams3-ib.adnxs.com

IN A

185.89.210.90

ams3-ib.adnxs.com

IN A

185.89.210.141

ams3-ib.adnxs.com

IN A

185.89.211.84

ams3-ib.adnxs.com

IN A

185.89.210.212

ams3-ib.adnxs.com

IN A

185.89.210.244

ams3-ib.adnxs.com

IN A

185.89.210.122

ams3-ib.adnxs.com

IN A

185.89.210.82

ams3-ib.adnxs.com

IN A

185.89.211.12

ams3-ib.adnxs.com

IN A

185.89.210.153

ams3-ib.adnxs.com

IN A

185.89.210.20

ams3-ib.adnxs.com

IN A

185.89.210.46
DNS

hbopenbid.pubmatic.com

msedge.exe

Remote address:

8.8.8.8:53

Request

hbopenbid.pubmatic.com

IN A

Response

hbopenbid.pubmatic.com

IN CNAME

hbprebid-v3.pubmnet.com

hbprebid-v3.pubmnet.com

IN CNAME

hbopenbid-lhrc.pubmnet.com

hbopenbid-lhrc.pubmnet.com

IN A

185.64.190.77
DNS

hbopenbid.pubmatic.com

msedge.exe

Remote address:

8.8.8.8:53

Request

hbopenbid.pubmatic.com

IN A

Response

hbopenbid.pubmatic.com

IN CNAME

hbprebid-v3.pubmnet.com

hbprebid-v3.pubmnet.com

IN CNAME

hbopenbid-ams.pubmnet.com

hbopenbid-ams.pubmnet.com

IN A

185.64.189.112
DNS

web.hb.ad.cpe.dotomi.com

msedge.exe

Remote address:

8.8.8.8:53

Request

web.hb.ad.cpe.dotomi.com

IN A

Response

web.hb.ad.cpe.dotomi.com

IN CNAME

convex-rr.global.dual.dotomi.weighted.com.akadns.net

convex-rr.global.dual.dotomi.weighted.com.akadns.net

IN A

63.215.202.146

convex-rr.global.dual.dotomi.weighted.com.akadns.net

IN A

89.207.16.210

convex-rr.global.dual.dotomi.weighted.com.akadns.net

IN A

64.158.223.146

convex-rr.global.dual.dotomi.weighted.com.akadns.net

IN A

63.215.202.178

convex-rr.global.dual.dotomi.weighted.com.akadns.net

IN A

89.207.16.146
DNS

ads.servenobid.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ads.servenobid.com

IN A

Response

ads.servenobid.com

IN A

54.246.136.8

ads.servenobid.com

IN A

54.228.145.228

ads.servenobid.com

IN A

52.17.202.104

ads.servenobid.com

IN A

52.16.111.73

ads.servenobid.com

IN A

54.216.191.62

ads.servenobid.com

IN A

34.253.37.220
DNS

ads.servenobid.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ads.servenobid.com

IN A

Response

ads.servenobid.com

IN A

34.253.37.220

ads.servenobid.com

IN A

54.228.145.228

ads.servenobid.com

IN A

52.16.111.73

ads.servenobid.com

IN A

52.17.202.104

ads.servenobid.com

IN A

54.246.136.8

ads.servenobid.com

IN A

54.216.191.62
DNS

prebid.media.net

msedge.exe

Remote address:

8.8.8.8:53

Request

prebid.media.net

IN A

Response

prebid.media.net

IN A

34.120.63.153
DNS

prebid.media.net

msedge.exe

Remote address:

8.8.8.8:53

Request

prebid.media.net

IN A

Response

prebid.media.net

IN A

34.120.63.153
DNS

cpm.qortex.ai

msedge.exe

Remote address:

8.8.8.8:53

Request

cpm.qortex.ai

IN A

Response

cpm.qortex.ai

IN CNAME

catapultx.cpm.ak-is2.net

catapultx.cpm.ak-is2.net

IN CNAME

1.cpm.ak-is2.net

1.cpm.ak-is2.net

IN A

77.245.57.72
DNS

ads.betweendigital.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ads.betweendigital.com

IN A

Response

ads.betweendigital.com

IN CNAME

ssp.ads.betweendigital.com

ssp.ads.betweendigital.com

IN A

188.42.189.197

ssp.ads.betweendigital.com

IN A

188.42.34.65

ssp.ads.betweendigital.com

IN A

188.42.189.231

ssp.ads.betweendigital.com

IN A

188.42.196.115

ssp.ads.betweendigital.com

IN A

188.42.34.64

ssp.ads.betweendigital.com

IN A

188.42.191.196
DNS

ads.betweendigital.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ads.betweendigital.com

IN A

Response

ads.betweendigital.com

IN CNAME

ssp.ads.betweendigital.com

ssp.ads.betweendigital.com

IN A

188.42.34.65

ssp.ads.betweendigital.com

IN A

188.42.189.197

ssp.ads.betweendigital.com

IN A

188.42.189.231

ssp.ads.betweendigital.com

IN A

188.42.196.115

ssp.ads.betweendigital.com

IN A

188.42.34.64

ssp.ads.betweendigital.com

IN A

188.42.191.196
DNS

prebid.dblks.net

msedge.exe

Remote address:

8.8.8.8:53

Request

prebid.dblks.net

IN A

Response

prebid.dblks.net

IN A

199.212.255.178

prebid.dblks.net

IN A

199.212.255.179
DNS

fastlane.rubiconproject.com

msedge.exe

Remote address:

8.8.8.8:53

Request

fastlane.rubiconproject.com

IN A

Response

fastlane.rubiconproject.com

IN CNAME

tagged-by.rubiconproject.net.akadns.net

tagged-by.rubiconproject.net.akadns.net

IN A

213.19.162.21
DNS

fastlane.rubiconproject.com

msedge.exe

Remote address:

8.8.8.8:53

Request

fastlane.rubiconproject.com

IN A

Response

fastlane.rubiconproject.com

IN CNAME

tagged-by.rubiconproject.net.akadns.net

tagged-by.rubiconproject.net.akadns.net

IN A

213.19.162.21
DNS

apex.go.sonobi.com

msedge.exe

Remote address:

8.8.8.8:53

Request

apex.go.sonobi.com

IN A

Response

apex.go.sonobi.com

IN CNAME

iad-2-apex.go.sonobi.com

iad-2-apex.go.sonobi.com

IN A

69.166.1.8

iad-2-apex.go.sonobi.com

IN A

69.166.1.9

iad-2-apex.go.sonobi.com

IN A

69.166.1.32

iad-2-apex.go.sonobi.com

IN A

69.166.1.64
DNS

apex.go.sonobi.com

msedge.exe

Remote address:

8.8.8.8:53

Request

apex.go.sonobi.com

IN A

Response

apex.go.sonobi.com

IN CNAME

iad-2-apex.go.sonobi.com

iad-2-apex.go.sonobi.com

IN A

69.166.1.8

iad-2-apex.go.sonobi.com

IN A

69.166.1.9

iad-2-apex.go.sonobi.com

IN A

69.166.1.32

iad-2-apex.go.sonobi.com

IN A

69.166.1.64
POST

https://hbopenbid.pubmatic.com/translator?source=prebid-client

msedge.exe

Remote address:

185.64.190.77:443

Request

POST /translator?source=prebid-client HTTP/2.0
host: hbopenbid.pubmatic.com
content-length: 2715
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
accept: */*
origin: https://www.unknowncheats.me
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

access-control-allow-credentials: true
access-control-allow-origin: https://www.unknowncheats.me
cache-control: no-cache, no-store, must-revalidate
date: Thu, 14 Mar 2024 21:02:14 GMT
POST

https://ib.adnxs-simple.com/ut/v3/prebid

msedge.exe

Remote address:

37.252.171.21:443

Request

POST /ut/v3/prebid HTTP/2.0
host: ib.adnxs-simple.com
content-length: 2437
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
accept: */*
origin: https://www.unknowncheats.me
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx/1.23.4
date: Thu, 14 Mar 2024 21:02:12 GMT
content-type: application/json; charset=utf-8
content-length: 138
cache-control: no-store, no-cache, private
pragma: no-cache
expires: Sat, 15 Nov 2008 16:00:00 GMT
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-xss-protection: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www.unknowncheats.me
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
an-x-request-uuid: 251f7c0c-af73-4fa9-9a32-f7b262148e9f
x-proxy-origin: 89.149.23.59; 89.149.23.59; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs-simple.com
POST

https://prebid.dblks.net/openrtb/?sid=2726059

msedge.exe

Remote address:

199.212.255.178:443

Request

POST /openrtb/?sid=2726059 HTTP/2.0
host: prebid.dblks.net
content-length: 7004
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
accept: */*
origin: https://www.unknowncheats.me
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx/1.20.1
date: Thu, 14 Mar 2024 21:01:59 GMT
content-type: application/json; charset=utf-8
content-length: 160
x-powered-by: Express
cache-control: max-age=0, no-cache, no-store, private
x-openrtb-version: 2.5
etag: W/"a0-YEfOQqxh6YplwpOyt6TX5v8zD1I"
access-control-allow-credentials: true
access-control-allow-origin: https://www.unknowncheats.me
POST

https://cpm.qortex.ai/hb?zone=209763&v=1.6

msedge.exe

Remote address:

77.245.57.72:443

Request

POST /hb?zone=209763&v=1.6 HTTP/1.1
Host: cpm.qortex.ai
Connection: keep-alive
Content-Length: 2203
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
Accept: */*
Origin: https://www.unknowncheats.me
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.unknowncheats.me/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 204 No Content

Server: nginx
Date: Thu, 14 Mar 2024 21:02:12 GMT
Content-Length: 0
Connection: close
Access-Control-Allow-Origin: https://www.unknowncheats.me
Cache-Control: no-store
Access-Control-Allow-Credentials: true
POST

https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25

msedge.exe

Remote address:

63.215.202.146:443

Request

POST /cvx/client/hb/ortb/25 HTTP/2.0
host: web.hb.ad.cpe.dotomi.com
content-length: 3041
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
accept: */*
origin: https://www.unknowncheats.me
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

server: nginx
date: Thu, 14 Mar 2024 21:02:12 GMT
cache-control: no-cache
access-control-allow-origin: https://www.unknowncheats.me
access-control-allow-credentials: true
pragma: no-cache
expires: 0
accept-ch: Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
POST

https://ads.servenobid.com/adreq?cb=8573

msedge.exe

Remote address:

54.246.136.8:443

Request

POST /adreq?cb=8573 HTTP/2.0
host: ads.servenobid.com
content-length: 2687
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
accept: */*
origin: https://www.unknowncheats.me
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:12 GMT
content-type: application/json
access-control-allow-origin: https://www.unknowncheats.me
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
vary: accept-encoding
content-encoding: gzip
POST

https://prebid.media.net/rtb/prebid?cid=8CU658616

msedge.exe

Remote address:

34.120.63.153:443

Request

POST /rtb/prebid?cid=8CU658616 HTTP/2.0
host: prebid.media.net
content-length: 3293
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
accept: */*
origin: https://www.unknowncheats.me
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
POST

https://ads.betweendigital.com/adjson?t=prebid

msedge.exe

Remote address:

188.42.189.197:443

Request

POST /adjson?t=prebid HTTP/2.0
host: ads.betweendigital.com
content-length: 1206
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
accept: */*
origin: https://www.unknowncheats.me
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-origin: https://www.unknowncheats.me
access-control-allow-credentials: true
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 14 Mar 2025 21:02:12 GMT; Path=/; Domain=.betweendigital.com
set-cookie: unm=1; Max-Age=31536000; Expires=Fri, 14 Mar 2025 21:02:12 GMT; Path=/; Domain=.betweendigital.com
vary: Accept-Encoding
content-encoding: gzip
GET

https://ads.betweendigital.com/sspmatch-iframe

msedge.exe

Remote address:

188.42.189.197:443

Request

GET /sspmatch-iframe HTTP/2.0
host: ads.betweendigital.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

location: /sspmatch-iframe?crf=1&rts=-381177966890668688
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 14 Mar 2025 21:02:16 GMT; Path=/; Domain=.betweendigital.com
set-cookie: tuuid=0fa2ef7e-c420-524b-8696-cca3e365a97b; Max-Age=31536000; Expires=Fri, 14 Mar 2025 21:02:16 GMT; Path=/; Domain=.betweendigital.com
set-cookie: ut=ZfNl2AAH70DvD0NfZ2Y12aHG46GSTx26cIWddw==; Max-Age=31536000; Expires=Fri, 14 Mar 2025 21:02:16 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
GET

https://ads.betweendigital.com/sspmatch-iframe?crf=1&rts=-381177966890668688

msedge.exe

Remote address:

188.42.189.197:443

Request

GET /sspmatch-iframe?crf=1&rts=-381177966890668688 HTTP/2.0
host: ads.betweendigital.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 14 Mar 2025 21:02:16 GMT; Path=/; Domain=.betweendigital.com
set-cookie: tuuid=a668077b-5b23-524b-8916-dc76ece5b9ae; Max-Age=31536000; Expires=Fri, 14 Mar 2025 21:02:16 GMT; Path=/; Domain=.betweendigital.com
set-cookie: ut=ZfNl2AAMUFiVCQBiQj9J-aQJJ3OdvTsZsmu1sg==; Max-Age=31536000; Expires=Fri, 14 Mar 2025 21:02:16 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
GET

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22870c3a7186680b%22%3A%2285c026675607aed667b1%7C728x90%7Cgpid%3D%2F22812648954%2Funknowncheats.me%2FFooter_lb2_Downloads%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%3Fdo%3Dfile%26id%3D43877&s=13e734f1-9f28-47d4-8ff5-7d3a2c2a4b16&pv=0bf1d184-ed13-4f1d-871a-1d380485851f&vp=desktop&lib_name=prebid&lib_v=8.40.0&us=5&iqid=%7B%22pcid%22%3A%221e874c0b-6307-488f-8a58-c248090dc017%22%2C%22pcidDate%22%3A1710450131124%7D&fpd=%7B%22source%22%3A%7B%22tid%22%3A%22c2bff51b-e6df-493f-bf2b-365f326c4b64%22%7D%2C%22site%22%3A%7B%22domain%22%3A%22unknowncheats.me%22%2C%22keywords%22%3A%22cheats%2Chacks%2Cgamehack%2Cgamecheat%2Cgamehacking%2Cgamecheating%2Cgamehacker%2Chacktool%2Ccheattool%2Chackdownload%2Ccheatdownload%2Cgamehacktutorial%2Cgamecheattutorial%2Cgamecheattool%2Cgamehacktool%2Cgamecheatdownload%2Chackdownload%2Cgamehacktutorial%2Cgamecheattutorial%2Cgamehackingwiki%2Cgamecheatingwiki%2Chackinjector%2Ccheatinjector%2Cfreegamehacks%2Cfreegamecheats%2Cundetectedhack%2Cundetectedcheat%2Chackcoding%2Ccheatcoding%2Caimbot%2Cesp%2Cwallhack%2Cchams%2Csourcecode%2Cbypass%2Cdirect3d%2Cbypass%2Canticheatbypass%22%2C%22publisher%22%3A%7B%22domain%22%3A%22unknowncheats.me%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%3Fdo%3Dfile%26id%3D43877%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Flogin.php%3Fdo%3Dlogin%22%2C%22cat%22%3A%5B%5D%2C%22sectioncat%22%3A%5B%5D%2C%22pagecat%22%3A%5B%5D%2C%22content%22%3A%7B%22data%22%3A%5B%7B%22ext%22%3A%7B%22segtax%22%3A7%7D%2C%22segment%22%3A%5B%5D%7D%5D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1280%2C%22h%22%3A609%2C%22dnt%22%3A1%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F92.0.4515.131%20Safari%2F537.36%20Edg%2F92.0.902.67%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%5B%2292%22%5D%7D%2C%7B%22brand%22%3A%22%20Not%20A%3BBrand%22%2C%22version%22%3A%5B%2299%22%5D%7D%2C%7B%22brand%22%3A%22Microsoft%20Edge%22%2C%22version%22%3A%5B%2292%22%5D%7D%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&gdpr=true&consent_string=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22advally.com%22%2C%22sid%22%3A%22P33S16%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22adtelligent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%227zHQ7jeVj9jjZ-C5BNWs-8whLHNGyMrti2y7yDYkq1qbeJM4fJi91RMm%22%2C%22atype%22%3A3%7D%5D%7D%2C%7B%22source%22%3A%22amxdt.net%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22amx*r*8ecfb281-e68c-43a9-aa77-cf301426b0c9%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%2C%22pba%22%3A%221j5f%2BSXyi5GodUdkxlOnLw%3D%3D%22%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22cedc501d-871a-4e4d-85de-d6e12f4b1f0f%22%2C%22atype%22%3A1%7D%5D%7D%5D&kw=cheats%2Chacks%2Cgamehack%2Cgamecheat%2Cgamehacking%2Cgamecheating%2Cgamehacker%2Chacktool%2Ccheattool%2Chackdownload%2Ccheatdownload%2Cgamehacktutorial%2Cgamecheattutorial%2Cgamecheattool%2Cgamehacktool%2Cgamecheatdownload%2Cgamehackingwiki%2Cgamecheatingwiki%2Chackinjector%2Ccheatinjector%2Cfreegamehacks%2Cfreegamecheats%2Cundetectedhack%2Cundetectedcheat%2Chackcoding%2Ccheatcoding%2Caimbot%2Cesp%2Cwallhack%2Cchams%2Csourcecode%2Cbypass%2Cdirect3d%2Canticheatbypass&coppa=0

msedge.exe

Remote address:

69.166.1.8:443

Request

GET /trinity.json?key_maker=%7B%22870c3a7186680b%22%3A%2285c026675607aed667b1%7C728x90%7Cgpid%3D%2F22812648954%2Funknowncheats.me%2FFooter_lb2_Downloads%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%3Fdo%3Dfile%26id%3D43877&s=13e734f1-9f28-47d4-8ff5-7d3a2c2a4b16&pv=0bf1d184-ed13-4f1d-871a-1d380485851f&vp=desktop&lib_name=prebid&lib_v=8.40.0&us=5&iqid=%7B%22pcid%22%3A%221e874c0b-6307-488f-8a58-c248090dc017%22%2C%22pcidDate%22%3A1710450131124%7D&fpd=%7B%22source%22%3A%7B%22tid%22%3A%22c2bff51b-e6df-493f-bf2b-365f326c4b64%22%7D%2C%22site%22%3A%7B%22domain%22%3A%22unknowncheats.me%22%2C%22keywords%22%3A%22cheats%2Chacks%2Cgamehack%2Cgamecheat%2Cgamehacking%2Cgamecheating%2Cgamehacker%2Chacktool%2Ccheattool%2Chackdownload%2Ccheatdownload%2Cgamehacktutorial%2Cgamecheattutorial%2Cgamecheattool%2Cgamehacktool%2Cgamecheatdownload%2Chackdownload%2Cgamehacktutorial%2Cgamecheattutorial%2Cgamehackingwiki%2Cgamecheatingwiki%2Chackinjector%2Ccheatinjector%2Cfreegamehacks%2Cfreegamecheats%2Cundetectedhack%2Cundetectedcheat%2Chackcoding%2Ccheatcoding%2Caimbot%2Cesp%2Cwallhack%2Cchams%2Csourcecode%2Cbypass%2Cdirect3d%2Cbypass%2Canticheatbypass%22%2C%22publisher%22%3A%7B%22domain%22%3A%22unknowncheats.me%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%3Fdo%3Dfile%26id%3D43877%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Flogin.php%3Fdo%3Dlogin%22%2C%22cat%22%3A%5B%5D%2C%22sectioncat%22%3A%5B%5D%2C%22pagecat%22%3A%5B%5D%2C%22content%22%3A%7B%22data%22%3A%5B%7B%22ext%22%3A%7B%22segtax%22%3A7%7D%2C%22segment%22%3A%5B%5D%7D%5D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1280%2C%22h%22%3A609%2C%22dnt%22%3A1%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F92.0.4515.131%20Safari%2F537.36%20Edg%2F92.0.902.67%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%5B%2292%22%5D%7D%2C%7B%22brand%22%3A%22%20Not%20A%3BBrand%22%2C%22version%22%3A%5B%2299%22%5D%7D%2C%7B%22brand%22%3A%22Microsoft%20Edge%22%2C%22version%22%3A%5B%2292%22%5D%7D%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&gdpr=true&consent_string=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22advally.com%22%2C%22sid%22%3A%22P33S16%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22adtelligent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%227zHQ7jeVj9jjZ-C5BNWs-8whLHNGyMrti2y7yDYkq1qbeJM4fJi91RMm%22%2C%22atype%22%3A3%7D%5D%7D%2C%7B%22source%22%3A%22amxdt.net%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22amx*r*8ecfb281-e68c-43a9-aa77-cf301426b0c9%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%2C%22pba%22%3A%221j5f%2BSXyi5GodUdkxlOnLw%3D%3D%22%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22cedc501d-871a-4e4d-85de-d6e12f4b1f0f%22%2C%22atype%22%3A1%7D%5D%7D%5D&kw=cheats%2Chacks%2Cgamehack%2Cgamecheat%2Cgamehacking%2Cgamecheating%2Cgamehacker%2Chacktool%2Ccheattool%2Chackdownload%2Ccheatdownload%2Cgamehacktutorial%2Cgamecheattutorial%2Cgamecheattool%2Cgamehacktool%2Cgamecheatdownload%2Cgamehackingwiki%2Cgamecheatingwiki%2Chackinjector%2Ccheatinjector%2Cfreegamehacks%2Cfreegamecheats%2Cundetectedhack%2Cundetectedcheat%2Chackcoding%2Ccheatcoding%2Caimbot%2Cesp%2Cwallhack%2Cchams%2Csourcecode%2Cbypass%2Cdirect3d%2Canticheatbypass&coppa=0 HTTP/2.0
host: apex.go.sonobi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
accept: */*
origin: https://www.unknowncheats.me
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:12 GMT
content-type: application/json
content-length: 337
content-encoding: gzip
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache, no-store, private
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
tcn: Choice
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-202
x-xss-protection: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www.unknowncheats.me
set-cookie: __uis=bb66c8c9-bd34-434a-9085-569f778050e4; expires=Sat, 13 Apr 2024 21:02:11 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None
set-cookie: _usd_unknowncheats.me=0bf1d184-ed13-4f1d-871a-1d380485851f; expires=Fri, 15 Mar 2024 21:02:11 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None
set-cookie: __uih=1; expires=Thu, 14 Mar 2024 21:07:11 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None
set-cookie: HAPLB8G=s86202|ZfNl1; path=/; domain=.go.sonobi.com; SameSite=none; Secure
server: sonobi-go
GET

https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18852&site_id=208940&zone_id=1028022&size_id=2&gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&rp_schain=1.0,1!advally.com,P33S16,1,,,&eid_adtelligent.com=7zHQ7jeVj9jjZ-C5BNWs-8whLHNGyMrti2y7yDYkq1qbeJM4fJi91RMm%5E3&eid_amxdt.net=amx*r*8ecfb281-e68c-43a9-aa77-cf301426b0c9%5E1&eid_id5-sync.com=0%5E1%5E&eid_pubcid.org=cedc501d-871a-4e4d-85de-d6e12f4b1f0f%5E1&rf=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%3Fdo%3Dfile%26id%3D43877&kw=cheats%2Chacks%2Cgamehack%2Cgamecheat%2Cgamehacking%2Cgamecheating%2Cgamehacker%2Chacktool%2Ccheattool%2Chackdownload%2Ccheatdownload%2Cgamehacktutorial%2Cgamecheattutorial%2Cgamecheattool%2Cgamehacktool%2Cgamecheatdownload%2Chackdownload%2Cgamehacktutorial%2Cgamecheattutorial%2Cgamehackingwiki%2Cgamecheatingwiki%2Chackinjector%2Ccheatinjector%2Cfreegamehacks%2Cfreegamecheats%2Cundetectedhack%2Cundetectedcheat%2Chackcoding%2Ccheatcoding%2Caimbot%2Cesp%2Cwallhack%2Cchams%2Csourcecode%2Cbypass%2Cdirect3d%2Cbypass%2Canticheatbypass&tg_i.domain=unknowncheats.me&tg_i.page=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%3Fdo%3Dfile%26id%3D43877&tg_i.ref=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Flogin.php%3Fdo%3Dlogin&tg_i.pbadslot=%2F22812648954%2Funknowncheats.me%2FFooter_lb2_Downloads&tk_flint=pbjs_lite_v8.40.0&x_source.tid=c2bff51b-e6df-493f-bf2b-365f326c4b64&l_pb_bid_id=67b85310ec263d&p_screen_res=1280x720&rp_secure=1&x_imp.ext.tid=194c324b-8dbe-4e23-a404-71647d8a7cbe&rp_maxbids=1&p_gpid=%2F22812648954%2Funknowncheats.me%2FFooter_lb2_Downloads&m_ch_ua=%22Chromium%22%7Cv%3D%2292%22%2C%22%20Not%20A%3BBrand%22%7Cv%3D%2299%22%2C%22Microsoft%20Edge%22%7Cv%3D%2292%22&m_ch_full_ver=%22Chromium%22%7Cv%3D%2292%22%2C%22%20Not%20A%3BBrand%22%7Cv%3D%2299%22%2C%22Microsoft%20Edge%22%7Cv%3D%2292%22&m_ch_mobile=%3F0&slots=1&rand=0.8980015469693352

msedge.exe

Remote address:

213.19.162.21:443

Request

GET /a/api/fastlane.json?account_id=18852&site_id=208940&zone_id=1028022&size_id=2&gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&rp_schain=1.0,1!advally.com,P33S16,1,,,&eid_adtelligent.com=7zHQ7jeVj9jjZ-C5BNWs-8whLHNGyMrti2y7yDYkq1qbeJM4fJi91RMm%5E3&eid_amxdt.net=amx*r*8ecfb281-e68c-43a9-aa77-cf301426b0c9%5E1&eid_id5-sync.com=0%5E1%5E&eid_pubcid.org=cedc501d-871a-4e4d-85de-d6e12f4b1f0f%5E1&rf=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%3Fdo%3Dfile%26id%3D43877&kw=cheats%2Chacks%2Cgamehack%2Cgamecheat%2Cgamehacking%2Cgamecheating%2Cgamehacker%2Chacktool%2Ccheattool%2Chackdownload%2Ccheatdownload%2Cgamehacktutorial%2Cgamecheattutorial%2Cgamecheattool%2Cgamehacktool%2Cgamecheatdownload%2Chackdownload%2Cgamehacktutorial%2Cgamecheattutorial%2Cgamehackingwiki%2Cgamecheatingwiki%2Chackinjector%2Ccheatinjector%2Cfreegamehacks%2Cfreegamecheats%2Cundetectedhack%2Cundetectedcheat%2Chackcoding%2Ccheatcoding%2Caimbot%2Cesp%2Cwallhack%2Cchams%2Csourcecode%2Cbypass%2Cdirect3d%2Cbypass%2Canticheatbypass&tg_i.domain=unknowncheats.me&tg_i.page=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%3Fdo%3Dfile%26id%3D43877&tg_i.ref=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Flogin.php%3Fdo%3Dlogin&tg_i.pbadslot=%2F22812648954%2Funknowncheats.me%2FFooter_lb2_Downloads&tk_flint=pbjs_lite_v8.40.0&x_source.tid=c2bff51b-e6df-493f-bf2b-365f326c4b64&l_pb_bid_id=67b85310ec263d&p_screen_res=1280x720&rp_secure=1&x_imp.ext.tid=194c324b-8dbe-4e23-a404-71647d8a7cbe&rp_maxbids=1&p_gpid=%2F22812648954%2Funknowncheats.me%2FFooter_lb2_Downloads&m_ch_ua=%22Chromium%22%7Cv%3D%2292%22%2C%22%20Not%20A%3BBrand%22%7Cv%3D%2299%22%2C%22Microsoft%20Edge%22%7Cv%3D%2292%22&m_ch_full_ver=%22Chromium%22%7Cv%3D%2292%22%2C%22%20Not%20A%3BBrand%22%7Cv%3D%2299%22%2C%22Microsoft%20Edge%22%7Cv%3D%2292%22&m_ch_mobile=%3F0&slots=1&rand=0.8980015469693352 HTTP/2.0
host: fastlane.rubiconproject.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
accept: */*
origin: https://www.unknowncheats.me
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx/1.21.4
date: Thu, 14 Mar 2024 21:02:13 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.unknowncheats.me
pragma: no-cache
vary: Accept-Encoding
content-length: 482
DNS

209.252.244.35.in-addr.arpa

Remote address:

8.8.8.8:53

Request

209.252.244.35.in-addr.arpa

IN PTR

Response

209.252.244.35.in-addr.arpa

IN PTR

20925224435bcgoogleusercontentcom
DNS

209.252.244.35.in-addr.arpa

Remote address:

8.8.8.8:53

Request

209.252.244.35.in-addr.arpa

IN PTR

Response

209.252.244.35.in-addr.arpa

IN PTR

20925224435bcgoogleusercontentcom
DNS

77.190.64.185.in-addr.arpa

Remote address:

8.8.8.8:53

Request

77.190.64.185.in-addr.arpa

IN PTR

Response
DNS

77.190.64.185.in-addr.arpa

Remote address:

8.8.8.8:53

Request

77.190.64.185.in-addr.arpa

IN PTR

Response
DNS

21.171.252.37.in-addr.arpa

Remote address:

8.8.8.8:53

Request

21.171.252.37.in-addr.arpa

IN PTR

Response

21.171.252.37.in-addr.arpa

IN PTR

1004bm-nginx-loadbalancermgmtfra1adnexusnet
DNS

21.171.252.37.in-addr.arpa

Remote address:

8.8.8.8:53

Request

21.171.252.37.in-addr.arpa

IN PTR

Response

21.171.252.37.in-addr.arpa

IN PTR

1004bm-nginx-loadbalancermgmtfra1adnexusnet
DNS

146.202.215.63.in-addr.arpa

Remote address:

8.8.8.8:53

Request

146.202.215.63.in-addr.arpa

IN PTR

Response

146.202.215.63.in-addr.arpa

IN PTR

ams01-convex-float1dotomicom
DNS

146.202.215.63.in-addr.arpa

Remote address:

8.8.8.8:53

Request

146.202.215.63.in-addr.arpa

IN PTR

Response

146.202.215.63.in-addr.arpa

IN PTR

ams01-convex-float1dotomicom
DNS

153.63.120.34.in-addr.arpa

Remote address:

8.8.8.8:53

Request

153.63.120.34.in-addr.arpa

IN PTR

Response

153.63.120.34.in-addr.arpa

IN PTR

1536312034bcgoogleusercontentcom
DNS

72.57.245.77.in-addr.arpa

Remote address:

8.8.8.8:53

Request

72.57.245.77.in-addr.arpa

IN PTR

Response
DNS

21.162.19.213.in-addr.arpa

Remote address:

8.8.8.8:53

Request

21.162.19.213.in-addr.arpa

IN PTR

Response
DNS

21.162.19.213.in-addr.arpa

Remote address:

8.8.8.8:53

Request

21.162.19.213.in-addr.arpa

IN PTR

Response
DNS

8.136.246.54.in-addr.arpa

Remote address:

8.8.8.8:53

Request

8.136.246.54.in-addr.arpa

IN PTR

Response

8.136.246.54.in-addr.arpa

IN PTR

ec2-54-246-136-8 eu-west-1compute amazonawscom
DNS

178.255.212.199.in-addr.arpa

Remote address:

8.8.8.8:53

Request

178.255.212.199.in-addr.arpa

IN PTR

Response
DNS

178.255.212.199.in-addr.arpa

Remote address:

8.8.8.8:53

Request

178.255.212.199.in-addr.arpa

IN PTR

Response
DNS

197.189.42.188.in-addr.arpa

Remote address:

8.8.8.8:53

Request

197.189.42.188.in-addr.arpa

IN PTR

Response
DNS

197.189.42.188.in-addr.arpa

Remote address:

8.8.8.8:53

Request

197.189.42.188.in-addr.arpa

IN PTR

Response
DNS

8.1.166.69.in-addr.arpa

Remote address:

8.8.8.8:53

Request

8.1.166.69.in-addr.arpa

IN PTR

Response
DNS

b6351696394dffd7514614659b5d9454.safeframe.googlesyndication.com

msedge.exe

Remote address:

8.8.8.8:53

Request

b6351696394dffd7514614659b5d9454.safeframe.googlesyndication.com

IN A

Response

b6351696394dffd7514614659b5d9454.safeframe.googlesyndication.com

IN CNAME

pagead-googlehosted.l.google.com

pagead-googlehosted.l.google.com

IN A

216.58.204.65
DNS

b6351696394dffd7514614659b5d9454.safeframe.googlesyndication.com

msedge.exe

Remote address:

8.8.8.8:53

Request

b6351696394dffd7514614659b5d9454.safeframe.googlesyndication.com

IN A

Response

b6351696394dffd7514614659b5d9454.safeframe.googlesyndication.com

IN CNAME

pagead-googlehosted.l.google.com

pagead-googlehosted.l.google.com

IN A

216.58.204.65
DNS

cdn.ampproject.org

msedge.exe

Remote address:

8.8.8.8:53

Request

cdn.ampproject.org

IN A

Response

cdn.ampproject.org

IN CNAME

cdn-content.ampproject.org

cdn-content.ampproject.org

IN A

142.250.180.1
DNS

cdn.ampproject.org

msedge.exe

Remote address:

8.8.8.8:53

Request

cdn.ampproject.org

IN A

Response

cdn.ampproject.org

IN CNAME

cdn-content.ampproject.org

cdn-content.ampproject.org

IN A

142.250.180.1
GET

https://cdn.ampproject.org/rtv/012402262017000/amp4ads-v0.js

msedge.exe

Remote address:

142.250.180.1:443

Request

GET /rtv/012402262017000/amp4ads-v0.js HTTP/2.0
host: cdn.ampproject.org
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://cdn.ampproject.org/rtv/012402262017000/v0/amp-ad-exit-0.1.js

msedge.exe

Remote address:

142.250.180.1:443

Request

GET /rtv/012402262017000/v0/amp-ad-exit-0.1.js HTTP/2.0
host: cdn.ampproject.org
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://cdn.ampproject.org/rtv/012402262017000/v0/amp-analytics-0.1.js

msedge.exe

Remote address:

142.250.180.1:443

Request

GET /rtv/012402262017000/v0/amp-analytics-0.1.js HTTP/2.0
host: cdn.ampproject.org
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://cdn.ampproject.org/rtv/012402262017000/v0/amp-fit-text-0.1.js

msedge.exe

Remote address:

142.250.180.1:443

Request

GET /rtv/012402262017000/v0/amp-fit-text-0.1.js HTTP/2.0
host: cdn.ampproject.org
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://cdn.ampproject.org/rtv/012402262017000/v0/amp-form-0.1.js

msedge.exe

Remote address:

142.250.180.1:443

Request

GET /rtv/012402262017000/v0/amp-form-0.1.js HTTP/2.0
host: cdn.ampproject.org
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

1.180.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

1.180.250.142.in-addr.arpa

IN PTR

Response

1.180.250.142.in-addr.arpa

IN PTR

lhr25s32-in-f11e100net
DNS

1.180.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

1.180.250.142.in-addr.arpa

IN PTR

Response

1.180.250.142.in-addr.arpa

IN PTR

lhr25s32-in-f11e100net
DNS

eus.rubiconproject.com

msedge.exe

Remote address:

8.8.8.8:53

Request

eus.rubiconproject.com

IN A

Response

eus.rubiconproject.com

IN CNAME

eus.rubiconproject.com.edgekey.net

eus.rubiconproject.com.edgekey.net

IN CNAME

e8960.b.akamaiedge.net

e8960.b.akamaiedge.net

IN A

2.17.5.216
DNS

eus.rubiconproject.com

msedge.exe

Remote address:

8.8.8.8:53

Request

eus.rubiconproject.com

IN A

Response

eus.rubiconproject.com

IN CNAME

eus.rubiconproject.com.edgekey.net

eus.rubiconproject.com.edgekey.net

IN CNAME

e8960.b.akamaiedge.net

e8960.b.akamaiedge.net

IN A

2.17.5.216
DNS

s.0cf.io

msedge.exe

Remote address:

8.8.8.8:53

Request

s.0cf.io

IN A

Response

s.0cf.io

IN A

172.64.143.21

s.0cf.io

IN A

172.64.142.21
DNS

s.0cf.io

msedge.exe

Remote address:

8.8.8.8:53

Request

s.0cf.io

IN A

Response

s.0cf.io

IN A

172.64.143.21

s.0cf.io

IN A

172.64.142.21
DNS

public.servenobid.com

msedge.exe

Remote address:

8.8.8.8:53

Request

public.servenobid.com

IN A

Response

public.servenobid.com

IN A

108.156.39.59

public.servenobid.com

IN A

108.156.39.44

public.servenobid.com

IN A

108.156.39.118

public.servenobid.com

IN A

108.156.39.36
DNS

public.servenobid.com

msedge.exe

Remote address:

8.8.8.8:53

Request

public.servenobid.com

IN A

Response

public.servenobid.com

IN A

108.156.39.59

public.servenobid.com

IN A

108.156.39.44

public.servenobid.com

IN A

108.156.39.118

public.servenobid.com

IN A

108.156.39.36
DNS

contextual.media.net

msedge.exe

Remote address:

8.8.8.8:53

Request

contextual.media.net

IN A

Response

contextual.media.net

IN A

2.17.4.21
DNS

contextual.media.net

msedge.exe

Remote address:

8.8.8.8:53

Request

contextual.media.net

IN A

Response

contextual.media.net

IN A

2.17.4.21
GET

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU658616&prvid=2034%2C2033%2C2055%2C2030%2C3020%2C251%2C233%2C2027%2C2026%2C236%2C237%2C459%2C97%2C55%2C77%2C2022%2C3012%2C3011%2C182%2C262%2C461%2C201%2C246%2C4%2C126%2C203%2C10000%2C108%2C9&itype=PREBID&purpose1=0&gdprconsent=0&gdpr=1&gdprstring=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&coppa=0&usp_status=0&usp_consent=1&ckdel=1

msedge.exe

Remote address:

2.17.4.21:443

Request

GET /checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU658616&prvid=2034%2C2033%2C2055%2C2030%2C3020%2C251%2C233%2C2027%2C2026%2C236%2C237%2C459%2C97%2C55%2C77%2C2022%2C3012%2C3011%2C182%2C262%2C461%2C201%2C246%2C4%2C126%2C203%2C10000%2C108%2C9&itype=PREBID&purpose1=0&gdprconsent=0&gdpr=1&gdprstring=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&coppa=0&usp_status=0&usp_consent=1&ckdel=1 HTTP/2.0
host: contextual.media.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: Apache
content-type: text/html; charset=UTF-8
x-mnet-hl2: E
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=93600
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Sat, 16 Mar 2024 21:02:16 GMT
date: Thu, 14 Mar 2024 21:02:16 GMT
content-length: 8375
GET

https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA

msedge.exe

Remote address:

2.17.5.216:443

Request

GET /usync.html?gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA HTTP/1.1
Host: eus.rubiconproject.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.unknowncheats.me/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 11 Mar 2024 21:52:45 GMT
ETag: "2052b-661-613698fc7e540"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 686
Content-Type: text/html; charset=UTF-8
Date: Thu, 14 Mar 2024 21:02:16 GMT
Connection: keep-alive
Vary: Accept-Encoding
GET

https://eus.rubiconproject.com/usync.js

msedge.exe

Remote address:

2.17.5.216:443

Request

GET /usync.js HTTP/1.1
Host: eus.rubiconproject.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Thu, 14 Mar 2024 00:02:02 GMT
Content-Encoding: gzip
Content-Length: 10988
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=10785
Expires: Fri, 15 Mar 2024 00:02:02 GMT
Date: Thu, 14 Mar 2024 21:02:17 GMT
Connection: keep-alive
Vary: Accept-Encoding
GET

https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

msedge.exe

Remote address:

2.17.5.216:443

Request

GET /usync.html?p=duration_media&endpoint=us-east HTTP/1.1
Host: eus.rubiconproject.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Referer: https://public.servenobid.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 11 Mar 2024 21:52:45 GMT
ETag: "2052b-661-613698fc7e540"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 686
Content-Type: text/html; charset=UTF-8
Date: Thu, 14 Mar 2024 21:02:17 GMT
Connection: keep-alive
Vary: Accept-Encoding
GET

https://eus.rubiconproject.com/usync.html?p=gumgum

msedge.exe

Remote address:

2.17.5.216:443

Request

GET /usync.html?p=gumgum HTTP/1.1
Host: eus.rubiconproject.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Referer: https://g2.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 11 Mar 2024 21:52:45 GMT
ETag: "2052b-661-613698fc7e540"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 686
Content-Type: text/html; charset=UTF-8
Date: Thu, 14 Mar 2024 21:02:18 GMT
Connection: keep-alive
Vary: Accept-Encoding
GET

https://s.0cf.io/?gdpr=1&gdprConsent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&bidid=321206534-19072067-24490-0&id=191beab17e050a2&uid=

msedge.exe

Remote address:

172.64.143.21:443

Request

GET /?gdpr=1&gdprConsent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&bidid=321206534-19072067-24490-0&id=191beab17e050a2&uid= HTTP/2.0
host: s.0cf.io
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:16 GMT
content-type: text/html
last-modified: Tue, 05 Sep 2023 18:57:31 GMT
strict-transport-security: max-age=31536000
cf-cache-status: MISS
expires: Thu, 14 Mar 2024 21:32:16 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IGQ9%2BEyfwznV7lu7%2Fi6cZu9OPBZwb3a46jU2vv8m09zmWG0YaKO4u%2FTvByeNhnhv1mXwmnsBoTxzFwkvr%2FbB1t5s8W0Qm9nsuWRYvklmfLQzrf49Z7spGAy2vA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8647342b0cb46570-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/

msedge.exe

Remote address:

172.64.143.21:443

Request

GET / HTTP/2.0
host: s.0cf.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:18 GMT
content-type: text/html
last-modified: Tue, 05 Sep 2023 18:57:31 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3721
expires: Thu, 14 Mar 2024 21:32:18 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mexwoi84ohHLoAe3GkcFduPRR9uPntXKkbl0Hm2Z%2BHf2nSZcnkaTftocsZaCuuWDSGSKNy5E49RHB%2F6%2Fstd%2Fg0Hom%2Bfz0Ms8r%2BCEalHkgdpmUL%2BAJo1e5zNvCA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 864734373dce6570-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/

msedge.exe

Remote address:

172.64.143.21:443

Request

GET / HTTP/2.0
host: s.0cf.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-modified-since: Tue, 05 Sep 2023 18:57:31 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:02:19 GMT
last-modified: Tue, 05 Sep 2023 18:57:31 GMT
etag: W/"64f77a1b-9765"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3722
expires: Thu, 14 Mar 2024 21:32:19 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7PrsW7wRppYB2jWvfDZeqi5wrnYr5h1GQcESgNjhQiWHTRKiXAmlbfhWtqaFIiHXqNF7Zrs3MEGcqphZpZV71hx3Sfi%2Fub%2FKjGdMuRM4UVD6l14EnX4%2FDF%2BYdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86473439384a6570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/

msedge.exe

Remote address:

172.64.143.21:443

Request

GET / HTTP/2.0
host: s.0cf.io
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-modified-since: Tue, 05 Sep 2023 18:57:31 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:02:19 GMT
last-modified: Tue, 05 Sep 2023 18:57:31 GMT
etag: W/"64f77a1b-9765"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3722
expires: Thu, 14 Mar 2024 21:32:19 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wI7cw73ouzTUJu8eolhN1Csgd3%2BkTZmlBmU4USpe3Kjm6THdC1WYExQQjYzkC9ptJvIjP5mET8iBfT4HqzUtJQ4NbORuaqI8%2FiGYXRPC%2BULIzEM9DV3SZBBAxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8647343e1f1e6570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/sw.js?id=191beab17e050a2

msedge.exe

Remote address:

172.64.143.21:443

Request

GET /sw.js?id=191beab17e050a2 HTTP/2.0
host: s.0cf.io
cache-control: max-age=0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
service-worker: script
sec-fetch-site: same-origin
sec-fetch-mode: same-origin
sec-fetch-dest: serviceworker
referer: https://s.0cf.io/?gdpr=1&gdprConsent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&bidid=321206534-19072067-24490-0&id=191beab17e050a2&uid=
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:19 GMT
content-type: application/javascript
last-modified: Mon, 07 Feb 2022 00:35:38 GMT
etag: W/"6200695a-43b"
strict-transport-security: max-age=31536000
cf-cache-status: MISS
expires: Thu, 14 Mar 2024 21:32:19 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iZa7JWVnRTSPFaxOJVlenX36arBHXWS4lFyN8pxNhpQ5woM4X5m5VAyXg9Wd%2FWvkvWA6pKh0SZ1XBe5pZl%2BaSJV4eNyMExnQLJIoJLhUYKa3ctaZxgJp1eU0cg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8647343e1f216570-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/

msedge.exe

Remote address:

172.64.143.21:443

Request

GET / HTTP/2.0
host: s.0cf.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-modified-since: Tue, 05 Sep 2023 18:57:31 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:02:20 GMT
last-modified: Tue, 05 Sep 2023 18:57:31 GMT
etag: W/"64f77a1b-9765"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3723
expires: Thu, 14 Mar 2024 21:32:20 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gGZSYj9ungl5JD2LMK2QxxoTwZMY34%2FsQF1vXZpmgVqGw0Z7wQ1tq65uXS23aUFM2WtpqRTNweUr6bjS75ECo0SKvDQCUhfq3VQWqD7Dxj8Ut54pPPJSv7SjZA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8647343f996b6570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/

msedge.exe

Remote address:

172.64.143.21:443

Request

GET / HTTP/2.0
host: s.0cf.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-modified-since: Tue, 05 Sep 2023 18:57:31 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:02:20 GMT
last-modified: Tue, 05 Sep 2023 18:57:31 GMT
etag: W/"64f77a1b-9765"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3723
expires: Thu, 14 Mar 2024 21:32:20 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UJdrShXyCNUFgIwvILAw%2F1pbCRIXkhPG5eUIOwrqkIk1ExdQ8W1nMCV2HecHcu%2F5%2F4OCZjtU6OcOtEVJoZ4%2FRrBhcrO3N8HcUjzBYeu5wwMtC23%2Fl5%2BhYSRXqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86473444a8976570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/ps/?dbid=191beab17e050a2

msedge.exe

Remote address:

172.64.143.21:443

Request

GET /ps/?dbid=191beab17e050a2 HTTP/2.0
host: s.0cf.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:02:20 GMT
last-modified: Tue, 05 Sep 2023 18:57:31 GMT
etag: W/"64f77a1b-9765"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3723
expires: Thu, 14 Mar 2024 21:32:20 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oStCw1qrlZ7Adxg9fwbYOFLPhyBppVSfRDDHoIYcZXgdZtNnBYd3GI0TOYc0k1DGpTC2SgfZLHMKTFbtRbDDpz3%2F%2FBHO8T6Chz2XEtecCO%2FxOqOE0WuQDRO5BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8647344519506570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/

msedge.exe

Remote address:

172.64.143.21:443

Request

GET / HTTP/2.0
host: s.0cf.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-modified-since: Tue, 05 Sep 2023 18:57:31 GMT

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:21 GMT
content-type: text/html
last-modified: Mon, 04 Oct 2021 18:28:27 GMT
strict-transport-security: max-age=31536000
cf-cache-status: MISS
expires: Thu, 14 Mar 2024 21:32:21 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oje4nlSDq9C5KORf4NyZ1ZRac8EMaU3A6B0s3MFJiZBYDHd5tdKOnwXSmAIkXobwFbutzYyhH9MNJT%2B3HKvz65o4p1wC%2Fy0FzSH7waAe7mzAcwrsqG1tpb3%2BQA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86473444a8996570-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/

msedge.exe

Remote address:

172.64.143.21:443

Request

GET / HTTP/2.0
host: s.0cf.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-modified-since: Tue, 05 Sep 2023 18:57:31 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:02:21 GMT
last-modified: Tue, 05 Sep 2023 18:57:31 GMT
etag: W/"64f77a1b-9765"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3724
expires: Thu, 14 Mar 2024 21:32:21 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XTvnxmrhYGxl7SZYsTSqwJ1tyDIm3HHwqf4s1fJeSQm9PLsU6IQleCfhE7NB9%2FRzZzXBznlzMtGsDb7yqqnS04k69%2FP%2FBKhpu97zw%2FW2R5K6fuKzHtFkpHnOGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8647344589da6570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/

msedge.exe

Remote address:

172.64.143.21:443

Request

GET / HTTP/2.0
host: s.0cf.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-modified-since: Tue, 05 Sep 2023 18:57:31 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:02:21 GMT
last-modified: Tue, 05 Sep 2023 18:57:31 GMT
etag: W/"64f77a1b-9765"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3724
expires: Thu, 14 Mar 2024 21:32:21 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F%2B5kRQfL2JRat2RwSbe%2BGVbebOdkC19hNkYtrnYmkkFLEacY53EG02PMaDZAaBTQfGwtdzN%2FX3oabTUvt3k6Ltiy2oXDj%2FmXMEQ%2FF7dXjQoAtiQdoxlyGgmMJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86473445ea4c6570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/

msedge.exe

Remote address:

172.64.143.21:443

Request

GET / HTTP/2.0
host: s.0cf.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-modified-since: Tue, 05 Sep 2023 18:57:31 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:02:21 GMT
last-modified: Tue, 05 Sep 2023 18:57:31 GMT
etag: W/"64f77a1b-9765"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3724
expires: Thu, 14 Mar 2024 21:32:21 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FrvZo0piRlZ0WkqqxdNmVMbpiiNl%2BbeL8Xup6Cpj18whW2I6FjbaSwgl%2BgQRrUVRBY7nKDqhio5R9xlF9BPk6dTq4tX%2FpVYn4JGexnfsbnQOloufjrHKEpbbCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 864734464adb6570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/

msedge.exe

Remote address:

172.64.143.21:443

Request

GET / HTTP/2.0
host: s.0cf.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-modified-since: Tue, 05 Sep 2023 18:57:31 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:02:21 GMT
last-modified: Tue, 05 Sep 2023 18:57:31 GMT
etag: W/"64f77a1b-9765"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3724
expires: Thu, 14 Mar 2024 21:32:21 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O41vyVwTTi4Kg8mcdzm3jxVfZSF7nehcmbv%2FWFP2LNlVfuOIPluZfvZtpa3I5bcYFOWm%2Fai34iMniFGtSyzLhFsQUDMRT7dl7w0%2Fd2mf1RZQgTjhpkTuYCQCOA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8647344b197d6570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/

msedge.exe

Remote address:

172.64.143.21:443

Request

GET / HTTP/2.0
host: s.0cf.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-modified-since: Tue, 05 Sep 2023 18:57:31 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:02:22 GMT
last-modified: Tue, 05 Sep 2023 18:57:31 GMT
etag: W/"64f77a1b-9765"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3725
expires: Thu, 14 Mar 2024 21:32:22 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9SFevxe5y%2FFBRS8zl23vBJ0VlThpw9jFmQZLwbL4IOgPZjVykEVKQVYoVtzDGeJuQLMzy6t74pJMU6EduKL2GR3b%2Fj%2FFwt2DBcuV78LfWSF%2Fbjz%2BA5P3psbVpA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8647344baa276570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/

msedge.exe

Remote address:

172.64.143.21:443

Request

GET / HTTP/2.0
host: s.0cf.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-modified-since: Tue, 05 Sep 2023 18:57:31 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:02:22 GMT
last-modified: Tue, 05 Sep 2023 18:57:31 GMT
etag: W/"64f77a1b-9765"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3725
expires: Thu, 14 Mar 2024 21:32:22 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZKQcaVyd%2FsMua3XSZt7U37SYoV9eTiYzd%2Fqb0XghfVOsb%2FPRai1iYU%2FFb4RbdY0Yc8hSnvlrWRg2wM4fb3Ip0Ewx4HbjBi6YUHlVLSSv6QvwufEdDmzjCnlECg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8647344c1ab76570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/

msedge.exe

Remote address:

172.64.143.21:443

Request

GET / HTTP/2.0
host: s.0cf.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-modified-since: Tue, 05 Sep 2023 18:57:31 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:02:22 GMT
last-modified: Tue, 05 Sep 2023 18:57:31 GMT
etag: W/"64f77a1b-9765"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3725
expires: Thu, 14 Mar 2024 21:32:22 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gAr%2F8iwfLkZcoqnL6bifyH2KTy1ojaQNlcnLY08qmgCXjsO0KM5BDWAn%2FY4HI9k8H0BfrJzxr3aRW%2BvLIU2jqGgModMJJrk8IeLA%2FdiwttQGWdN5zgm2ZtiawQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8647344c6b006570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/

msedge.exe

Remote address:

172.64.143.21:443

Request

GET / HTTP/2.0
host: s.0cf.io
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-modified-since: Tue, 05 Sep 2023 18:57:31 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:02:22 GMT
last-modified: Tue, 05 Sep 2023 18:57:31 GMT
etag: W/"64f77a1b-9765"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3725
expires: Thu, 14 Mar 2024 21:32:22 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1cs9PzLX2zzJ4b4getmWHDpInuhoLB3sKhrbbZBDQ32fFJlITygmxXF3i1Q3q6ocyBfkaz8X117pOQmqj2AiTOoc0paZu%2B5M0QoPEOW6vOVNZe004kxH8WHfqg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8647344ccb846570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/

msedge.exe

Remote address:

172.64.143.21:443

Request

GET / HTTP/2.0
host: s.0cf.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-modified-since: Tue, 05 Sep 2023 18:57:31 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:02:22 GMT
last-modified: Tue, 05 Sep 2023 18:57:31 GMT
etag: W/"64f77a1b-9765"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3725
expires: Thu, 14 Mar 2024 21:32:22 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M9joKxIUlagi%2BguqweAvcUtrhTMBUOGPHsoHqwj4VMTdtnC6NK82LeT1KVBdsyOiDVWROlF%2Fv2Ejmf2b4bTWQW%2BxupO7%2Fz4oxakr61kSzH%2FgzHWtaf4zVN6mHA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8647344d2bfe6570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/

msedge.exe

Remote address:

172.64.143.21:443

Request

GET / HTTP/2.0
host: s.0cf.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-modified-since: Tue, 05 Sep 2023 18:57:31 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:02:22 GMT
last-modified: Tue, 05 Sep 2023 18:57:31 GMT
etag: W/"64f77a1b-9765"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3725
expires: Thu, 14 Mar 2024 21:32:22 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YvsrIgxeJpdL6YTYuCQGw2c8v36F1NMALI%2FVOj7J4V75QYtXcp0a52nGb6EZ3jaJoKnP14CCRev0Q2qsqDHT2zOTl7jIKh7clfnpioeQ2Q0Gh8cV73Jzeu3TIw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8647344ff8986570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/sw.js?id=191beab17e050a2

msedge.exe

Remote address:

172.64.143.21:443

Request

GET /sw.js?id=191beab17e050a2 HTTP/2.0
host: s.0cf.io
cache-control: max-age=0
dnt: 1
accept: */*
service-worker: script
sec-fetch-site: same-origin
sec-fetch-mode: same-origin
sec-fetch-dest: serviceworker
referer: https://s.0cf.io/sw.js?id=191beab17e050a2
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-none-match: W/"6200695a-43b"
if-modified-since: Mon, 07 Feb 2022 00:35:38 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:02:25 GMT
last-modified: Mon, 07 Feb 2022 00:35:38 GMT
etag: W/"6200695a-43b"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 6
expires: Thu, 14 Mar 2024 21:32:25 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DTS7S%2Fy4POt8tabgXy%2FaPbUmDv1DKwWlznzhN4UDtbkG1Xte72nhZpG6aOhcWQU3WIt%2FwhuF8FMtaRA%2BlmagSb24cUBjgCnXxVf9nTaSHUwN7Kv2z1B8kf0%2FwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8647345e6ca36570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/

msedge.exe

Remote address:

172.64.143.21:443

Request

GET / HTTP/2.0
host: s.0cf.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-modified-since: Tue, 05 Sep 2023 18:57:31 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:02:52 GMT
last-modified: Tue, 05 Sep 2023 18:57:31 GMT
etag: W/"64f77a1b-9765"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3755
expires: Thu, 14 Mar 2024 21:32:52 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yvdH0kQM7Np1l2ELcHAsKdanZXHx2vidsUfljfp0zfWJLR5gP4G%2F3i1GWRst%2FtNz9jyi8Bq1sBYENt7DtEGEqCLDOQ%2Bq%2BVOqZ5FoPf%2Fod77VvFWLc18Iww0ZeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8647350899216570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/

msedge.exe

Remote address:

172.64.143.21:443

Request

GET / HTTP/2.0
host: s.0cf.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-modified-since: Tue, 05 Sep 2023 18:57:31 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:02:52 GMT
last-modified: Tue, 05 Sep 2023 18:57:31 GMT
etag: W/"64f77a1b-9765"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3755
expires: Thu, 14 Mar 2024 21:32:52 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NJXgoRXrHOFwslGUqYq30%2BAXe5ou926alzdKMYUNYIn17GnnLhx86Xne9suytYMwB%2Byu7yd%2BCb0x1R6AHcWoBvR4%2BV37vM3aSrHhKLlHJC01XHq1B3h9GFZ07Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8647350b2c8e6570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/

msedge.exe

Remote address:

172.64.143.21:443

Request

GET / HTTP/2.0
host: s.0cf.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-modified-since: Tue, 05 Sep 2023 18:57:31 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:02:52 GMT
last-modified: Tue, 05 Sep 2023 18:57:31 GMT
etag: W/"64f77a1b-9765"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3755
expires: Thu, 14 Mar 2024 21:32:52 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vcSnrKJl7ItzaqcW2gqdTQsoRMAJ4NzI7PZVRtbhatU76X7QSdLSVQRq3cDPJSp0GxJ6dbzzub4kaun%2FWy5EY%2FU25gdc4N%2BLQnq%2FeR6qDNICT1LTJj2alE2Gjg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8647350bad366570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/

msedge.exe

Remote address:

172.64.143.21:443

Request

GET / HTTP/2.0
host: s.0cf.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-modified-since: Tue, 05 Sep 2023 18:57:31 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:02:52 GMT
last-modified: Tue, 05 Sep 2023 18:57:31 GMT
etag: W/"64f77a1b-9765"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3755
expires: Thu, 14 Mar 2024 21:32:52 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yJzNJuz05a3L2fMOE1wc%2BAm28zHt72dgotJObw%2FEFWhq4sSqPLTvOo3jEiCl56msst1cEMb8S%2BnhhuxP5TmX8tppw0i%2FJCMkmRO6%2BAztZjWjhidu1M0Z3cR3Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8647350c7e426570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/

msedge.exe

Remote address:

172.64.143.21:443

Request

GET / HTTP/2.0
host: s.0cf.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-modified-since: Tue, 05 Sep 2023 18:57:31 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:02:53 GMT
last-modified: Tue, 05 Sep 2023 18:57:31 GMT
etag: W/"64f77a1b-9765"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3756
expires: Thu, 14 Mar 2024 21:32:53 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RM8rAutyZIcrnL6X5DVld%2FCmNjNwNJJ6VUnqdK%2FhAVDOd7J2hKqyBA0beo%2FnEWsyr%2BX6F0RnWnJ0k5P2HCkxYsMaecs6eUyW8GK%2FDt1fa0XneV2ZZ0x6JHTuPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8647350fdbf36570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/

msedge.exe

Remote address:

172.64.143.21:443

Request

GET / HTTP/2.0
host: s.0cf.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-modified-since: Tue, 05 Sep 2023 18:57:31 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:02:53 GMT
last-modified: Tue, 05 Sep 2023 18:57:31 GMT
etag: W/"64f77a1b-9765"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3756
expires: Thu, 14 Mar 2024 21:32:53 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F%2B1cvFHc40ZXtDz5VB3qc1FS3LiPcmULZ3l5Syft3uRn0t9FQ1bPYcIPtoYi8UFndTxuTeyDdy7b7Ag%2BFbxU%2B5P4fE2ijvLRYPPwgEJ7KYgjA6qo3VqpBoGHLA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86473510ed396570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/

msedge.exe

Remote address:

172.64.143.21:443

Request

GET / HTTP/2.0
host: s.0cf.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-modified-since: Tue, 05 Sep 2023 18:57:31 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:02:53 GMT
last-modified: Tue, 05 Sep 2023 18:57:31 GMT
etag: W/"64f77a1b-9765"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3756
expires: Thu, 14 Mar 2024 21:32:53 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4rQaRYrUgCDiIhhE7cNCX2Chq7W3rjFMtLnnE3GC8kjK4PU%2BYufAdt4RID2CtFR36EY40p8hmleLUzfuzMgzkaMMqyXlTHoUP3qEi2VtJECDovk3I6MikwvDMw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86473512bf886570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/

msedge.exe

Remote address:

172.64.143.21:443

Request

GET / HTTP/2.0
host: s.0cf.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-modified-since: Tue, 05 Sep 2023 18:57:31 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:02:54 GMT
last-modified: Tue, 05 Sep 2023 18:57:31 GMT
etag: W/"64f77a1b-9765"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3757
expires: Thu, 14 Mar 2024 21:32:54 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=30jyiunY6%2Be9NLKoufI9sV6FNiH2zvmnSt4kf7611axLIzOuSkp187yrDvhuYrdGvEJj%2FV%2FKjsDCNEAmoP5U%2Fm0iq6njKyH%2FVxTLN%2FIeCHN6Yzbtg6H7Yyl3Ng%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 864735144a0e6570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/

msedge.exe

Remote address:

172.64.143.21:443

Request

GET / HTTP/2.0
host: s.0cf.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-modified-since: Tue, 05 Sep 2023 18:57:31 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:02:54 GMT
last-modified: Tue, 05 Sep 2023 18:57:31 GMT
etag: W/"64f77a1b-9765"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3757
expires: Thu, 14 Mar 2024 21:32:54 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cp2DISRkRG0UgB21PHHazZyHdhIIGlUjF77RSMXOFzgDr9FMFvjBm3NMU0FPsMx4VnOKXTr4S3pcyTwzmfNq3sl2QYnsCg8ug3eKEzZqgX3ktqNBlmPemAG41w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86473514dac46570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/

msedge.exe

Remote address:

172.64.143.21:443

Request

GET / HTTP/2.0
host: s.0cf.io
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-modified-since: Tue, 05 Sep 2023 18:57:31 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:02:55 GMT
last-modified: Tue, 05 Sep 2023 18:57:31 GMT
etag: W/"64f77a1b-9765"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3758
expires: Thu, 14 Mar 2024 21:32:55 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jr%2FM6ajT0xplaRgiiplmZ9zi2lg1mAMzV1ugpD5IKYxPP6Dea%2FNodP2o3h8bgM6hThkG%2BG3ad4py27%2BgVs3FFT1A4zUX5RJL0wfHLUGp0oPv0MU2wpmbjw7hXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8647351b0c0a6570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/

msedge.exe

Remote address:

172.64.143.21:443

Request

GET / HTTP/2.0
host: s.0cf.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-modified-since: Tue, 05 Sep 2023 18:57:31 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:02:56 GMT
last-modified: Tue, 05 Sep 2023 18:57:31 GMT
etag: W/"64f77a1b-9765"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3759
expires: Thu, 14 Mar 2024 21:32:56 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IccUT7Fnvqj6nSl8obUuDivyGI5FJp9pETWbcwxL%2F2KyNxW4o2DxLFTHoJt5NLq7y%2BfQC3o6JBO8NRl3eOyzQTQ%2Bjhe8%2BLb0A6QGiwLEAFKEIYQHSZbo0DjUuA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 864735238f696570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/sw.js?id=191beab17e050a2

msedge.exe

Remote address:

172.64.143.21:443

Request

GET /sw.js?id=191beab17e050a2 HTTP/2.0
host: s.0cf.io
cache-control: max-age=0
dnt: 1
accept: */*
service-worker: script
sec-fetch-site: same-origin
sec-fetch-mode: same-origin
sec-fetch-dest: serviceworker
referer: https://s.0cf.io/sw.js?id=191beab17e050a2
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-none-match: W/"6200695a-43b"
if-modified-since: Mon, 07 Feb 2022 00:35:38 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:03:00 GMT
last-modified: Mon, 07 Feb 2022 00:35:38 GMT
etag: W/"6200695a-43b"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 41
expires: Thu, 14 Mar 2024 21:33:00 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rSy9aMPc%2Bl9ItAlIQ5A3qGMcgU8BFvxsOl1MhtEt69nr6%2BUivUKDRnKklBf%2BFtS7jn5WyT1wJBMDeggy5glf3bfCbxRBAMEJqbYEXxtIXuNRYx4Kw%2Frpdzr69A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8647353b7c0c6570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/

msedge.exe

Remote address:

172.64.143.21:443

Request

GET / HTTP/2.0
host: s.0cf.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-modified-since: Tue, 05 Sep 2023 18:57:31 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:03:21 GMT
last-modified: Tue, 05 Sep 2023 18:57:31 GMT
etag: W/"64f77a1b-9765"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3784
expires: Thu, 14 Mar 2024 21:33:21 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nCUgjy8H3DSsFeuDZOahHW6aQmx7Tj2lgnLzdkrRYlOPtmHqZZ6SXgDTUv6aKGw3BOaCTkOUNAEHus5KcpGchknzqQO0%2F2CInc5ZDgZcpElTqYyt%2B9LTfB2iiw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 864735c23f926570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/

msedge.exe

Remote address:

172.64.143.21:443

Request

GET / HTTP/2.0
host: s.0cf.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-modified-since: Tue, 05 Sep 2023 18:57:31 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:03:22 GMT
last-modified: Tue, 05 Sep 2023 18:57:31 GMT
etag: W/"64f77a1b-9765"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3785
expires: Thu, 14 Mar 2024 21:33:22 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cc5twMz69FHcGt%2FCRuo8z%2BYERhnFGYMQ9hmmqtHY5Vt%2Bttd%2FSSRY29BLHNToyp8fQiLRC%2B5ASgs0yu9HSKgmPwFdBv%2B9WPChIFJo6YW788YTyQ3FQsvLiHup5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 864735c2f8e06570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/

msedge.exe

Remote address:

172.64.143.21:443

Request

GET / HTTP/2.0
host: s.0cf.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-modified-since: Tue, 05 Sep 2023 18:57:31 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:03:22 GMT
last-modified: Tue, 05 Sep 2023 18:57:31 GMT
etag: W/"64f77a1b-9765"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3785
expires: Thu, 14 Mar 2024 21:33:22 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OL5SQLH9z%2FL6Fu892yxDCtcyYzjwXg3aVmwi5xekiWddgDlSOuGMOitofJYDDBLaXGLuWBAJq7Tde2LTOWe5KT7TzflgMUVN7kGMHlFw6kFH4VnBG3%2B7d%2Ffvig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 864735c55c1c6570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/

msedge.exe

Remote address:

172.64.143.21:443

Request

GET / HTTP/2.0
host: s.0cf.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-modified-since: Tue, 05 Sep 2023 18:57:31 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:03:22 GMT
last-modified: Tue, 05 Sep 2023 18:57:31 GMT
etag: W/"64f77a1b-9765"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3785
expires: Thu, 14 Mar 2024 21:33:22 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FB2uYxfX3Gf7SJT0pqgjLQuWdWEw%2BkPzph7t7Xl9YoAWGFAc6UeHBfV8Q6FfbfPHTaq5PCU%2FrBiyj91I9PH8g0mSPZwm7s0vBJXtfke2XnBEuh2XAGOjs9DDKg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 864735c5ed536570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/

msedge.exe

Remote address:

172.64.143.21:443

Request

GET / HTTP/2.0
host: s.0cf.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-modified-since: Tue, 05 Sep 2023 18:57:31 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:03:23 GMT
last-modified: Tue, 05 Sep 2023 18:57:31 GMT
etag: W/"64f77a1b-9765"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3786
expires: Thu, 14 Mar 2024 21:33:23 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JEnLuqOSfg35bkHbyC1mduXqi6cqETkW6JQ7O8czzYd3yj0G2q86y%2BWYtGd3jSzKmgMYK97biMicuLmuWfcR%2B%2B%2FzxueC3cuh5D%2BPuk7VhUueCmYLa%2FQL0dxbbg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 864735c9fb1b6570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/

msedge.exe

Remote address:

172.64.143.21:443

Request

GET / HTTP/2.0
host: s.0cf.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-modified-since: Tue, 05 Sep 2023 18:57:31 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:03:23 GMT
last-modified: Tue, 05 Sep 2023 18:57:31 GMT
etag: W/"64f77a1b-9765"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3786
expires: Thu, 14 Mar 2024 21:33:23 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wxw78UuYwGu4Y3B3%2BstrxRV%2FBqrWhvTubxSf2%2B1DRqn%2B3F%2FQl0igUwDmzDzB0PxkcCtHeh%2B2nTRqW7EvFNwsYeE%2F8lFVoGjt0A%2BctOIk%2B5bDxbrm91evJRsthw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 864735ca6ba16570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/

msedge.exe

Remote address:

172.64.143.21:443

Request

GET / HTTP/2.0
host: s.0cf.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-modified-since: Tue, 05 Sep 2023 18:57:31 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:03:23 GMT
last-modified: Tue, 05 Sep 2023 18:57:31 GMT
etag: W/"64f77a1b-9765"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3786
expires: Thu, 14 Mar 2024 21:33:23 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eCHlXUWfw43U49Ymha23auhKEBTUQISWSF3M1Agxb%2FV1IqrhCUzkTq5bh5sWJYD%2F1ozivJcbV2ix8yID2%2B1Wtffr6g4SIMIfLLVoiIdp4jgG7Rz3Rk7r8Ut%2FDg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 864735cadc286570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/

msedge.exe

Remote address:

172.64.143.21:443

Request

GET / HTTP/2.0
host: s.0cf.io
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-modified-since: Tue, 05 Sep 2023 18:57:31 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:03:23 GMT
last-modified: Tue, 05 Sep 2023 18:57:31 GMT
etag: W/"64f77a1b-9765"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3786
expires: Thu, 14 Mar 2024 21:33:23 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b6PcZSKIybmSKNLiLIg8WYaIi5aoVkjgoKvade62t6h5547Hf4ep8RMHYMkNSXmBNus5pj%2FmgM5XekNJPTF1CwqZpwfRTSRPXV9vjFCAfzywo64r0%2FwMXBsDyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 864735cb2ca16570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/

msedge.exe

Remote address:

172.64.143.21:443

Request

GET / HTTP/2.0
host: s.0cf.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-modified-since: Tue, 05 Sep 2023 18:57:31 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:03:23 GMT
last-modified: Tue, 05 Sep 2023 18:57:31 GMT
etag: W/"64f77a1b-9765"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3786
expires: Thu, 14 Mar 2024 21:33:23 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FomX%2BO4e7MtbHMQJjhv3JcvIniRCrRsJFko8mwyp6HwtDLXAXem91I6%2FJFK7RDgPbH7JmRyp4HO6jrq8LEeiVvRYDF2nDQQv14nmfBMOPwBzhTwoa8%2BfWZ0EKw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 864735cb8d5c6570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/

msedge.exe

Remote address:

172.64.143.21:443

Request

GET / HTTP/2.0
host: s.0cf.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-modified-since: Tue, 05 Sep 2023 18:57:31 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:03:23 GMT
last-modified: Tue, 05 Sep 2023 18:57:31 GMT
etag: W/"64f77a1b-9765"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3786
expires: Thu, 14 Mar 2024 21:33:23 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aBx%2BgLyWIrwTkLTJrob6kjSIkucsnooIH1xi7c4vdFjo1fSdKi1XMid%2FMEbutqDoxkzxZNMSkJBHJdKj2bnJosnY2SzpQL6W8ZtvlPZ4ehFYlS6Q6MS9FtnLtA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 864735cdc8966570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/

msedge.exe

Remote address:

172.64.143.21:443

Request

GET / HTTP/2.0
host: s.0cf.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-modified-since: Tue, 05 Sep 2023 18:57:31 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:03:26 GMT
last-modified: Mon, 07 Feb 2022 00:35:38 GMT
etag: W/"6200695a-43b"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 67
expires: Thu, 14 Mar 2024 21:33:26 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mh2yWgCT45iNLBVskmA5iGe%2Ft76WpPODJn0T8FYsjnd3k0wC1eCWBwc2u7g0s7UtvaQGcYanJoISCX5Cz4YrZWoKtDvMMS6pf1M4ESVnUrtVsMV4jtJFDrX9bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 864735e16c4b6570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/sw.js?id=191beab17e050a2

msedge.exe

Remote address:

172.64.143.21:443

Request

GET /sw.js?id=191beab17e050a2 HTTP/2.0
host: s.0cf.io
cache-control: max-age=0
dnt: 1
accept: */*
service-worker: script
sec-fetch-site: same-origin
sec-fetch-mode: same-origin
sec-fetch-dest: serviceworker
referer: https://s.0cf.io/sw.js?id=191beab17e050a2
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-none-match: W/"6200695a-43b"
if-modified-since: Mon, 07 Feb 2022 00:35:38 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:03:26 GMT
last-modified: Tue, 05 Sep 2023 18:57:31 GMT
etag: W/"64f77a1b-9765"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3789
expires: Thu, 14 Mar 2024 21:33:26 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vcG0pvEx0kUNDzhRMnD9MW2Zp5kMr75S2dps%2FlPFYYWOAqk7TBuH0Uhl7Ge2Z02%2BsFuyhEW%2FA8%2BM8SjFb9bN7lixDAvPr6MgThRuZYWR06NXvEKWGWpJZpUobw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 864735e16c486570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/

msedge.exe

Remote address:

172.64.143.21:443

Request

GET / HTTP/2.0
host: s.0cf.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-modified-since: Tue, 05 Sep 2023 18:57:31 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:03:27 GMT
last-modified: Tue, 05 Sep 2023 18:57:31 GMT
etag: W/"64f77a1b-9765"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3790
expires: Thu, 14 Mar 2024 21:33:27 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nHZhRv0T5OgZngIKUhq%2Bxk4PbgHpHYNqyq4boz77bQZLvjPCRyEqO5jfizqCczceGt0OcSte0LOsFyx%2F7vsd7szsrgu9HxG9XXKzbCgjEHNT5wwGn6ZFH7cM1g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 864735e3afea6570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/

msedge.exe

Remote address:

172.64.143.21:443

Request

GET / HTTP/2.0
host: s.0cf.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-modified-since: Tue, 05 Sep 2023 18:57:31 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:03:27 GMT
last-modified: Tue, 05 Sep 2023 18:57:31 GMT
etag: W/"64f77a1b-9765"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3790
expires: Thu, 14 Mar 2024 21:33:27 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XDfp9BXvXe6uavPj9fvbSmb2lwWL%2Bjyx4keyr9qoAViw8kHIJVruriAROA%2FkSGGM6SEBH2Iq9A0R%2FIPArf1wdk046M4b08B9ztm2Pxs63LNUM2%2FmWaMVnQP%2FhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 864735e7bd856570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/sw.js?id=191beab17e050a2

msedge.exe

Remote address:

172.64.143.21:443

Request

GET /sw.js?id=191beab17e050a2 HTTP/2.0
host: s.0cf.io
cache-control: max-age=0
dnt: 1
accept: */*
service-worker: script
sec-fetch-site: same-origin
sec-fetch-mode: same-origin
sec-fetch-dest: serviceworker
referer: https://s.0cf.io/sw.js?id=191beab17e050a2
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-none-match: W/"6200695a-43b"
if-modified-since: Mon, 07 Feb 2022 00:35:38 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:03:30 GMT
last-modified: Mon, 07 Feb 2022 00:35:38 GMT
etag: W/"6200695a-43b"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 71
expires: Thu, 14 Mar 2024 21:33:30 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s2BComrYvAV%2BKeUoOVSQglw5MBjUmBcjlJ6S10Ikeg%2Fq%2B9AqH8k%2Fi8joq51Bl2%2FcXZ%2FnvuZQFHrDprfzp0J%2FADjWTsaY2gLGJNtwtM5BMPiCuHwHORhEvV9uDg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 864735f62ab26570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/sw.js?id=191beab17e050a2

msedge.exe

Remote address:

172.64.143.21:443

Request

GET /sw.js?id=191beab17e050a2 HTTP/2.0
host: s.0cf.io
cache-control: max-age=0
dnt: 1
accept: */*
service-worker: script
sec-fetch-site: same-origin
sec-fetch-mode: same-origin
sec-fetch-dest: serviceworker
referer: https://s.0cf.io/sw.js?id=191beab17e050a2
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-none-match: W/"6200695a-43b"
if-modified-since: Mon, 07 Feb 2022 00:35:38 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:03:33 GMT
last-modified: Mon, 07 Feb 2022 00:35:38 GMT
etag: W/"6200695a-43b"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 74
expires: Thu, 14 Mar 2024 21:33:33 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5FxZRK9evj5rWMTXqRey8crzR4Ru%2FwI5C0YaYfYzUUnjlv0Xx%2BSPrbqnjCa5XM49H2AlSUFhPkhRt%2BkAY1qCz8arVbpXHbMXRsdVU%2BV1Z3XKWpzwUnbPOUWv3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8647360c4a846570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/

msedge.exe

Remote address:

172.64.143.21:443

Request

GET / HTTP/2.0
host: s.0cf.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-modified-since: Tue, 05 Sep 2023 18:57:31 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:03:52 GMT
last-modified: Tue, 05 Sep 2023 18:57:31 GMT
etag: W/"64f77a1b-9765"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3815
expires: Thu, 14 Mar 2024 21:33:52 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1O2IO8YCF1a0we5YE58p64ZHD3P%2BjBf8Nl%2FpccPbIpSr1%2BcLNsQ%2FdqRiI5sZlJWr0XG8roTtB9uma2z4n0yOd8GqN5S45XL2zqbAQxjenh7Lx6zpyfUgtwoUhA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8647367fcd7d6570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/

msedge.exe

Remote address:

172.64.143.21:443

Request

GET / HTTP/2.0
host: s.0cf.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-modified-since: Tue, 05 Sep 2023 18:57:31 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:03:52 GMT
last-modified: Tue, 05 Sep 2023 18:57:31 GMT
etag: W/"64f77a1b-9765"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3815
expires: Thu, 14 Mar 2024 21:33:52 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wa%2B0tEnI3mxRiZ8yrqen24%2FHz1%2B9qQUdo9TBFubwOFcs%2FbKL1hprcpmANLaLKqjK1tOzJdHTaQB9dPv9c%2FweknlrlgEflUlkqQQJ4ogyjBq54saFjPDDSX4hxg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 864736816fac6570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/

msedge.exe

Remote address:

172.64.143.21:443

Request

GET / HTTP/2.0
host: s.0cf.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-modified-since: Tue, 05 Sep 2023 18:57:31 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:03:53 GMT
last-modified: Tue, 05 Sep 2023 18:57:31 GMT
etag: W/"64f77a1b-9765"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3816
expires: Thu, 14 Mar 2024 21:33:53 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dAWEUQUOj367MEwJ1gEeNBV9pseHycI8W5CLgZC2HSnrOTeMKNQnhWhuXB5C08KJ1uTki2D34GJjbx8HtLSMsaHZWrkzz1eb0DYfGCUM%2Fres3ozQ6kdtuSOpbA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 864736866eb96570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/

msedge.exe

Remote address:

172.64.143.21:443

Request

GET / HTTP/2.0
host: s.0cf.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-modified-since: Tue, 05 Sep 2023 18:57:31 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:03:53 GMT
last-modified: Tue, 05 Sep 2023 18:57:31 GMT
etag: W/"64f77a1b-9765"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3816
expires: Thu, 14 Mar 2024 21:33:53 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v9sEriOYKTPNcA0IV9B9nkd0w3naXYHCEeDV71%2FD025TvnpWBBSR22I8crP1ynKjm6Xhx6lMjwQBbFlTaBQ%2FMalT7wm1w1Gv%2FZ45UhrfDIg4f41G1IgdT%2Fon4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8647368728006570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/

msedge.exe

Remote address:

172.64.143.21:443

Request

GET / HTTP/2.0
host: s.0cf.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-modified-since: Tue, 05 Sep 2023 18:57:31 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:03:56 GMT
last-modified: Tue, 05 Sep 2023 18:57:31 GMT
etag: W/"64f77a1b-9765"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3819
expires: Thu, 14 Mar 2024 21:33:56 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eFtT5tYWDY9ydURWxrSPyyVdZPrT%2FQnZ%2F5UuqjpcLMlzuNEMoW9rI603ovLHhQUu20zU8baf2B%2FgOoT%2FkvdCy9pj1USt8PWJPBUna6ToFJtWPD9bVQWq1ye17A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8647369b1f796570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/

msedge.exe

Remote address:

172.64.143.21:443

Request

GET / HTTP/2.0
host: s.0cf.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-modified-since: Tue, 05 Sep 2023 18:57:31 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:03:56 GMT
last-modified: Tue, 05 Sep 2023 18:57:31 GMT
etag: W/"64f77a1b-9765"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3819
expires: Thu, 14 Mar 2024 21:33:56 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x%2FAlGUeCif148I1uAjDvh3Artzh2P2js2dmuyo2bY5TFKZjh6lhnNsUNyGKDMLKtb3hWk9LD%2FUs6SxbKdZHjyEmx0hKGabtp%2Bf88Kt3aPn%2BmUQEVS1kvpzc7aA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8647369b98516570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/

msedge.exe

Remote address:

172.64.143.21:443

Request

GET / HTTP/2.0
host: s.0cf.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-modified-since: Tue, 05 Sep 2023 18:57:31 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:03:57 GMT
last-modified: Tue, 05 Sep 2023 18:57:31 GMT
etag: W/"64f77a1b-9765"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3820
expires: Thu, 14 Mar 2024 21:33:57 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zWfsI12T9rsDlai6ZWdsodNcyaV%2FZklfcdeoA0PWNZf5QMZrtYBkwAbCUSJBm0fXTn8xWTQxEpJZOW%2F0U9Wn7rWnP4ZdJTVEiIQgzBn6xCPMedJ%2F1A9tfm630g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8647369ffe216570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/

msedge.exe

Remote address:

172.64.143.21:443

Request

GET / HTTP/2.0
host: s.0cf.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-modified-since: Tue, 05 Sep 2023 18:57:31 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:04:00 GMT
last-modified: Tue, 05 Sep 2023 18:57:31 GMT
etag: W/"64f77a1b-9765"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3823
expires: Thu, 14 Mar 2024 21:34:00 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xsZLhXdJLne5mxjwZNRZd43Xa6XyTn4IEPrClTiZKXHse5E%2BzH3bfg34ljgMpUhfj4LNxjqYe%2Bp9dx%2BdQuml4zjaghN8Hmpbec1J%2FhoLGHfLbsFykQt0hdqiGg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 864736b3d9376570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://s.0cf.io/

msedge.exe

Remote address:

172.64.143.21:443

Request

GET / HTTP/2.0
host: s.0cf.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _dbid=191beab17e050a2
if-modified-since: Tue, 05 Sep 2023 18:57:31 GMT

Response

HTTP/2.0 304

date: Thu, 14 Mar 2024 21:04:00 GMT
last-modified: Tue, 05 Sep 2023 18:57:31 GMT
etag: W/"64f77a1b-9765"
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3823
expires: Thu, 14 Mar 2024 21:34:00 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9M6Ksbz6a2tpTZaCtxZSzFuDmh10wRIQyi94zedh37CJvR7Uq%2F3dwSW7Ca6V7RS%2FvrkMLTGXUhYBs1tkZCBMSA3c9fCld%2FgPbyVGuAxXjoEkGYrYV1TVGx2g9g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 864736b439996570-AMS
alt-svc: h3=":443"; ma=86400
GET

https://public.servenobid.com/sync.html?gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA

msedge.exe

Remote address:

108.156.39.59:443

Request

GET /sync.html?gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA HTTP/2.0
host: public.servenobid.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/html
last-modified: Wed, 06 Mar 2024 22:22:19 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-content-sha256: ac5da40dcf42e367b0eed52c8950b2ba8d4154c1cf2403b6ab30cdaa8eb6ec28
x-amz-version-id: null
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:ebe56737-d69c-4a07-920d-566532a562f5
x-amz-meta-codebuild-content-md5: e6f135f6e82205b45af0f1fac30dc51a
server: AmazonS3
content-encoding: br
date: Thu, 14 Mar 2024 05:41:16 GMT
cache-control: max-age=86400
etag: W/"38c114d82e3d811243c5081c4be05974"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ee8862e43d7837ef5478becfe2eb7116.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: 8fKjDJib_rSZhvmsEwvwVmol4ZAXvXMxeGGaD8IX-TzsMqhZSndXpQ==
age: 55261
vary: Origin
DNS

match.adsrvr.org

msedge.exe

Remote address:

8.8.8.8:53

Request

match.adsrvr.org

IN A

Response

match.adsrvr.org

IN A

52.223.40.198

match.adsrvr.org

IN A

35.71.131.137

match.adsrvr.org

IN A

15.197.193.217

match.adsrvr.org

IN A

3.33.220.150
DNS

match.adsrvr.org

msedge.exe

Remote address:

8.8.8.8:53

Request

match.adsrvr.org

IN A

Response

match.adsrvr.org

IN A

52.223.40.198

match.adsrvr.org

IN A

35.71.131.137

match.adsrvr.org

IN A

15.197.193.217

match.adsrvr.org

IN A

3.33.220.150
DNS

sync.srv.stackadapt.com

msedge.exe

Remote address:

8.8.8.8:53

Request

sync.srv.stackadapt.com

IN A

Response

sync.srv.stackadapt.com

IN A

54.145.217.237

sync.srv.stackadapt.com

IN A

52.73.237.27

sync.srv.stackadapt.com

IN A

54.144.120.173

sync.srv.stackadapt.com

IN A

54.175.28.36

sync.srv.stackadapt.com

IN A

54.166.93.240

sync.srv.stackadapt.com

IN A

52.73.22.46

sync.srv.stackadapt.com

IN A

54.156.231.188

sync.srv.stackadapt.com

IN A

54.205.159.141
DNS

sync.srv.stackadapt.com

msedge.exe

Remote address:

8.8.8.8:53

Request

sync.srv.stackadapt.com

IN A

Response

sync.srv.stackadapt.com

IN A

54.156.221.97

sync.srv.stackadapt.com

IN A

54.145.217.237

sync.srv.stackadapt.com

IN A

54.205.171.68

sync.srv.stackadapt.com

IN A

54.156.231.188

sync.srv.stackadapt.com

IN A

54.160.228.160

sync.srv.stackadapt.com

IN A

54.166.93.240

sync.srv.stackadapt.com

IN A

52.73.22.46

sync.srv.stackadapt.com

IN A

54.174.97.40
DNS

usersync.gumgum.com

msedge.exe

Remote address:

8.8.8.8:53

Request

usersync.gumgum.com

IN A

Response

usersync.gumgum.com

IN A

34.247.233.198

usersync.gumgum.com

IN A

52.210.15.1

usersync.gumgum.com

IN A

34.247.205.196
DNS

usersync.gumgum.com

msedge.exe

Remote address:

8.8.8.8:53

Request

usersync.gumgum.com

IN A
DNS

x.bidswitch.net

msedge.exe

Remote address:

8.8.8.8:53

Request

x.bidswitch.net

IN A

Response

x.bidswitch.net

IN CNAME

user-data-eu.bidswitch.net

user-data-eu.bidswitch.net

IN A

35.214.149.91
DNS

x.bidswitch.net

msedge.exe

Remote address:

8.8.8.8:53

Request

x.bidswitch.net

IN A

Response

x.bidswitch.net

IN CNAME

user-data-eu.bidswitch.net

user-data-eu.bidswitch.net

IN A

35.214.149.91
DNS

p.rfihub.com

msedge.exe

Remote address:

8.8.8.8:53

Request

p.rfihub.com

IN A

Response

p.rfihub.com

IN CNAME

a.rfihub.com

a.rfihub.com

IN CNAME

a.rfihub.com.akadns.net

a.rfihub.com.akadns.net

IN CNAME

a-emea.rfihub.com.akadns.net

a-emea.rfihub.com.akadns.net

IN A

193.0.160.131
DNS

p.rfihub.com

msedge.exe

Remote address:

8.8.8.8:53

Request

p.rfihub.com

IN A

Response

p.rfihub.com

IN CNAME

a.rfihub.com

a.rfihub.com

IN CNAME

a.rfihub.com.akadns.net

a.rfihub.com.akadns.net

IN CNAME

a-emea.rfihub.com.akadns.net

a-emea.rfihub.com.akadns.net

IN A

193.0.160.130
DNS

pixel-sync.sitescout.com

msedge.exe

Remote address:

8.8.8.8:53

Request

pixel-sync.sitescout.com

IN A

Response

pixel-sync.sitescout.com

IN A

34.36.216.150
DNS

pixel-sync.sitescout.com

msedge.exe

Remote address:

8.8.8.8:53

Request

pixel-sync.sitescout.com

IN A

Response

pixel-sync.sitescout.com

IN A

34.36.216.150
GET

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=b39556179e&gdpr=0&gdpr_consent=

msedge.exe

Remote address:

52.223.40.198:443

Request

GET /track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=b39556179e&gdpr=0&gdpr_consent= HTTP/2.0
host: match.adsrvr.org
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:16 GMT
content-type: image/gif
content-length: 70
server: Kestrel
GET

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=

msedge.exe

Remote address:

52.223.40.198:443

Request

GET /track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP/2.0
host: match.adsrvr.org
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:18 GMT
content-type: image/gif
content-length: 70
server: Kestrel
GET

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

52.223.40.198:443

Request

GET /track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0 HTTP/2.0
host: match.adsrvr.org
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:19 GMT
content-type: image/gif
content-length: 70
server: Kestrel
GET

https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json

msedge.exe

Remote address:

52.223.40.198:443

Request

GET /track/rid?ttd_pid=prebid&fmt=json HTTP/2.0
host: match.adsrvr.org
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
accept: */*
origin: https://s.0cf.io
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://s.0cf.io/?gdpr=1&gdprConsent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&bidid=321206534-19072067-24490-0&id=191beab17e050a2&uid=
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:20 GMT
content-type: application/json
server: Kestrel
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
access-control-allow-origin: https://s.0cf.io
cache-control: private
expires: Sat, 13 Apr 2024 21:02:20 GMT
vary: Origin
content-encoding: gzip
vary: Accept-Encoding
GET

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

52.223.40.198:443

Request

GET /track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0 HTTP/2.0
host: match.adsrvr.org
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:20 GMT
content-type: image/gif
content-length: 70
server: Kestrel
GET

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

52.223.40.198:443

Request

GET /track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0 HTTP/2.0
host: match.adsrvr.org
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:23 GMT
content-type: image/gif
content-length: 70
server: Kestrel
GET

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

52.223.40.198:443

Request

GET /track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0 HTTP/2.0
host: match.adsrvr.org
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:54 GMT
content-type: image/gif
content-length: 70
server: Kestrel
GET

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

52.223.40.198:443

Request

GET /track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0 HTTP/2.0
host: match.adsrvr.org
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:56 GMT
content-type: image/gif
content-length: 70
server: Kestrel
GET

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

52.223.40.198:443

Request

GET /track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0 HTTP/2.0
host: match.adsrvr.org
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:57 GMT
content-type: image/gif
content-length: 70
server: Kestrel
GET

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

52.223.40.198:443

Request

GET /track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0 HTTP/2.0
host: match.adsrvr.org
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:58 GMT
content-type: image/gif
content-length: 70
server: Kestrel
GET

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

52.223.40.198:443

Request

GET /track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0 HTTP/2.0
host: match.adsrvr.org
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:23 GMT
content-type: image/gif
content-length: 70
server: Kestrel
GET

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

52.223.40.198:443

Request

GET /track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0 HTTP/2.0
host: match.adsrvr.org
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:25 GMT
content-type: image/gif
content-length: 70
server: Kestrel
GET

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

52.223.40.198:443

Request

GET /track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0 HTTP/2.0
host: match.adsrvr.org
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:25 GMT
content-type: image/gif
content-length: 70
server: Kestrel
GET

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

52.223.40.198:443

Request

GET /track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0 HTTP/2.0
host: match.adsrvr.org
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:29 GMT
content-type: image/gif
content-length: 70
server: Kestrel
GET

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

52.223.40.198:443

Request

GET /track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0 HTTP/2.0
host: match.adsrvr.org
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:31 GMT
content-type: image/gif
content-length: 70
server: Kestrel
GET

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

52.223.40.198:443

Request

GET /track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0 HTTP/2.0
host: match.adsrvr.org
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:55 GMT
content-type: image/gif
content-length: 70
server: Kestrel
GET

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

52.223.40.198:443

Request

GET /track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0 HTTP/2.0
host: match.adsrvr.org
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:58 GMT
content-type: image/gif
content-length: 70
server: Kestrel
DNS

g2.gumgum.com

msedge.exe

Remote address:

8.8.8.8:53

Request

g2.gumgum.com

IN A

Response

g2.gumgum.com

IN A

52.215.125.147

g2.gumgum.com

IN A

52.51.111.200

g2.gumgum.com

IN A

79.125.101.2

g2.gumgum.com

IN A

54.220.54.244

g2.gumgum.com

IN A

52.208.188.224

g2.gumgum.com

IN A

52.211.35.42

g2.gumgum.com

IN A

52.213.137.156

g2.gumgum.com

IN A

52.19.81.220
DNS

g2.gumgum.com

msedge.exe

Remote address:

8.8.8.8:53

Request

g2.gumgum.com

IN A

Response

g2.gumgum.com

IN A

52.19.81.220

g2.gumgum.com

IN A

52.213.137.156

g2.gumgum.com

IN A

34.252.204.17

g2.gumgum.com

IN A

52.215.125.147

g2.gumgum.com

IN A

52.51.111.200

g2.gumgum.com

IN A

52.208.188.224

g2.gumgum.com

IN A

79.125.101.2

g2.gumgum.com

IN A

54.220.54.244
DNS

onetag-sys.com

msedge.exe

Remote address:

8.8.8.8:53

Request

onetag-sys.com

IN A

Response

onetag-sys.com

IN A

51.75.86.98

onetag-sys.com

IN A

51.89.9.251

onetag-sys.com

IN A

51.89.9.254

onetag-sys.com

IN A

51.38.120.206

onetag-sys.com

IN A

51.89.9.253

onetag-sys.com

IN A

51.89.9.252
DNS

ssbsync.smartadserver.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ssbsync.smartadserver.com

IN A

Response

ssbsync.smartadserver.com

IN CNAME

ssbsync-geo.smartadserver.com

ssbsync-geo.smartadserver.com

IN CNAME

usersync-geo-global.usersync-prod-sas.akadns.net

usersync-geo-global.usersync-prod-sas.akadns.net

IN CNAME

ssbsync-euw1.smartadserver.com

ssbsync-euw1.smartadserver.com

IN A

81.17.55.170

ssbsync-euw1.smartadserver.com

IN A

89.149.192.196

ssbsync-euw1.smartadserver.com

IN A

89.149.192.197

ssbsync-euw1.smartadserver.com

IN A

81.17.55.171

ssbsync-euw1.smartadserver.com

IN A

89.149.192.244

ssbsync-euw1.smartadserver.com

IN A

89.149.192.245

ssbsync-euw1.smartadserver.com

IN A

89.149.192.75

ssbsync-euw1.smartadserver.com

IN A

81.17.55.123

ssbsync-euw1.smartadserver.com

IN A

81.17.55.108

ssbsync-euw1.smartadserver.com

IN A

81.17.55.109

ssbsync-euw1.smartadserver.com

IN A

81.17.55.122

ssbsync-euw1.smartadserver.com

IN A

89.149.192.76
DNS

ssum-sec.casalemedia.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ssum-sec.casalemedia.com

IN A

Response

ssum-sec.casalemedia.com

IN A

104.18.36.155

ssum-sec.casalemedia.com

IN A

172.64.151.101
DNS

secure-assets.rubiconproject.com

msedge.exe

Remote address:

8.8.8.8:53

Request

secure-assets.rubiconproject.com

IN A

Response

secure-assets.rubiconproject.com

IN CNAME

digicertwc.rubiconproject.com.edgekey.net

digicertwc.rubiconproject.com.edgekey.net

IN CNAME

e8960.e2.akamaiedge.net

e8960.e2.akamaiedge.net

IN A

23.215.239.190
DNS

cs-rtb.minutemedia-prebid.com

msedge.exe

Remote address:

8.8.8.8:53

Request

cs-rtb.minutemedia-prebid.com

IN A

Response

cs-rtb.minutemedia-prebid.com

IN CNAME

dheoaz9svaqd1.cloudfront.net

dheoaz9svaqd1.cloudfront.net

IN A

18.172.153.47

dheoaz9svaqd1.cloudfront.net

IN A

18.172.153.58

dheoaz9svaqd1.cloudfront.net

IN A

18.172.153.61

dheoaz9svaqd1.cloudfront.net

IN A

18.172.153.123
GET

https://p.rfihub.com/cm?pub=35683&in=1

msedge.exe

Remote address:

193.0.160.131:443

Request

GET /cm?pub=35683&in=1 HTTP/1.1
Host: p.rfihub.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.unknowncheats.me/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Date: Thu, 14 Mar 2024 21:02:17 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: ruds=H4sIAAAAAAAA_-MSNjU0MTQyNLAwNgCSpibmBmZmQnyGumVRAWblxRbmIfkGmQBrAhYeJQAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Set-Cookie: rud=H4sIAAAAAAAA_-MSNjU0MTQyNLAwNgCSpibmBmZmQnyGumVRAWblxRbmIfkGmQBrAhYeJQAAAA; Path=/; Domain=.rfihub.com; Expires=Tue, 8 Apr 2025 21:02:17 GMT; Secure; SameSite=None
Set-Cookie: eud=H4sIAAAAAAAA_1slymtobmhgYmpgaGxuZmoCAFjbN1kQAAAA; Path=/; Domain=.rfihub.com; Expires=Tue, 8 Apr 2025 21:02:17 GMT; Secure; SameSite=None
Location: https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5141210830210547066
Content-Length: 0
Server: Jetty(9.4.51.v20230217)
GET

https://p.rfihub.com/cm?pub=44007&in=1

msedge.exe

Remote address:

193.0.160.131:443

Request

GET /cm?pub=44007&in=1 HTTP/1.1
Host: p.rfihub.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://public.servenobid.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Date: Thu, 14 Mar 2024 21:02:19 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rud=H4sIAAAAAAAA_-MSNjU0MDcxNrYwNjYwNTU3NTExNRDiM9QNcwo1c_MqCos0DvEBAKlzkhQlAAAA; Path=/; Domain=.rfihub.com; Expires=Tue, 8 Apr 2025 21:02:19 GMT; Secure; SameSite=None
Set-Cookie: eud=H4sIAAAAAAAA_zslzmtobmhgYmpgaGxpYGoIAEAYyFwQAAAA; Path=/; Domain=.rfihub.com; Expires=Tue, 8 Apr 2025 21:02:19 GMT; Secure; SameSite=None
Set-Cookie: ruds=H4sIAAAAAAAA_-MSNjU0MDcxNrYwNjYwNTU3NTExNRDiM9QNcwo1c_MqCos0DvEBAKlzkhQlAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Location: https://ads.servenobid.com/sync?pid=324&uid=5107433833055754450
Content-Length: 0
Server: Jetty(9.4.51.v20230217)
DNS

sync.adkernel.com

msedge.exe

Remote address:

8.8.8.8:53

Request

sync.adkernel.com

IN A

Response

sync.adkernel.com

IN CNAME

1.cpm.ak-is2.net

1.cpm.ak-is2.net

IN A

77.245.57.72
GET

https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=

msedge.exe

Remote address:

35.214.149.91:443

Request

GET /sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP/1.1
Host: x.bidswitch.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.unknowncheats.me/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Moved Temporarily

Server: nginx
Date: Thu, 14 Mar 2024 21:02:17 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Location: https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent=
Set-Cookie: tuuid=17541efe-9627-44f3-a416-8acb291e990f; path=/; expires=Fri, 14-Mar-2025 21:02:17 GMT; domain=.bidswitch.net; samesite=none; secure
Set-Cookie: c=1710450137; path=/; expires=Fri, 14-Mar-2025 21:02:17 GMT; domain=.bidswitch.net; samesite=none; secure
Set-Cookie: tuuid_lu=1710450137; path=/; expires=Fri, 14-Mar-2025 21:02:17 GMT; domain=.bidswitch.net; samesite=none; secure
Set-Cookie: c=1710450137; path=/; expires=Fri, 14-Mar-2025 21:02:17 GMT; domain=.bidswitch.net; samesite=none; secure
GET

https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent=

msedge.exe

Remote address:

35.214.149.91:443

Request

GET /ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP/1.1
Host: x.bidswitch.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.unknowncheats.me/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 14 Mar 2024 21:02:17 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
GET

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_bafd225f-69ab-4af2-b288-ccd95597959c&gdpr=0&gdpr_consent=&us_privacy=1---

msedge.exe

Remote address:

35.214.149.91:443

Request

GET /sync?ssp=gumgum2&user_id=e_bafd225f-69ab-4af2-b288-ccd95597959c&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP/1.1
Host: x.bidswitch.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://g2.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 14 Mar 2024 21:02:17 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
GET

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_42b4f343-c748-4a1c-af2d-c580b1cb3a8b&gdpr=0&gdpr_consent=0&us_privacy=

msedge.exe

Remote address:

35.214.149.91:443

Request

GET /sync?ssp=gumgum2&user_id=e_42b4f343-c748-4a1c-af2d-c580b1cb3a8b&gdpr=0&gdpr_consent=0&us_privacy= HTTP/1.1
Host: x.bidswitch.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 14 Mar 2024 21:02:20 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
GET

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_9325befe-7c61-44f2-a2c3-d8e0df605064&gdpr=0&gdpr_consent=0&us_privacy=

msedge.exe

Remote address:

35.214.149.91:443

Request

GET /sync?ssp=gumgum2&user_id=e_9325befe-7c61-44f2-a2c3-d8e0df605064&gdpr=0&gdpr_consent=0&us_privacy= HTTP/1.1
Host: x.bidswitch.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 14 Mar 2024 21:02:21 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
GET

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_b14c2044-9b0e-47c5-a311-93f487bb056b&gdpr=0&gdpr_consent=0&us_privacy=

msedge.exe

Remote address:

35.214.149.91:443

Request

GET /sync?ssp=gumgum2&user_id=e_b14c2044-9b0e-47c5-a311-93f487bb056b&gdpr=0&gdpr_consent=0&us_privacy= HTTP/1.1
Host: x.bidswitch.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Moved Temporarily

Server: nginx
Date: Thu, 14 Mar 2024 21:02:23 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Location: https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_b14c2044-9b0e-47c5-a311-93f487bb056b&gdpr=0&gdpr_consent=0&us_privacy=
Set-Cookie: tuuid=8ae5b835-8042-4963-b551-a9c7e3917008; path=/; expires=Fri, 14-Mar-2025 21:02:23 GMT; domain=.bidswitch.net; samesite=none; secure
Set-Cookie: c=1710450143; path=/; expires=Fri, 14-Mar-2025 21:02:23 GMT; domain=.bidswitch.net; samesite=none; secure
Set-Cookie: tuuid_lu=1710450143; path=/; expires=Fri, 14-Mar-2025 21:02:23 GMT; domain=.bidswitch.net; samesite=none; secure
Set-Cookie: c=1710450143; path=/; expires=Fri, 14-Mar-2025 21:02:23 GMT; domain=.bidswitch.net; samesite=none; secure
GET

https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_b14c2044-9b0e-47c5-a311-93f487bb056b&gdpr=0&gdpr_consent=0&us_privacy=

msedge.exe

Remote address:

35.214.149.91:443

Request

GET /ul_cb/sync?ssp=gumgum2&user_id=e_b14c2044-9b0e-47c5-a311-93f487bb056b&gdpr=0&gdpr_consent=0&us_privacy= HTTP/1.1
Host: x.bidswitch.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 14 Mar 2024 21:02:23 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
GET

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_d60c189c-d45a-4e99-8049-15696e9ce271&gdpr=0&gdpr_consent=0&us_privacy=

msedge.exe

Remote address:

35.214.149.91:443

Request

GET /sync?ssp=gumgum2&user_id=e_d60c189c-d45a-4e99-8049-15696e9ce271&gdpr=0&gdpr_consent=0&us_privacy= HTTP/1.1
Host: x.bidswitch.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Moved Temporarily

Server: nginx
Date: Thu, 14 Mar 2024 21:02:54 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Location: https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_d60c189c-d45a-4e99-8049-15696e9ce271&gdpr=0&gdpr_consent=0&us_privacy=
Set-Cookie: tuuid=ebcb87ae-383b-4c23-a90e-809ac5dc6f7b; path=/; expires=Fri, 14-Mar-2025 21:02:54 GMT; domain=.bidswitch.net; samesite=none; secure
Set-Cookie: c=1710450174; path=/; expires=Fri, 14-Mar-2025 21:02:54 GMT; domain=.bidswitch.net; samesite=none; secure
Set-Cookie: tuuid_lu=1710450174; path=/; expires=Fri, 14-Mar-2025 21:02:54 GMT; domain=.bidswitch.net; samesite=none; secure
Set-Cookie: c=1710450174; path=/; expires=Fri, 14-Mar-2025 21:02:54 GMT; domain=.bidswitch.net; samesite=none; secure
GET

https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_d60c189c-d45a-4e99-8049-15696e9ce271&gdpr=0&gdpr_consent=0&us_privacy=

msedge.exe

Remote address:

35.214.149.91:443

Request

GET /ul_cb/sync?ssp=gumgum2&user_id=e_d60c189c-d45a-4e99-8049-15696e9ce271&gdpr=0&gdpr_consent=0&us_privacy= HTTP/1.1
Host: x.bidswitch.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 14 Mar 2024 21:02:55 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
GET

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_08e2a7d8-e9ec-49e3-a0d9-bbc73f0a29f4&gdpr=0&gdpr_consent=0&us_privacy=

msedge.exe

Remote address:

35.214.149.91:443

Request

GET /sync?ssp=gumgum2&user_id=e_08e2a7d8-e9ec-49e3-a0d9-bbc73f0a29f4&gdpr=0&gdpr_consent=0&us_privacy= HTTP/1.1
Host: x.bidswitch.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 14 Mar 2024 21:02:56 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
GET

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_0b60f980-b2dd-40ef-b061-b53e0d41f79e&gdpr=0&gdpr_consent=0&us_privacy=

msedge.exe

Remote address:

35.214.149.91:443

Request

GET /sync?ssp=gumgum2&user_id=e_0b60f980-b2dd-40ef-b061-b53e0d41f79e&gdpr=0&gdpr_consent=0&us_privacy= HTTP/1.1
Host: x.bidswitch.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 14 Mar 2024 21:02:57 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
GET

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_00e8c282-3417-4f43-a7a4-9c1df91e75da&gdpr=0&gdpr_consent=0&us_privacy=

msedge.exe

Remote address:

35.214.149.91:443

Request

GET /sync?ssp=gumgum2&user_id=e_00e8c282-3417-4f43-a7a4-9c1df91e75da&gdpr=0&gdpr_consent=0&us_privacy= HTTP/1.1
Host: x.bidswitch.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 14 Mar 2024 21:02:58 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
GET

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_2fbce7b6-2b74-4d62-a9b7-729791e5b5db&gdpr=0&gdpr_consent=0&us_privacy=

msedge.exe

Remote address:

35.214.149.91:443

Request

GET /sync?ssp=gumgum2&user_id=e_2fbce7b6-2b74-4d62-a9b7-729791e5b5db&gdpr=0&gdpr_consent=0&us_privacy= HTTP/1.1
Host: x.bidswitch.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Moved Temporarily

Server: nginx
Date: Thu, 14 Mar 2024 21:03:23 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Location: https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_2fbce7b6-2b74-4d62-a9b7-729791e5b5db&gdpr=0&gdpr_consent=0&us_privacy=
Set-Cookie: tuuid=2eb713c7-b07d-4ccc-91cb-b9abfcacedc6; path=/; expires=Fri, 14-Mar-2025 21:03:23 GMT; domain=.bidswitch.net; samesite=none; secure
Set-Cookie: c=1710450203; path=/; expires=Fri, 14-Mar-2025 21:03:23 GMT; domain=.bidswitch.net; samesite=none; secure
Set-Cookie: tuuid_lu=1710450203; path=/; expires=Fri, 14-Mar-2025 21:03:23 GMT; domain=.bidswitch.net; samesite=none; secure
Set-Cookie: c=1710450203; path=/; expires=Fri, 14-Mar-2025 21:03:23 GMT; domain=.bidswitch.net; samesite=none; secure
GET

https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_2fbce7b6-2b74-4d62-a9b7-729791e5b5db&gdpr=0&gdpr_consent=0&us_privacy=

msedge.exe

Remote address:

35.214.149.91:443

Request

GET /ul_cb/sync?ssp=gumgum2&user_id=e_2fbce7b6-2b74-4d62-a9b7-729791e5b5db&gdpr=0&gdpr_consent=0&us_privacy= HTTP/1.1
Host: x.bidswitch.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 14 Mar 2024 21:03:23 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
GET

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_a631c396-5fc4-4378-9bc9-b31449734366&gdpr=0&gdpr_consent=0&us_privacy=

msedge.exe

Remote address:

35.214.149.91:443

Request

GET /sync?ssp=gumgum2&user_id=e_a631c396-5fc4-4378-9bc9-b31449734366&gdpr=0&gdpr_consent=0&us_privacy= HTTP/1.1
Host: x.bidswitch.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 14 Mar 2024 21:03:25 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
GET

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_d64428ec-54ce-4a48-8237-110549aba0a4&gdpr=0&gdpr_consent=0&us_privacy=

msedge.exe

Remote address:

35.214.149.91:443

Request

GET /sync?ssp=gumgum2&user_id=e_d64428ec-54ce-4a48-8237-110549aba0a4&gdpr=0&gdpr_consent=0&us_privacy= HTTP/1.1
Host: x.bidswitch.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 14 Mar 2024 21:03:25 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
GET

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_560adcd9-e34a-45f1-8e0d-6ad0ce04a047&gdpr=0&gdpr_consent=0&us_privacy=

msedge.exe

Remote address:

35.214.149.91:443

Request

GET /sync?ssp=gumgum2&user_id=e_560adcd9-e34a-45f1-8e0d-6ad0ce04a047&gdpr=0&gdpr_consent=0&us_privacy= HTTP/1.1
Host: x.bidswitch.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Moved Temporarily

Server: nginx
Date: Thu, 14 Mar 2024 21:03:29 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Location: https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_560adcd9-e34a-45f1-8e0d-6ad0ce04a047&gdpr=0&gdpr_consent=0&us_privacy=
Set-Cookie: tuuid=f9aa67fa-1543-400d-a23b-d3d88f3c6937; path=/; expires=Fri, 14-Mar-2025 21:03:29 GMT; domain=.bidswitch.net; samesite=none; secure
Set-Cookie: c=1710450209; path=/; expires=Fri, 14-Mar-2025 21:03:29 GMT; domain=.bidswitch.net; samesite=none; secure
Set-Cookie: tuuid_lu=1710450209; path=/; expires=Fri, 14-Mar-2025 21:03:29 GMT; domain=.bidswitch.net; samesite=none; secure
Set-Cookie: c=1710450209; path=/; expires=Fri, 14-Mar-2025 21:03:29 GMT; domain=.bidswitch.net; samesite=none; secure
GET

https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_560adcd9-e34a-45f1-8e0d-6ad0ce04a047&gdpr=0&gdpr_consent=0&us_privacy=

msedge.exe

Remote address:

35.214.149.91:443

Request

GET /ul_cb/sync?ssp=gumgum2&user_id=e_560adcd9-e34a-45f1-8e0d-6ad0ce04a047&gdpr=0&gdpr_consent=0&us_privacy= HTTP/1.1
Host: x.bidswitch.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 14 Mar 2024 21:03:31 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
GET

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_238c96d0-080b-464b-9819-02649520a263&gdpr=0&gdpr_consent=0&us_privacy=

msedge.exe

Remote address:

35.214.149.91:443

Request

GET /sync?ssp=gumgum2&user_id=e_238c96d0-080b-464b-9819-02649520a263&gdpr=0&gdpr_consent=0&us_privacy= HTTP/1.1
Host: x.bidswitch.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 14 Mar 2024 21:03:32 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
GET

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_113e3891-95fe-483c-bcf7-92df15b25d19&gdpr=0&gdpr_consent=0&us_privacy=

msedge.exe

Remote address:

35.214.149.91:443

Request

GET /sync?ssp=gumgum2&user_id=e_113e3891-95fe-483c-bcf7-92df15b25d19&gdpr=0&gdpr_consent=0&us_privacy= HTTP/1.1
Host: x.bidswitch.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Moved Temporarily

Server: nginx
Date: Thu, 14 Mar 2024 21:03:55 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Location: https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_113e3891-95fe-483c-bcf7-92df15b25d19&gdpr=0&gdpr_consent=0&us_privacy=
Set-Cookie: tuuid=1acd8f66-aa85-40ce-a927-47e6d80d249b; path=/; expires=Fri, 14-Mar-2025 21:03:55 GMT; domain=.bidswitch.net; samesite=none; secure
Set-Cookie: c=1710450235; path=/; expires=Fri, 14-Mar-2025 21:03:55 GMT; domain=.bidswitch.net; samesite=none; secure
Set-Cookie: tuuid_lu=1710450235; path=/; expires=Fri, 14-Mar-2025 21:03:55 GMT; domain=.bidswitch.net; samesite=none; secure
Set-Cookie: c=1710450235; path=/; expires=Fri, 14-Mar-2025 21:03:55 GMT; domain=.bidswitch.net; samesite=none; secure
GET

https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_113e3891-95fe-483c-bcf7-92df15b25d19&gdpr=0&gdpr_consent=0&us_privacy=

msedge.exe

Remote address:

35.214.149.91:443

Request

GET /ul_cb/sync?ssp=gumgum2&user_id=e_113e3891-95fe-483c-bcf7-92df15b25d19&gdpr=0&gdpr_consent=0&us_privacy= HTTP/1.1
Host: x.bidswitch.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 14 Mar 2024 21:03:56 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
GET

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_79532521-4522-4ff1-9348-e8c7e721f1ba&gdpr=0&gdpr_consent=0&us_privacy=

msedge.exe

Remote address:

35.214.149.91:443

Request

GET /sync?ssp=gumgum2&user_id=e_79532521-4522-4ff1-9348-e8c7e721f1ba&gdpr=0&gdpr_consent=0&us_privacy= HTTP/1.1
Host: x.bidswitch.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 14 Mar 2024 21:03:58 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
GET

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=140&gdpr=0&gdpr_consent=

msedge.exe

Remote address:

34.36.216.150:443

Request

GET /dmp/pixelSync?nid=140&gdpr=0&gdpr_consent= HTTP/2.0
host: pixel-sync.sitescout.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east

msedge.exe

Remote address:

23.215.239.190:443

Request

GET /utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP/2.0
host: secure-assets.rubiconproject.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://public.servenobid.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 301

server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
date: Thu, 14 Mar 2024 21:02:17 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
GET

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum

msedge.exe

Remote address:

23.215.239.190:443

Request

GET /utils/xapi/multi-sync.html?p=gumgum HTTP/2.0
host: secure-assets.rubiconproject.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 301

server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?p=gumgum
date: Thu, 14 Mar 2024 21:02:18 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
GET

https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D

msedge.exe

Remote address:

18.172.153.47:443

Request

GET /sync-iframe?gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D HTTP/2.0
host: cs-rtb.minutemedia-prebid.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://public.servenobid.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:02:17 GMT
x-envoy-upstream-service-time: 0
server: istio-envoy
x-cache: Miss from cloudfront
via: 1.1 0766d8e708a5a741c4b092a9b750695a.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P5
x-amz-cf-id: OIia5P0t-ceCA9sYueh0ymJZqWzCmSXLXIr9fUh_-pTMCiHNZzFY-w==
GET

https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&us_privacy=1YN-&

msedge.exe

Remote address:

77.245.57.72:443

Request

GET /user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&us_privacy=1YN-& HTTP/1.1
Host: sync.adkernel.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://public.servenobid.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 14 Mar 2024 21:02:17 GMT
Content-Length: 0
Connection: close
Cache-Control: no-store
GET

https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

msedge.exe

Remote address:

51.75.86.98:443

Request

GET /usync/?pubId=694e68b73971b58&gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D HTTP/2.0
host: onetag-sys.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://public.servenobid.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

cache-control: no-store
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
GET

https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

msedge.exe

Remote address:

51.75.86.98:443

Request

GET /usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D HTTP/2.0
host: onetag-sys.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 403

cache-control: no-store
content-length: 0
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
GET

https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

msedge.exe

Remote address:

51.75.86.98:443

Request

GET /usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D HTTP/2.0
host: onetag-sys.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 403

cache-control: no-store
content-length: 0
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
GET

https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

msedge.exe

Remote address:

51.75.86.98:443

Request

GET /usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D HTTP/2.0
host: onetag-sys.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 403

cache-control: no-store
content-length: 0
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
GET

https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D HTTP/2.0
host: ssum-sec.casalemedia.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://public.servenobid.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:02:17 GMT
content-length: 0
location: /usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
cf-ray: 8647342d6fa27786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
set-cookie: CMID=ZfNl2bmqPnoAAEWHAM4BrgAA; Path=/; Domain=casalemedia.com; Expires=Fri, 14 Mar 2025 21:02:17 GMT; Max-Age=31536000; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMPS=5100; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:02:17 GMT; Max-Age=7776000; Secure; SameSite=None
set-cookie: CMPRO=5100; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:02:17 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ValuSs%2Br8krC8hUseghGukRl2%2BzzwLD%2Ff%2BBNi3FmPb9%2FOAz73HCMylsSDlYWlJl794FcaBMYdt%2FlVu85H7EbvqwXXPkWXd%2BntzllZlKgaKWpsoUM8fN7jcenvaKB2pa%2FH%2BMA7fc29yDWJg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1 HTTP/2.0
host: ssum-sec.casalemedia.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://public.servenobid.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:17 GMT
content-type: text/html
cf-ray: 8647342de83a7786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d2MS5XDjA%2Bx3pUj%2Fu8UnpECpMJIzYZQdpT9Soj%2BMlRT05LIENos9hEVRUZxU6hT4SoHVa%2BhIWxslcUfGWTFplBsdTvgYr3WmRd4IYwqVC5PAVKamP5JD129wpLwmOEsHyblQfultE9Czpg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D HTTP/2.0
host: ssum.casalemedia.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:02:18 GMT
content-length: 0
location: /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1
cf-ray: 864734358b647786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
set-cookie: CMID=ZfNl2rmqPzgAAHK.AM3HwwAA; Path=/; Domain=casalemedia.com; Expires=Fri, 14 Mar 2025 21:02:18 GMT; Max-Age=31536000; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMPS=4344; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:02:18 GMT; Max-Age=7776000; Secure; SameSite=None
set-cookie: CMPRO=4344; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:02:18 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PfPszfTrq7fROkAIKBDSWrWmV%2BvYgsMxWoSmvWEcQ6ONoNvFGT0Sun9Wd8j%2Bpk%2BvhdlOdcJYma37r1V0FndjcDHxLG9fdrokz2XAiIzSc%2BDxo0P7hJEbZlG9DHlJe14l56E7IitB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1 HTTP/2.0
host: ssum.casalemedia.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:02:18 GMT
content-length: 0
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=74&uid=0
cf-ray: 864734365c837786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U8opKdr7GI4UNgp9HWoygfFcu6A52wWDNQQw3XAqVbvfXTlbxKE8EKCyRT8byp0p%2F%2FW7MukcYlX6%2FjESjgEFf%2Ba5sMSSqgS0wIsnavyxRtIvNcLth7vra6CqCv%2BjjeJnn5HWALFv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D HTTP/2.0
host: ssum.casalemedia.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:02:20 GMT
content-length: 0
location: /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1
cf-ray: 8647343f9fd37786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
set-cookie: CMID=ZfNl3LlQJeAAAGJpAHJDKwAA; Path=/; Domain=casalemedia.com; Expires=Fri, 14 Mar 2025 21:02:20 GMT; Max-Age=31536000; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMPS=5115; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:02:20 GMT; Max-Age=7776000; Secure; SameSite=None
set-cookie: CMPRO=5115; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:02:20 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z0q%2FM7d83FWDDC1x2iOOqBINPD26hErMsUvJFnsqgQ2IVmQX%2FpTQ8Vecz8yAo1wu42z8LN7ksRRQhOt%2BlIf2mB26tDunGg%2B%2FougNMdhOnA2R7GbL%2FJAwrQu%2FBn0Z%2B0ii7bkIrrO6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1 HTTP/2.0
host: ssum.casalemedia.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:02:20 GMT
content-length: 0
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=74&uid=0
cf-ray: 86473441da937786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LCXAO1ihKha4mJ2rZ%2BjvKqO9H5raj%2Fpzd7HFytVH2TxecTZmUWuEWxAaCt%2FWhP8kRyA39Xu0JyhGc3rKWNHxLhjyR0A0GPEGwUgEs8J60Oj97q2kc2kK1gYFsjvGolhONcJX7LpA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D HTTP/2.0
host: ssum.casalemedia.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:02:21 GMT
content-length: 0
location: /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1
cf-ray: 86473448b9fe7786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
set-cookie: CMID=ZfNl3bmqPyEAAC4QAMz1pAAA; Path=/; Domain=casalemedia.com; Expires=Fri, 14 Mar 2025 21:02:21 GMT; Max-Age=31536000; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMPS=4321; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:02:21 GMT; Max-Age=7776000; Secure; SameSite=None
set-cookie: CMPRO=4321; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:02:21 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jPJcrHE89C4kc92OWBayMko3joK5JSpUqxxb426iKNWrRIPNVseGe1isoSvb%2BWMyB2bacpYuHB43y%2FRwrt0KtpRJinVizsmBE2GZQYhHfB2TZqtrg%2BYki%2FGjtlvCDHyxNn7XuWr0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1 HTTP/2.0
host: ssum.casalemedia.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:02:21 GMT
content-length: 0
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=74&uid=0
cf-ray: 8647344b4ce77786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FHsNZ2CzN0dptl%2FU3zaJbkXQDoSjRwqZU3i7p0Z2a2ZN8dXfiwZMCP8XHfjAhAPUkjgXEH5dXfwbyFG3aeOucxqjaBW0YD2KhwOOZWhuqt%2Bh%2FnKymSxJREb6PD1g7gBk9FnEFlcw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D HTTP/2.0
host: ssum.casalemedia.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:02:51 GMT
content-length: 0
location: /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1
cf-ray: 86473505bb757786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
set-cookie: CMID=ZfNl.7lQJKAAAGRIAHGwhwAA; Path=/; Domain=casalemedia.com; Expires=Fri, 14 Mar 2025 21:02:51 GMT; Max-Age=31536000; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMPS=210; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:02:51 GMT; Max-Age=7776000; Secure; SameSite=None
set-cookie: CMPRO=210; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:02:51 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BMvMpAHn4vrZt2BELEiSqMHWNJ%2Bh4SYfKvXEczg7iBlFt%2FYqL2G7j9enuztPU4CJa98auTKoSW51Mro8637jOJYhU1xzpDAOGQlP%2Bxz8vfQmdWPSaoQUte6Hu6w0Qvuiu06xhwNn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1 HTTP/2.0
host: ssum.casalemedia.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:02:51 GMT
content-length: 0
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=74&uid=0
cf-ray: 864735063bf87786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vi0%2BlQITzHYm2g4FX%2FurxqNISYJvNTqf4aVus2VSqf%2BD4yvlZ94gRNBPnV3R%2F%2BJa13%2B9Ev6mzdohgwZSVio%2B%2F%2FnCRjUkGIrwRhK%2B1tm63AJNUvRMNSmYr%2Bgk4JXJSeG0JFtrZpbn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D HTTP/2.0
host: ssum.casalemedia.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:02:52 GMT
content-length: 0
location: /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1
cf-ray: 8647350b292f7786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
set-cookie: CMID=ZfNl-LmqPrcAAAmnAM3v6wAA; Path=/; Domain=casalemedia.com; Expires=Fri, 14 Mar 2025 21:02:52 GMT; Max-Age=31536000; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMPS=4441; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:02:52 GMT; Max-Age=7776000; Secure; SameSite=None
set-cookie: CMPRO=4441; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:02:52 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gh39SYqytNUi%2BEwcjc27wJ2Hnm1J7%2Bl7ttyqL%2FnO3C1pqrkqjvzffu5Jwh1YTeaG%2BguqKq96fDzhA4RKkkJISLzzN9lMri0tVOBDLwPvHZHqbryWQhe8TQL40Obe9aqBMgKh9MXV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1 HTTP/2.0
host: ssum.casalemedia.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:02:52 GMT
content-length: 0
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=74&uid=0
cf-ray: 8647350bda8c7786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OYqFWhHB1BwEV2KuZBaAWJ2tWyNcnsqQR2SkaD%2FajW66gSbXsiZfljw4RPinzfiEBIFUJGE7ONAkLGkpKSsMIWdT5XMfFtRFjkvD5O4rOuFdr9%2BWUTH73dAyCOxkL%2BvzQUn5NCw4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D HTTP/2.0
host: ssum.casalemedia.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:02:53 GMT
content-length: 0
location: /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1
cf-ray: 8647350ece2f7786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
set-cookie: CMID=ZfNl-blQJdIAAEuIAHJO-gAA; Path=/; Domain=casalemedia.com; Expires=Fri, 14 Mar 2025 21:02:53 GMT; Max-Age=31536000; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMPS=5101; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:02:53 GMT; Max-Age=7776000; Secure; SameSite=None
set-cookie: CMPRO=5101; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:02:53 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V7GcjqXFlPEdCzKJj5BsfjfJL4omJBtsspBtwKiNj2cuO6ZfpuYjlSxLaOt8bQpRuvJxSvcyyq%2FC%2BCUHYCi2Mui0I96%2Bhh%2FlMvYdAhCrgBded3TUIpPxXcd%2B2WO7d0zUPr8GKK%2BA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1 HTTP/2.0
host: ssum.casalemedia.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:02:53 GMT
content-length: 0
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=74&uid=0
cf-ray: 8647350f6eed7786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4of6S57%2FDySu5g2O8rxBEdmrk07Gb4TGHe0shzHY8v4N%2F77oFUViORdfrYYzLApSlTHNJluHLuyQZyxRKa5kslsuinoE6S5gIV6vyYiYrhZAw7Sjj2sfLrIknueNzBaxuI7xOVaD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D HTTP/2.0
host: ssum.casalemedia.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:02:55 GMT
content-length: 0
location: /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1
cf-ray: 8647351b4d517786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
set-cookie: CMID=ZfNl-7lQJdUAACDbAJJLlAAA; Path=/; Domain=casalemedia.com; Expires=Fri, 14 Mar 2025 21:02:55 GMT; Max-Age=31536000; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMPS=5104; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:02:55 GMT; Max-Age=7776000; Secure; SameSite=None
set-cookie: CMPRO=5104; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:02:55 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FuoLBp%2BLlJgTlDpTwsQJfkvVu2Qbw%2B2OXl%2FQT6jagvsbwMxArxDxCQdFm4FGFiNhCg2MkKR8v5Dx7r9S5wwfve8evamrh9Hk4lJfPA0BQk2D9mu5ePTDkaSZcBPjHv07fxF0UGhF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D HTTP/2.0
host: ssum.casalemedia.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:02:55 GMT
content-length: 0
location: /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1
cf-ray: 8647351e29787786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
set-cookie: CMID=ZfNl-7mqP2cAADrTAM5ibgAA; Path=/; Domain=casalemedia.com; Expires=Fri, 14 Mar 2025 21:02:55 GMT; Max-Age=31536000; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMPS=4511; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:02:55 GMT; Max-Age=7776000; Secure; SameSite=None
set-cookie: CMPRO=4511; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:02:55 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nJD5tPgNE65HbRhVfdtjNdzc8k4dB840mo3P45FHlUFTTkpyulDoZsJ8UoK74ZJMYVuP9rCPEPsnJ97485WVQjYRQRvUs75LG%2F5%2FhH2grM0hhePLzyOPGL5%2Fbpryqaw%2FmTder4I8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1 HTTP/2.0
host: ssum.casalemedia.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:02:56 GMT
content-length: 0
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=74&uid=0
cf-ray: 864735205bdb7786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5VyppGfA86moqM9Ie8uIA4K2rTJtIFRClOwq67zQH7G92PUISp5rnjz6irSB5pV%2BIPs4kqsc5fY4ZH7FhP8W09PjtVr3M0HLkZlh6KCBSbPcadphfqVHng8guQ5sQ4fyV7HvDz%2FL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1 HTTP/2.0
host: ssum.casalemedia.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:02:58 GMT
content-length: 0
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=74&uid=0
cf-ray: 8647352cec457786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SpNUN7BT0F2iTCVrG9NSCMZ2HWELY%2FfNA4IVOflPnJSW7GtFANyGP9h8O2y7EnsyiuUZGcQim2u0vSBqiZVkb2uR06caL52tIECjJgcoQ5I7KU0kdQz%2FTsjN5Gt%2BOVIHRPSyNbKv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D HTTP/2.0
host: ssum.casalemedia.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:02:58 GMT
content-length: 0
location: /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1
cf-ray: 8647352cec477786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
set-cookie: CMID=ZfNmArlQJLkAAFUvAHJmvQAA; Path=/; Domain=casalemedia.com; Expires=Fri, 14 Mar 2025 21:02:58 GMT; Max-Age=31536000; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMPS=235; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:02:58 GMT; Max-Age=7776000; Secure; SameSite=None
set-cookie: CMPRO=235; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:02:58 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9l%2BWa6IW8f5f3s1pfxt3fOY8xgarFInixv%2F%2BMOLql3JEPdVpfhTIGfzKToUIm4xN0BWkpN1XGSl4H4I9h7r%2FYYR1UUbmIoKoMxKX5h2UxBxS5aB3AfvoC%2Fl6k1q57F6cihnhH4E3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1 HTTP/2.0
host: ssum.casalemedia.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:02:58 GMT
content-length: 0
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=74&uid=0
cf-ray: 8647352d5ccb7786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nYx%2F0L14fzjtvZydn7hNKy7COrIyyINtLbxeTpL%2ByFn%2FZGFXSnLHYi8sZNIUv67MomE46%2BnOuMdhoLKPg1b%2BvSb0PZY4AYZ%2Fn%2B91hvOzU8ceKu%2BbfwAe9d0u1CpxK2hVhEfLYvix"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D HTTP/2.0
host: ssum.casalemedia.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:21 GMT
content-length: 0
location: /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1
cf-ray: 864735c11b7b7786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
set-cookie: CMID=ZfNmGbmqP1AAAGQWAM6svgAA; Path=/; Domain=casalemedia.com; Expires=Fri, 14 Mar 2025 21:03:21 GMT; Max-Age=31536000; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMPS=4488; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:03:21 GMT; Max-Age=7776000; Secure; SameSite=None
set-cookie: CMPRO=4488; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:03:21 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KCMLXIr0OFW9H6Yll6XyR9%2BC%2FQoWBMFeJIz8kZHJyZgcSUW4WP124X97Y3t3IYfVl6bM%2F3Zhwh0DMR242bUkt4gj2Sc%2FuZfq7v1RjP3EMKW8sBP%2Bxw8iNxyjcrYl86C2yaDbc327"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1 HTTP/2.0
host: ssum.casalemedia.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:21 GMT
content-length: 0
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=74&uid=0
cf-ray: 864735c19c217786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EezDMXpTTAD%2Bhp81t2iLhSgyi1MlmCREISFaIjbDg814qZ6rLps83z923091yC13qT7kuqMK7l4fE9lk2VHa%2BLV8KnAabxZF3Ce20fD%2FTOPjSMz%2B%2F%2F0ELXTkREW6MM6CRUmdHduz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D HTTP/2.0
host: ssum.casalemedia.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:22 GMT
content-length: 0
location: /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1
cf-ray: 864735c47f6b7786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
set-cookie: CMID=ZfNmGrmqPngAABCOAM2yzQAA; Path=/; Domain=casalemedia.com; Expires=Fri, 14 Mar 2025 21:03:22 GMT; Max-Age=31536000; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMPS=5098; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:03:22 GMT; Max-Age=7776000; Secure; SameSite=None
set-cookie: CMPRO=5098; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:03:22 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gQARs0g0OHt3lQwTJFKKsii5A%2F%2FZSK95L8vFck17AjK%2FbcOsUUgjMfQGvFIdAggVA%2Bq89tgoLzHIBWcRW%2FaJvIiZJ%2FvX%2FGKIRhi2h1Vx2KZryapREus0%2FdMDODrtkE2e7xE1l0pG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1 HTTP/2.0
host: ssum.casalemedia.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:22 GMT
content-length: 0
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=74&uid=0
cf-ray: 864735c4efda7786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rv3YqR6HKZagQbmsRSvTW0giY3GNF57v0wwpvVGr2Ri3eScy7U%2Fhbe5ogWkVp%2FoWjJS8kVTs3V%2BFUKx5o2OPTVHz6ooyeBb8spigjCE8pnRkLOHnVVYHBuA9qGlUS0P45YuwNsEO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D HTTP/2.0
host: ssum.casalemedia.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:22 GMT
content-length: 0
location: /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1
cf-ray: 864735c78a5d7786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
set-cookie: CMID=ZfNmGlVbL4sAAGCcAM09zgAA; Path=/; Domain=casalemedia.com; Expires=Fri, 14 Mar 2025 21:03:22 GMT; Max-Age=31536000; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMPS=1868; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:03:22 GMT; Max-Age=7776000; Secure; SameSite=None
set-cookie: CMPRO=1868; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:03:22 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VeBBOPUnV%2B09J9V5U%2FhPvT8nOSDh3fJCvQosdOGFj%2BEONyUVgA3OxH847WIVrnzT%2BUD2gsBaJHIw9uoWKOAodPrjq1L9D4KQM2eogaBxXyffof9mQKQs6wdmUAJUhXHR5yjiFPIv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1 HTTP/2.0
host: ssum.casalemedia.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:22 GMT
content-length: 0
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=74&uid=0
cf-ray: 864735c81ada7786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V4%2F%2Fv2DSnj1jYX0KMYOaJpCBskizY9n9yF1Wj98m5TDxWi3DufMIPlB0dnGW0D1%2BOcrLTMi77KA30%2BCP9vuUU%2FoJbtSpxIKeaYnladgIGVDyrJqK0udryrv3QDKI%2FCqbv0EmZP49"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D HTTP/2.0
host: ssum.casalemedia.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:23 GMT
content-length: 0
location: /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1
cf-ray: 864735cb8ece7786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
set-cookie: CMID=ZfNmG7mqPrQAAEEsAM5XSQAA; Path=/; Domain=casalemedia.com; Expires=Fri, 14 Mar 2025 21:03:23 GMT; Max-Age=31536000; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMPS=4408; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:03:23 GMT; Max-Age=7776000; Secure; SameSite=None
set-cookie: CMPRO=4408; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:03:23 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iGPSuYPqoK8Q0%2FNNU%2FX0pllrastGxYRL5YcAhc8idRVbDppE4PTCc4maw0sNxiOOE5tg15559aCb%2FA6MCcCQ3q%2B%2BPl1G6Tc6f13G%2BYv4PmPSi6Cs5%2BkZ%2BHXpcNqsXoXp7nutbXqa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1 HTTP/2.0
host: ssum.casalemedia.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:23 GMT
content-length: 0
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=74&uid=0
cf-ray: 864735cc0f797786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iyGoAuOTmzzjYrdXo54oqk%2BABFQk7Doa80KO5pjyhJhzAq7sxo49vm8S2bY3trqqQjyYRbwh0S5CvX2QSkaNPPAFkW%2BLx8drMRJofkqU9hA02q1Lo3HAJpIppjA5V12ORtj%2BM5Ip"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D HTTP/2.0
host: ssum.casalemedia.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:24 GMT
content-length: 0
location: /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1
cf-ray: 864735cffc337786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
set-cookie: CMID=ZfNmHFVbL44AAGT3AM2STgAA; Path=/; Domain=casalemedia.com; Expires=Fri, 14 Mar 2025 21:03:24 GMT; Max-Age=31536000; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMPS=1871; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:03:24 GMT; Max-Age=7776000; Secure; SameSite=None
set-cookie: CMPRO=1871; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:03:24 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C%2BwtkAK%2BqfNhuqhMPGfQqrdBy9bboe%2FEGvS4stfb4YhfPFwopdyxt06UaHvwEuPW4JakThUe1PFT5R5qEyNBYaQ0WM1HqnIXFFEKzsk%2BvhGKVOwNH8OkCfUjTrO5qY6p4QJyIjuo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1 HTTP/2.0
host: ssum.casalemedia.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:24 GMT
content-length: 0
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=74&uid=0
cf-ray: 864735d0ad077786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3BBSz3%2FZ7qHLA%2FZzCVngzaKOd8RlXeHwdBrtSFaQ9jTUrrZBjTNGZxoNR3JXIsBqzA%2ByYArDKB78Ct9zAclFsn6eWu9RBZPtgy1dVD2Xf2frdmzBcqcomfkmVVKNNjvFVxLuBTA1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D HTTP/2.0
host: ssum.casalemedia.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:25 GMT
content-length: 0
location: /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1
cf-ray: 864735d56aad7786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
set-cookie: CMID=ZfNmHbmqPpwAAC.LAM1plwAA; Path=/; Domain=casalemedia.com; Expires=Fri, 14 Mar 2025 21:03:25 GMT; Max-Age=31536000; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMPS=4384; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:03:25 GMT; Max-Age=7776000; Secure; SameSite=None
set-cookie: CMPRO=4384; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:03:25 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RoqwWrdZGmX80pQ%2BaxAeQ58xcvki3MB5d93dsgqDbgiGZCcbsIQdm3wctMIt51K1jyFQNhvAev%2ByzNeFRLSiTKZRPwnEgpeXefvtfwWI1mAnjrhm2oDOGJR%2F0t292Qa9QjhnnbuD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1 HTTP/2.0
host: ssum.casalemedia.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:26 GMT
content-length: 0
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=74&uid=0
cf-ray: 864735e04ff87786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RRK1KNDk4h7eDsku%2BYrglZWCV9xF%2BhGGA4eCFpEgR21t0jYPpUtyY6rc91RFZcf2Wl2pmmqe0IetWlt40ddY%2BB5p1unIkeWV%2FejzdnQdDksAMNMlBDwO2zbGrVtiwuLxv5x1e4pK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D HTTP/2.0
host: ssum.casalemedia.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:26 GMT
content-length: 0
location: /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1
cf-ray: 864735e04ffc7786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
set-cookie: CMID=ZfNmHlVbL3wAADRdAM0QBQAA; Path=/; Domain=casalemedia.com; Expires=Fri, 14 Mar 2025 21:03:26 GMT; Max-Age=31536000; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMPS=1853; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:03:26 GMT; Max-Age=7776000; Secure; SameSite=None
set-cookie: CMPRO=1853; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:03:26 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eA1Z%2BsKMBA%2FdIA1usVPdGJDAU0bKqOpKyBMnh9Dx7S3646R53mSBRpmp9VXvHzaQgYflryquamCjLmxQk8jjFcwTHnpgzpUSz9JC%2BkMX5m7N%2FPZAMI6NIXhJMonXZk0OljZlBWyG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1 HTTP/2.0
host: ssum.casalemedia.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:27 GMT
content-length: 0
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=74&uid=0
cf-ray: 864735e749127786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p%2B%2B0LxBv1PcHY2wD0J4dbj8PNxGWVKThCCrGwomq9umubBKrBYRmVIuKsffCV5sM6fw%2FR%2BLkmMKP4rExUl%2FzbdlFya20viY8NKa8Xvl%2BzVz5GZXgWPOPQoSdUQO6xAtobOvdF8%2FZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D HTTP/2.0
host: ssum.casalemedia.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:27 GMT
content-length: 0
location: /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1
cf-ray: 864735e749157786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
set-cookie: CMID=ZfNmH7lQJL8AADuWAHKicwAA; Path=/; Domain=casalemedia.com; Expires=Fri, 14 Mar 2025 21:03:27 GMT; Max-Age=31536000; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMPS=241; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:03:27 GMT; Max-Age=7776000; Secure; SameSite=None
set-cookie: CMPRO=241; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:03:27 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rPTESrjnA%2BWxaugGfFFPLiLzamOYUuVWIzFo5W5UG3Gf9SNQ7kp5NMpYnEmDCpt%2Fpm9g1CM5OGq%2BPWJjY74i8fAc%2FPxJDoNIIm%2B4lGgewefgOCXYshsxgLiOMuSQ%2BWZ4qBnnbo9Z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1 HTTP/2.0
host: ssum.casalemedia.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:27 GMT
content-length: 0
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=74&uid=0
cf-ray: 864735e7b9a37786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GefgMFdJDd58m1olxNCB%2Ft0%2FKv%2B6T3A2LzAir7cJUV8YO1w8fyH959jRQiWzcjbN71fc9R023c%2FoytIHzT%2B3BKbLwOGLehVcZOzLxpNrdDraGnZZMqzXMimWgIQ2E6gMw0SBltOG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D HTTP/2.0
host: ssum.casalemedia.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:29 GMT
content-length: 0
location: /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1
cf-ray: 864735ee8a627786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
set-cookie: CMID=ZfNmIbmqPucAACImAM3XPgAA; Path=/; Domain=casalemedia.com; Expires=Fri, 14 Mar 2025 21:03:29 GMT; Max-Age=31536000; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMPS=4549; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:03:29 GMT; Max-Age=7776000; Secure; SameSite=None
set-cookie: CMPRO=4549; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:03:29 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yI11I%2B8j5idn%2FYBR576E2yLam%2FbFpNlP9VzvJqDUuc2oSy8LEGR%2FzHxKIrYsg8lETa539xsyLUW9B%2FC2Kb57nE%2FpoWvm261%2FchBZfN2IwnDl%2F4Fc91xbIEFVC5zl4Z%2BBSnpdnCqC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1 HTTP/2.0
host: ssum.casalemedia.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:29 GMT
content-length: 0
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=74&uid=0
cf-ray: 864735ef7ba37786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3gwdcdjp8Ycn2FzbRIFv36Pyy3Bwccb3b3EmfgYqdnGBxdY4WGzILuBD%2FJkP9iRNzSjaADSsphtnWWkepZ7PnHAXZkzV0bLA1wiyOKapjuxw62hsjBJ2fSFaSDMK8u9%2FSZi8mM%2F9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D HTTP/2.0
host: ssum.casalemedia.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:31 GMT
content-length: 0
location: /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1
cf-ray: 864735fee8637786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
set-cookie: CMID=ZfNmI1VbL3UAAHJwAM1wuQAA; Path=/; Domain=casalemedia.com; Expires=Fri, 14 Mar 2025 21:03:31 GMT; Max-Age=31536000; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMPS=1846; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:03:31 GMT; Max-Age=7776000; Secure; SameSite=None
set-cookie: CMPRO=1846; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:03:31 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fXqGHWX5qpRgSae8VZtON%2FTb9pPE2D7vctLhng%2FzUh%2BWFyhw%2FGNqN2xKdpMQW3Wxe3r4aPRTRT8oQJZfiln0wtyAs7URfB%2BiGxPkFbiEQxEqX8t1DTYfYs8T6fgVY99B8qf5mA%2FG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1 HTTP/2.0
host: ssum.casalemedia.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:31 GMT
content-length: 0
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=74&uid=0
cf-ray: 864735ff79017786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U%2BtV0emGe5iLLILZ0f0vgBqfhByqVRq00UgfX3ev9OZwD%2BG0T7hz2WCoYDQcjzDPSwY%2BA4lUj7%2BHLF38QJxTAxQqOFqkS71t%2BxDB1anc6eRlWcODzdJXcmwMA7Yasse70lZ6YsYF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D HTTP/2.0
host: ssum.casalemedia.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:51 GMT
content-length: 0
location: /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1
cf-ray: 8647367dcc607786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
set-cookie: CMID=ZfNmN1VbL2gAAB2qAM0UNQAA; Path=/; Domain=casalemedia.com; Expires=Fri, 14 Mar 2025 21:03:51 GMT; Max-Age=31536000; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMPS=1833; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:03:51 GMT; Max-Age=7776000; Secure; SameSite=None
set-cookie: CMPRO=1833; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:03:51 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jDdf7Bn5Wp%2Fhxc9vHo3h8TqHVEH7ad6w74EIc964tVQDXih%2FG0Z56yYawgxOQcGUwQahd2ckN%2Be2Frx3sD2ZYpq6tes6pFHSxPNng3EevBB2vfm35PwovtEsj5FfPV7RSux46dib"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1 HTTP/2.0
host: ssum.casalemedia.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:52 GMT
content-length: 0
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=74&uid=0
cf-ray: 86473680dfa57786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=839Q3sQDuBe93WDG%2BpAr03nFt7U%2Bp7YyN%2BIILhFfw7dQbXe6x1dRfrdEimJ6Uq%2BPc%2BewNGsOsd8vU68XWGq49Osdt9jF%2F7pUzLbGHRclKeRaUnBLmlI2pvg7d6kCLgLpiL6bEZg%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D HTTP/2.0
host: ssum.casalemedia.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:53 GMT
content-length: 0
location: /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1
cf-ray: 864736847b957786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
set-cookie: CMID=ZfNmOblQJNIAAHCqAHF3XAAA; Path=/; Domain=casalemedia.com; Expires=Fri, 14 Mar 2025 21:03:53 GMT; Max-Age=31536000; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMPS=298; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:03:53 GMT; Max-Age=7776000; Secure; SameSite=None
set-cookie: CMPRO=298; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:03:53 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z1d3%2FVXotw%2B9SSjakTrXbVZtFBW%2BxzyP3EcYBkRsEYzHvb%2F81uHOkWtz2Nr9kKE2ezbX18GSq0Qx1rNkDEfV6t26hhtD9Ylo4iDG0u12s1B4HDn5kgZ6Kvy9wL8lvL3NWa3a2A%2Bu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1 HTTP/2.0
host: ssum.casalemedia.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:53 GMT
content-length: 0
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=74&uid=0
cf-ray: 86473684ec047786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4GosEz%2BFSj%2FiZyUCk47nZrK8eUW5wlgQYKpenpFmUbylMDFTBTZmvJdTQlATFnAsgZwm9335%2FK7xValHvd3bQSBx1XuBfDBQx24KHLu7uLp%2B9jYBs1XXA2DhtMipYdHky5QlIPve"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D HTTP/2.0
host: ssum.casalemedia.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:54 GMT
content-length: 0
location: /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1
cf-ray: 8647368b5b367786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
set-cookie: CMID=ZfNmOrmqPz8AAF2zAM6AMgAA; Path=/; Domain=casalemedia.com; Expires=Fri, 14 Mar 2025 21:03:54 GMT; Max-Age=31536000; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMPS=4471; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:03:54 GMT; Max-Age=7776000; Secure; SameSite=None
set-cookie: CMPRO=4471; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:03:54 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WAELc9JANaQ8VdDHtmLRk662xEcVU0J4qpbrF0bWF4Met5F0s8yFIqOUwK4pFlmt7tCYFiqUnw5vesJOnkNzOzwx87gC1hvsn%2FH%2BlyrqTwNDTsW%2F%2FJtoL9ACtkYPz%2FSovgB5rw7i"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1 HTTP/2.0
host: ssum.casalemedia.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:54 GMT
content-length: 0
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=74&uid=0
cf-ray: 8647368bdbe67786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Kpa1C60SjMuPnaR2tfCiGfgu4YUgmP2RX141cRHlDEnsCoc0GoAZWVbCq7KV9lGFTiEUlCOZj7tntT3q7a8K6HDov1caQYQgHFum4T6jVfdo1Fluave8rhBDxkpKT6JfGSKnoCy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D HTTP/2.0
host: ssum.casalemedia.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:56 GMT
content-length: 0
location: /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1
cf-ray: 8647369a9cf57786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
set-cookie: CMID=ZfNmPLmqPsEAAAtmAM2qhQAA; Path=/; Domain=casalemedia.com; Expires=Fri, 14 Mar 2025 21:03:56 GMT; Max-Age=31536000; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMPS=4451; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:03:56 GMT; Max-Age=7776000; Secure; SameSite=None
set-cookie: CMPRO=4451; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:03:56 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I%2B8DeOOww8yVLbrZqT%2FxsWZ3Zp8Mwa3%2FlCsgRtmnpDU82oyOUxrGTzNyu%2BHvg1luC8qKVxNFIoHVSec%2F0aZUwR53FQ74AzOqeimj91slZjVwdGBRd52zku5ZzuNdBAzeqnAQap0P"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1 HTTP/2.0
host: ssum.casalemedia.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:56 GMT
content-length: 0
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=74&uid=0
cf-ray: 8647369b1d697786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gjvoXvUc2oe%2F4EpoOCWAYRGexVj8DZmV780hss9sJTZDr9Ua02%2B6nA%2BiIxGiZ%2F1IO6f%2BBmdVvbos5jY0H5oQcvAWU%2BeWJNPeUsyXz9Sn8Cm3N9tESvLOpK5Nx%2BYZ8RtvHb%2Fxq9ud"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D HTTP/2.0
host: ssum.casalemedia.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:57 GMT
content-length: 0
location: /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1
cf-ray: 864736a15c207786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
set-cookie: CMID=ZfNmPblQJXQAADjuAHKWcAAA; Path=/; Domain=casalemedia.com; Expires=Fri, 14 Mar 2025 21:03:57 GMT; Max-Age=31536000; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMPS=324; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:03:57 GMT; Max-Age=7776000; Secure; SameSite=None
set-cookie: CMPRO=324; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:03:57 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tiyORiXTf%2Fsk4hn%2BddoPcX0Lm8swzkhvOpakQgn1McAEOXzPhbub3FYQC%2BHfPULUoQ62AuFBJLAdqzFnqX4RXLlfvmWDFfCNaWmg2YeLni6d3iFQm7Vd2hcZVWLp1gXctmjHj1WP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1 HTTP/2.0
host: ssum.casalemedia.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:57 GMT
content-length: 0
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=74&uid=0
cf-ray: 864736a1dc937786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2ZosHot1ZS16PO2qO%2FF3NQwmLFHOGum%2BZ71Ar3ZiSCSTNz3MEbQ5N9x2JQAmKsYTy3X6fPPGIIaCFJOvF0aPVvvrJitdvNwVa6NqxqxUAo75PXPo5J%2FcTHLaz4DVfw7Kt6xmRZ14"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D HTTP/2.0
host: ssum.casalemedia.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:04:00 GMT
content-length: 0
location: /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1
cf-ray: 864736b0fd547786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
set-cookie: CMID=ZfNmQLlQJLEAAEOxAHHbRAAA; Path=/; Domain=casalemedia.com; Expires=Fri, 14 Mar 2025 21:04:00 GMT; Max-Age=31536000; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMPS=227; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:04:00 GMT; Max-Age=7776000; Secure; SameSite=None
set-cookie: CMPRO=227; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:04:00 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yz2iBP1Q%2FQyKeLA6OFVDSH4J%2FO1%2FGVP%2Bp8KTvLjA3eqHSjUNTBJR4qrVw0qkrYNN%2FeCVQQUs7TK%2BDbM8oDa1Fh%2FrnDOCBNJuIWnns8Ue2L1nUax0PxMVBrtKFgoqYjXp2249%2BJSL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1 HTTP/2.0
host: ssum.casalemedia.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:04:00 GMT
content-length: 0
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=74&uid=0
cf-ray: 864736b18ddc7786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DuzgjP5yN1vOxkCaACQEX4loGAFs4tHGn8n6tAFVxKk8CWbV5vQhF36RnaZWvIU4J7VnUWNDCC1iz6zTH%2BBsQwXg88IDSwDZqW8Gy8oDspOjYViQSzzMP0CWVkpN0kV6TYFQdppy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D HTTP/2.0
host: ssum.casalemedia.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:04:00 GMT
content-length: 0
location: /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1
cf-ray: 864736b519e97786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
set-cookie: CMID=ZfNmQLmqPqoAACygAM0-XgAA; Path=/; Domain=casalemedia.com; Expires=Fri, 14 Mar 2025 21:04:00 GMT; Max-Age=31536000; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMPS=4398; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:04:00 GMT; Max-Age=7776000; Secure; SameSite=None
set-cookie: CMPRO=4398; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:04:00 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AOWUUH%2BKXjxXKsuBpw85W40lr67DxBsL8CIzslYBsjY2QZoFPIisKIfjMGOmlDxSY%2FhI51pM3u9FyZCmFXv%2B7FHbfvHkMC4MgDs3X4uyyZe%2BiU1Ef9xh4v9QtbNktAaaw19%2BXSAp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1 HTTP/2.0
host: ssum.casalemedia.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:04:00 GMT
content-length: 0
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=74&uid=0
cf-ray: 864736b5aac17786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=llUxdSq7H03YMcMK%2FF8%2BULZgCECqptUb6P9gSpuBmN8Md9pXE8EOmuyIDEV3SHKXrkM%2Bo%2FBpW6zu4ikXhtndAxbSN7dMuFp3RJc2qN0R2mPTMzPylGQzLa9F61buweW5nAX3FEYt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D HTTP/2.0
host: ssum.casalemedia.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:04:01 GMT
content-length: 0
location: /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1
cf-ray: 864736bc1abf7786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
set-cookie: CMID=ZfNmQVVbL1oAAEqAAM0mYgAA; Path=/; Domain=casalemedia.com; Expires=Fri, 14 Mar 2025 21:04:01 GMT; Max-Age=31536000; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMPS=719; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:04:01 GMT; Max-Age=7776000; Secure; SameSite=None
set-cookie: CMPRO=719; Path=/; Domain=casalemedia.com; Expires=Wed, 12 Jun 2024 21:04:01 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=flPgeGiE23LFpRTdCOs0xuNh3nLNuZfnO6LQRyOakKT%2B044Cvr99%2FYOz0PozVZfOcZ27pwwc0dPSEBU99mI7JeZlLzh2SoaAdeu0JXGZG4kt3Z5%2FAG9kB3v1o4R6CXR1QfU8TbnM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

msedge.exe

Remote address:

104.18.36.155:443

Request

GET /usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1 HTTP/2.0
host: ssum.casalemedia.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:04:02 GMT
content-length: 0
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=74&uid=0
cf-ray: 864736bcbbb87786-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jGXTRBCZ2m4iXpX6iZIkZYNCEf5qKrOw6%2FRnfcVvc2NeAz3UGXAV25zzew8eeoKkt4CYK7%2BZgd4SghzJL8KGZTXwcWrg1o5j6%2FMgbLXV3mrWiw09g%2B7ZI577NM885ObmwU3UM2Q6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID

msedge.exe

Remote address:

81.17.55.170:443

Request

GET /api/sync?callerId=9&gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID HTTP/2.0
host: ssbsync.smartadserver.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://public.servenobid.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 0
date: Thu, 14 Mar 2024 21:02:16 GMT
GET

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=

msedge.exe

Remote address:

81.17.55.170:443

Request

GET /api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP/2.0
host: ssbsync.smartadserver.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

content-length: 0
date: Thu, 14 Mar 2024 21:02:17 GMT
location: https://usersync.gumgum.com/usersync?b=sad&i=6229780957390024286
set-cookie: pid=6229780957390024286; expires=Mon, 14 Apr 2025 21:01:18 GMT; domain=smartadserver.com; path=/; secure; samesite=none
GET

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D82%26uid%3D%5Bssb_sync_pid%5D

msedge.exe

Remote address:

81.17.55.170:443

Request

GET /api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D82%26uid%3D%5Bssb_sync_pid%5D HTTP/2.0
host: ssbsync-global.smartadserver.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

content-length: 0
date: Thu, 14 Mar 2024 21:02:19 GMT
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=82&uid=3986486978542153304
set-cookie: pid=3986486978542153304; expires=Mon, 14 Apr 2025 21:01:19 GMT; domain=smartadserver.com; path=/; secure; samesite=none
GET

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

81.17.55.170:443

Request

GET /api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0 HTTP/2.0
host: ssbsync.smartadserver.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

content-length: 0
date: Thu, 14 Mar 2024 21:02:19 GMT
location: https://usersync.gumgum.com/usersync?b=sad&i=2625197540751552148
set-cookie: pid=2625197540751552148; expires=Mon, 14 Apr 2025 21:01:20 GMT; domain=smartadserver.com; path=/; secure; samesite=none
GET

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D82%26uid%3D%5Bssb_sync_pid%5D

msedge.exe

Remote address:

81.17.55.170:443

Request

GET /api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D82%26uid%3D%5Bssb_sync_pid%5D HTTP/2.0
host: ssbsync-global.smartadserver.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

content-length: 0
date: Thu, 14 Mar 2024 21:02:19 GMT
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=82&uid=8444586770350845683
set-cookie: pid=8444586770350845683; expires=Mon, 14 Apr 2025 21:01:20 GMT; domain=smartadserver.com; path=/; secure; samesite=none
GET

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

81.17.55.170:443

Request

GET /api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0 HTTP/2.0
host: ssbsync.smartadserver.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

content-length: 0
date: Thu, 14 Mar 2024 21:02:21 GMT
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=82&uid=4868367060037119734
set-cookie: pid=4868367060037119734; expires=Mon, 14 Apr 2025 21:01:22 GMT; domain=smartadserver.com; path=/; secure; samesite=none
GET

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D82%26uid%3D%5Bssb_sync_pid%5D

msedge.exe

Remote address:

81.17.55.170:443

Request

GET /api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D82%26uid%3D%5Bssb_sync_pid%5D HTTP/2.0
host: ssbsync-global.smartadserver.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

content-length: 0
date: Thu, 14 Mar 2024 21:02:21 GMT
location: https://usersync.gumgum.com/usersync?b=sad&i=1847014831823629830
set-cookie: pid=1847014831823629830; expires=Mon, 14 Apr 2025 21:01:22 GMT; domain=smartadserver.com; path=/; secure; samesite=none
GET

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

81.17.55.170:443

Request

GET /api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0 HTTP/2.0
host: ssbsync.smartadserver.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

content-length: 0
date: Thu, 14 Mar 2024 21:02:22 GMT
location: https://usersync.gumgum.com/usersync?b=sad&i=5136342417665535719
set-cookie: pid=5136342417665535719; expires=Mon, 14 Apr 2025 21:01:23 GMT; domain=smartadserver.com; path=/; secure; samesite=none
GET

https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D

msedge.exe

Remote address:

52.215.125.147:443

Request

GET /usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D HTTP/2.0
host: g2.gumgum.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://public.servenobid.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:17 GMT
content-type: text/html;charset=UTF-8
server: nginx
set-cookie: vst=e_bafd225f-69ab-4af2-b288-ccd95597959c; Domain=.gumgum.com; Expires=Fri, 14 Mar 2025 21:02:17 GMT; Path=/; Secure; SameSite=None
etag: W/"0ffbc6127a84f0b8077770b5cf08b699a"
timing-allow-origin: *
content-encoding: gzip
GET

https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D15%26uid%3D

msedge.exe

Remote address:

52.215.125.147:443

Request

GET /usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D15%26uid%3D HTTP/2.0
host: rtb.gumgum.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:18 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *
GET

https://rtb.gumgum.com/usersync?b=pln&i=DBMDuObcjk7S&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355

msedge.exe

Remote address:

52.215.125.147:443

Request

GET /usersync?b=pln&i=DBMDuObcjk7S&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355 HTTP/2.0
host: rtb.gumgum.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:18 GMT
content-type: text/html;charset=UTF-8
server: nginx
set-cookie: vst=e_42b4f343-c748-4a1c-af2d-c580b1cb3a8b; Domain=.gumgum.com; Expires=Fri, 14 Mar 2025 21:02:18 GMT; Path=/; Secure; SameSite=None
etag: W/"01c826b370cea9d75840a431dd309b337"
timing-allow-origin: *
content-encoding: gzip
GET

https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D15%26uid%3D

msedge.exe

Remote address:

52.215.125.147:443

Request

GET /usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D15%26uid%3D HTTP/2.0
host: rtb.gumgum.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
if-none-match: W/"01c826b370cea9d75840a431dd309b337"

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:20 GMT
content-type: text/html;charset=UTF-8
server: nginx
set-cookie: vst=e_9325befe-7c61-44f2-a2c3-d8e0df605064; Domain=.gumgum.com; Expires=Fri, 14 Mar 2025 21:02:20 GMT; Path=/; Secure; SameSite=None
etag: W/"0c33c8e8fbeb237054350cc4d3f1f1279"
timing-allow-origin: *
content-encoding: gzip
GET

https://rtb.gumgum.com/usersync?b=pln&i=8otcXvUY5kcY&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355

msedge.exe

Remote address:

52.215.125.147:443

Request

GET /usersync?b=pln&i=8otcXvUY5kcY&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355 HTTP/2.0
host: rtb.gumgum.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:20 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *
GET

https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D15%26uid%3D

msedge.exe

Remote address:

52.215.125.147:443

Request

GET /usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D15%26uid%3D HTTP/2.0
host: rtb.gumgum.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
if-none-match: W/"0c33c8e8fbeb237054350cc4d3f1f1279"

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:21 GMT
content-type: text/html;charset=UTF-8
server: nginx
set-cookie: vst=e_b14c2044-9b0e-47c5-a311-93f487bb056b; Domain=.gumgum.com; Expires=Fri, 14 Mar 2025 21:02:21 GMT; Path=/; Secure; SameSite=None
etag: W/"01b93c35978a014318f5574bae5f3bd03"
timing-allow-origin: *
content-encoding: gzip
GET

https://rtb.gumgum.com/usersync?b=pln&i=YhKT4jHOYqxa&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355

msedge.exe

Remote address:

52.215.125.147:443

Request

GET /usersync?b=pln&i=YhKT4jHOYqxa&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355 HTTP/2.0
host: rtb.gumgum.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:22 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *
GET

https://rtb.gumgum.com/usersync?b=pln&i=F1Z5hkyNbVFL&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355

msedge.exe

Remote address:

52.215.125.147:443

Request

GET /usersync?b=pln&i=F1Z5hkyNbVFL&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355 HTTP/2.0
host: rtb.gumgum.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:23 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *
GET

https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D15%26uid%3D

msedge.exe

Remote address:

52.215.125.147:443

Request

GET /usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D15%26uid%3D HTTP/2.0
host: rtb.gumgum.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
if-none-match: W/"01b93c35978a014318f5574bae5f3bd03"

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:53 GMT
content-type: text/html;charset=UTF-8
server: nginx
set-cookie: vst=e_d60c189c-d45a-4e99-8049-15696e9ce271; Domain=.gumgum.com; Expires=Fri, 14 Mar 2025 21:02:53 GMT; Path=/; Secure; SameSite=None
etag: W/"08f7b3cef5c20bc4038d7f9e562c91944"
timing-allow-origin: *
content-encoding: gzip
GET

https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D15%26uid%3D

msedge.exe

Remote address:

52.215.125.147:443

Request

GET /usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D15%26uid%3D HTTP/2.0
host: rtb.gumgum.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
if-none-match: W/"08f7b3cef5c20bc4038d7f9e562c91944"

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:54 GMT
content-type: text/html;charset=UTF-8
server: nginx
set-cookie: vst=e_08e2a7d8-e9ec-49e3-a0d9-bbc73f0a29f4; Domain=.gumgum.com; Expires=Fri, 14 Mar 2025 21:02:54 GMT; Path=/; Secure; SameSite=None
etag: W/"063cdea876ee8f6234f0cce90db2d02ee"
timing-allow-origin: *
content-encoding: gzip
GET

https://rtb.gumgum.com/usersync?b=pln&i=OH30ljVOIAKw&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355

msedge.exe

Remote address:

52.215.125.147:443

Request

GET /usersync?b=pln&i=OH30ljVOIAKw&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355 HTTP/2.0
host: rtb.gumgum.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:55 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *
GET

https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D15%26uid%3D

msedge.exe

Remote address:

52.215.125.147:443

Request

GET /usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D15%26uid%3D HTTP/2.0
host: rtb.gumgum.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
if-none-match: W/"063cdea876ee8f6234f0cce90db2d02ee"

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:55 GMT
content-type: text/html;charset=UTF-8
server: nginx
set-cookie: vst=e_0b60f980-b2dd-40ef-b061-b53e0d41f79e; Domain=.gumgum.com; Expires=Fri, 14 Mar 2025 21:02:55 GMT; Path=/; Secure; SameSite=None
etag: W/"0afbb93d32d49bb75783b1807b827ced1"
timing-allow-origin: *
content-encoding: gzip
GET

https://rtb.gumgum.com/usersync?b=pln&i=Ufy9yNPYe3PQ&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355

msedge.exe

Remote address:

52.215.125.147:443

Request

GET /usersync?b=pln&i=Ufy9yNPYe3PQ&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355 HTTP/2.0
host: rtb.gumgum.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:56 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *
GET

https://rtb.gumgum.com/usersync?b=pln&i=ItdmU9063xnj&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355

msedge.exe

Remote address:

52.215.125.147:443

Request

GET /usersync?b=pln&i=ItdmU9063xnj&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355 HTTP/2.0
host: rtb.gumgum.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:57 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *
GET

https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D15%26uid%3D

msedge.exe

Remote address:

52.215.125.147:443

Request

GET /usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D15%26uid%3D HTTP/2.0
host: rtb.gumgum.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
if-none-match: W/"0afbb93d32d49bb75783b1807b827ced1"

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:57 GMT
content-type: text/html;charset=UTF-8
server: nginx
set-cookie: vst=e_00e8c282-3417-4f43-a7a4-9c1df91e75da; Domain=.gumgum.com; Expires=Fri, 14 Mar 2025 21:02:57 GMT; Path=/; Secure; SameSite=None
etag: W/"03c9cb3416eeaa125653fdd424b753008"
timing-allow-origin: *
content-encoding: gzip
GET

https://rtb.gumgum.com/usersync?b=pln&i=L0Bf73rJbi5M&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355

msedge.exe

Remote address:

52.215.125.147:443

Request

GET /usersync?b=pln&i=L0Bf73rJbi5M&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355 HTTP/2.0
host: rtb.gumgum.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:58 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *
GET

https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D15%26uid%3D

msedge.exe

Remote address:

52.215.125.147:443

Request

GET /usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D15%26uid%3D HTTP/2.0
host: rtb.gumgum.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
if-none-match: W/"03c9cb3416eeaa125653fdd424b753008"

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:22 GMT
content-type: text/html;charset=UTF-8
server: nginx
set-cookie: vst=e_2fbce7b6-2b74-4d62-a9b7-729791e5b5db; Domain=.gumgum.com; Expires=Fri, 14 Mar 2025 21:03:22 GMT; Path=/; Secure; SameSite=None
etag: W/"0f3a745fc25b073098c71e99fa69cb5d4"
timing-allow-origin: *
content-encoding: gzip
GET

https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D15%26uid%3D

msedge.exe

Remote address:

52.215.125.147:443

Request

GET /usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D15%26uid%3D HTTP/2.0
host: rtb.gumgum.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
if-none-match: W/"0f3a745fc25b073098c71e99fa69cb5d4"

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:23 GMT
content-type: text/html;charset=UTF-8
server: nginx
set-cookie: vst=e_a631c396-5fc4-4378-9bc9-b31449734366; Domain=.gumgum.com; Expires=Fri, 14 Mar 2025 21:03:23 GMT; Path=/; Secure; SameSite=None
etag: W/"0d0e834986092bdf563e3db77aafd21b2"
timing-allow-origin: *
content-encoding: gzip
GET

https://rtb.gumgum.com/usersync?b=pln&i=izXJ73XKSLvs&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355

msedge.exe

Remote address:

52.215.125.147:443

Request

GET /usersync?b=pln&i=izXJ73XKSLvs&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355 HTTP/2.0
host: rtb.gumgum.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:24 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *
GET

https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D15%26uid%3D

msedge.exe

Remote address:

52.215.125.147:443

Request

GET /usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D15%26uid%3D HTTP/2.0
host: rtb.gumgum.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
if-none-match: W/"0d0e834986092bdf563e3db77aafd21b2"

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:24 GMT
content-type: text/html;charset=UTF-8
server: nginx
set-cookie: vst=e_d64428ec-54ce-4a48-8237-110549aba0a4; Domain=.gumgum.com; Expires=Fri, 14 Mar 2025 21:03:24 GMT; Path=/; Secure; SameSite=None
etag: W/"0eb580f0f32e0ccc07981331695cea6e2"
timing-allow-origin: *
content-encoding: gzip
GET

https://rtb.gumgum.com/usersync?b=pln&i=SjniNnKYwa1T&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355

msedge.exe

Remote address:

52.215.125.147:443

Request

GET /usersync?b=pln&i=SjniNnKYwa1T&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355 HTTP/2.0
host: rtb.gumgum.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:25 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *
GET

https://rtb.gumgum.com/usersync?b=pln&i=ihacTQoybGWj&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355

msedge.exe

Remote address:

52.215.125.147:443

Request

GET /usersync?b=pln&i=ihacTQoybGWj&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355 HTTP/2.0
host: rtb.gumgum.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:26 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *
GET

https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D15%26uid%3D

msedge.exe

Remote address:

52.215.125.147:443

Request

GET /usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D15%26uid%3D HTTP/2.0
host: rtb.gumgum.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
if-none-match: W/"0eb580f0f32e0ccc07981331695cea6e2"

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:29 GMT
content-type: text/html;charset=UTF-8
server: nginx
set-cookie: vst=e_560adcd9-e34a-45f1-8e0d-6ad0ce04a047; Domain=.gumgum.com; Expires=Fri, 14 Mar 2025 21:03:29 GMT; Path=/; Secure; SameSite=None
etag: W/"049368db27440503a359005f5e3e8b047"
timing-allow-origin: *
content-encoding: gzip
GET

https://rtb.gumgum.com/usersync?b=pln&i=tZfjeiZg8Uf2&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355

msedge.exe

Remote address:

52.215.125.147:443

Request

GET /usersync?b=pln&i=tZfjeiZg8Uf2&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355 HTTP/2.0
host: rtb.gumgum.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:31 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *
GET

https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D15%26uid%3D

msedge.exe

Remote address:

52.215.125.147:443

Request

GET /usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D15%26uid%3D HTTP/2.0
host: rtb.gumgum.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
if-none-match: W/"049368db27440503a359005f5e3e8b047"

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:31 GMT
content-type: text/html;charset=UTF-8
server: nginx
set-cookie: vst=e_238c96d0-080b-464b-9819-02649520a263; Domain=.gumgum.com; Expires=Fri, 14 Mar 2025 21:03:31 GMT; Path=/; Secure; SameSite=None
etag: W/"03337a047a8a14b9494f449588ef75fe1"
timing-allow-origin: *
content-encoding: gzip
GET

https://rtb.gumgum.com/usersync?b=pln&i=EWTUH4iT49ui&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355

msedge.exe

Remote address:

52.215.125.147:443

Request

GET /usersync?b=pln&i=EWTUH4iT49ui&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355 HTTP/2.0
host: rtb.gumgum.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:32 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *
GET

https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D15%26uid%3D

msedge.exe

Remote address:

52.215.125.147:443

Request

GET /usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D15%26uid%3D HTTP/2.0
host: rtb.gumgum.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
if-none-match: W/"03337a047a8a14b9494f449588ef75fe1"

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:54 GMT
content-type: text/html;charset=UTF-8
server: nginx
set-cookie: vst=e_113e3891-95fe-483c-bcf7-92df15b25d19; Domain=.gumgum.com; Expires=Fri, 14 Mar 2025 21:03:54 GMT; Path=/; Secure; SameSite=None
etag: W/"0b237fa44c2f8443dda5f26dfb88e8709"
timing-allow-origin: *
content-encoding: gzip
GET

https://rtb.gumgum.com/usersync?b=pln&i=WUVYysfaqzTQ&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355

msedge.exe

Remote address:

52.215.125.147:443

Request

GET /usersync?b=pln&i=WUVYysfaqzTQ&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355 HTTP/2.0
host: rtb.gumgum.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:55 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *
GET

https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D15%26uid%3D

msedge.exe

Remote address:

52.215.125.147:443

Request

GET /usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D15%26uid%3D HTTP/2.0
host: rtb.gumgum.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
if-none-match: W/"0b237fa44c2f8443dda5f26dfb88e8709"

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:57 GMT
content-type: text/html;charset=UTF-8
server: nginx
set-cookie: vst=e_79532521-4522-4ff1-9348-e8c7e721f1ba; Domain=.gumgum.com; Expires=Fri, 14 Mar 2025 21:03:57 GMT; Path=/; Secure; SameSite=None
etag: W/"02dd678657dd2c2a440256c5fc33a1f65"
timing-allow-origin: *
content-encoding: gzip
GET

https://rtb.gumgum.com/usersync?b=pln&i=2ZNkXBZZ5nIv&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355

msedge.exe

Remote address:

52.215.125.147:443

Request

GET /usersync?b=pln&i=2ZNkXBZZ5nIv&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355 HTTP/2.0
host: rtb.gumgum.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:58 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *
GET

https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D15%26uid%3D

msedge.exe

Remote address:

52.215.125.147:443

Request

GET /usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D15%26uid%3D HTTP/2.0
host: rtb.gumgum.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
if-none-match: W/"02dd678657dd2c2a440256c5fc33a1f65"

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:04:00 GMT
content-type: text/html;charset=UTF-8
server: nginx
set-cookie: vst=e_4a0498cf-19cc-4698-9841-293a6d1ce195; Domain=.gumgum.com; Expires=Fri, 14 Mar 2025 21:04:00 GMT; Path=/; Secure; SameSite=None
etag: W/"03fbfe1fa3e5738035d46c267ff07f9dd"
timing-allow-origin: *
content-encoding: gzip
DNS

token.rubiconproject.com

msedge.exe

Remote address:

8.8.8.8:53

Request

token.rubiconproject.com

IN A

Response

token.rubiconproject.com

IN CNAME

pixel.rubiconproject.net.akadns.net

pixel.rubiconproject.net.akadns.net

IN A

213.19.162.80

pixel.rubiconproject.net.akadns.net

IN A

213.19.162.90
DNS

token.rubiconproject.com

msedge.exe

Remote address:

8.8.8.8:53

Request

token.rubiconproject.com

IN A
GET

https://token.rubiconproject.com/khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1

msedge.exe

Remote address:

213.19.162.80:443

Request

GET /khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1 HTTP/1.1
Host: token.rubiconproject.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://eus.rubiconproject.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://eus.rubiconproject.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 17c962550296893d145ef1b8078fc6d6
access-control-allow-credentials: true
access-control-allow-origin: https://eus.rubiconproject.com
content-type: application/json; charset=UTF-8
content-length: 7
GET

https://token.rubiconproject.com/khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1

msedge.exe

Remote address:

213.19.162.80:443

Request

GET /khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1 HTTP/1.1
Host: token.rubiconproject.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://eus.rubiconproject.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://eus.rubiconproject.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 17c962550296893d145ef1b8078fc6d6
access-control-allow-credentials: true
access-control-allow-origin: https://eus.rubiconproject.com
content-type: application/json; charset=UTF-8
content-length: 7
GET

https://token.rubiconproject.com/khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1

msedge.exe

Remote address:

213.19.162.80:443

Request

GET /khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1 HTTP/1.1
Host: token.rubiconproject.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://eus.rubiconproject.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://eus.rubiconproject.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 17c962550296893d145ef1b8078fc6d6
access-control-allow-credentials: true
access-control-allow-origin: https://eus.rubiconproject.com
content-type: application/json; charset=UTF-8
content-length: 7
GET

https://token.rubiconproject.com/khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1

msedge.exe

Remote address:

213.19.162.80:443

Request

GET /khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1 HTTP/1.1
Host: token.rubiconproject.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://eus.rubiconproject.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://eus.rubiconproject.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 17c962550296893d145ef1b8078fc6d6
access-control-allow-credentials: true
access-control-allow-origin: https://eus.rubiconproject.com
content-type: application/json; charset=UTF-8
content-length: 7
GET

https://token.rubiconproject.com/khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1

msedge.exe

Remote address:

213.19.162.80:443

Request

GET /khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1 HTTP/1.1
Host: token.rubiconproject.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://eus.rubiconproject.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://eus.rubiconproject.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 17c962550296893d145ef1b8078fc6d6
access-control-allow-credentials: true
access-control-allow-origin: https://eus.rubiconproject.com
content-type: application/json; charset=UTF-8
content-length: 7
GET

https://token.rubiconproject.com/khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1

msedge.exe

Remote address:

213.19.162.80:443

Request

GET /khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1 HTTP/1.1
Host: token.rubiconproject.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://eus.rubiconproject.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://eus.rubiconproject.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 17c962550296893d145ef1b8078fc6d6
access-control-allow-credentials: true
access-control-allow-origin: https://eus.rubiconproject.com
content-type: application/json; charset=UTF-8
content-length: 7
GET

https://token.rubiconproject.com/khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1

msedge.exe

Remote address:

213.19.162.80:443

Request

GET /khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1 HTTP/1.1
Host: token.rubiconproject.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://eus.rubiconproject.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://eus.rubiconproject.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 17c962550296893d145ef1b8078fc6d6
access-control-allow-credentials: true
access-control-allow-origin: https://eus.rubiconproject.com
content-type: application/json; charset=UTF-8
content-length: 7
GET

https://token.rubiconproject.com/khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1

msedge.exe

Remote address:

213.19.162.80:443

Request

GET /khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1 HTTP/1.1
Host: token.rubiconproject.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://eus.rubiconproject.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://eus.rubiconproject.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 17c962550296893d145ef1b8078fc6d6
access-control-allow-credentials: true
access-control-allow-origin: https://eus.rubiconproject.com
content-type: application/json; charset=UTF-8
content-length: 7
GET

https://token.rubiconproject.com/khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1

msedge.exe

Remote address:

213.19.162.80:443

Request

GET /khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1 HTTP/1.1
Host: token.rubiconproject.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://eus.rubiconproject.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://eus.rubiconproject.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 17c962550296893d145ef1b8078fc6d6
access-control-allow-credentials: true
access-control-allow-origin: https://eus.rubiconproject.com
content-type: application/json; charset=UTF-8
content-length: 7
GET

https://token.rubiconproject.com/khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1

msedge.exe

Remote address:

213.19.162.80:443

Request

GET /khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1 HTTP/1.1
Host: token.rubiconproject.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://eus.rubiconproject.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://eus.rubiconproject.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 17c962550296893d145ef1b8078fc6d6
access-control-allow-credentials: true
access-control-allow-origin: https://eus.rubiconproject.com
content-type: application/json; charset=UTF-8
content-length: 7
GET

https://token.rubiconproject.com/khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1

msedge.exe

Remote address:

213.19.162.80:443

Request

GET /khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1 HTTP/1.1
Host: token.rubiconproject.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://eus.rubiconproject.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://eus.rubiconproject.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 17c962550296893d145ef1b8078fc6d6
access-control-allow-credentials: true
access-control-allow-origin: https://eus.rubiconproject.com
content-type: application/json; charset=UTF-8
content-length: 7
GET

https://token.rubiconproject.com/khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1

msedge.exe

Remote address:

213.19.162.80:443

Request

GET /khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1 HTTP/1.1
Host: token.rubiconproject.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://eus.rubiconproject.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://eus.rubiconproject.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 17c962550296893d145ef1b8078fc6d6
access-control-allow-credentials: true
access-control-allow-origin: https://eus.rubiconproject.com
content-type: application/json; charset=UTF-8
content-length: 7
GET

https://token.rubiconproject.com/khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1

msedge.exe

Remote address:

213.19.162.80:443

Request

GET /khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1 HTTP/1.1
Host: token.rubiconproject.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://eus.rubiconproject.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://eus.rubiconproject.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 17c962550296893d145ef1b8078fc6d6
access-control-allow-credentials: true
access-control-allow-origin: https://eus.rubiconproject.com
content-type: application/json; charset=UTF-8
content-length: 7
GET

https://token.rubiconproject.com/khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1

msedge.exe

Remote address:

213.19.162.80:443

Request

GET /khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1 HTTP/1.1
Host: token.rubiconproject.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://eus.rubiconproject.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://eus.rubiconproject.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 17c962550296893d145ef1b8078fc6d6
access-control-allow-credentials: true
access-control-allow-origin: https://eus.rubiconproject.com
content-type: application/json; charset=UTF-8
content-length: 7
GET

https://token.rubiconproject.com/khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1

msedge.exe

Remote address:

213.19.162.80:443

Request

GET /khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1 HTTP/1.1
Host: token.rubiconproject.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://eus.rubiconproject.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://eus.rubiconproject.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 17c962550296893d145ef1b8078fc6d6
access-control-allow-credentials: true
access-control-allow-origin: https://eus.rubiconproject.com
content-type: application/json; charset=UTF-8
content-length: 7
GET

https://token.rubiconproject.com/khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1

msedge.exe

Remote address:

213.19.162.80:443

Request

GET /khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1 HTTP/1.1
Host: token.rubiconproject.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://eus.rubiconproject.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://eus.rubiconproject.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 17c962550296893d145ef1b8078fc6d6
access-control-allow-credentials: true
access-control-allow-origin: https://eus.rubiconproject.com
content-type: application/json; charset=UTF-8
content-length: 7
GET

https://token.rubiconproject.com/khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1

msedge.exe

Remote address:

213.19.162.80:443

Request

GET /khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1 HTTP/1.1
Host: token.rubiconproject.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://eus.rubiconproject.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://eus.rubiconproject.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 17c962550296893d145ef1b8078fc6d6
access-control-allow-credentials: true
access-control-allow-origin: https://eus.rubiconproject.com
content-type: application/json; charset=UTF-8
content-length: 7
DNS

cs-server-s2s.yellowblue.io

msedge.exe

Remote address:

8.8.8.8:53

Request

cs-server-s2s.yellowblue.io

IN A

Response

cs-server-s2s.yellowblue.io

IN A

18.205.133.0

cs-server-s2s.yellowblue.io

IN A

54.80.115.21

cs-server-s2s.yellowblue.io

IN A

54.82.57.110

cs-server-s2s.yellowblue.io

IN A

54.84.110.184

cs-server-s2s.yellowblue.io

IN A

3.215.162.122

cs-server-s2s.yellowblue.io

IN A

3.236.2.99

cs-server-s2s.yellowblue.io

IN A

44.195.196.122

cs-server-s2s.yellowblue.io

IN A

23.23.209.154
GET

https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D

msedge.exe

Remote address:

18.205.133.0:443

Request

GET /sync-iframe?gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D HTTP/2.0
host: cs-server-s2s.yellowblue.io
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://public.servenobid.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:02:17 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
DNS

cdn.dxkulture.com

msedge.exe

Remote address:

8.8.8.8:53

Request

cdn.dxkulture.com

IN A

Response

cdn.dxkulture.com

IN CNAME

dssp-prod-cdn.nyc3.cdn.digitaloceanspaces.com

dssp-prod-cdn.nyc3.cdn.digitaloceanspaces.com

IN A

104.18.13.192

dssp-prod-cdn.nyc3.cdn.digitaloceanspaces.com

IN A

104.18.12.192
DNS

cdn.dxkulture.com

msedge.exe

Remote address:

8.8.8.8:53

Request

cdn.dxkulture.com

IN A

Response

cdn.dxkulture.com

IN CNAME

dssp-prod-cdn.nyc3.cdn.digitaloceanspaces.com

dssp-prod-cdn.nyc3.cdn.digitaloceanspaces.com

IN A

104.18.13.192

dssp-prod-cdn.nyc3.cdn.digitaloceanspaces.com

IN A

104.18.12.192
GET

https://cdn.dxkulture.com/x/sync.html

msedge.exe

Remote address:

104.18.13.192:443

Request

GET /x/sync.html HTTP/2.0
host: cdn.dxkulture.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://public.servenobid.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:17 GMT
content-type: text/html
last-modified: Fri, 01 Mar 2024 14:33:56 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx0000041bb326ccaeb62e1-0065e1e75f-7a12c4e8-nyc3c
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: 4cf2344c-b5f4-4372-87f8-a2f54204ed44
cache-control: max-age=3600
x-envoy-upstream-healthchecked-cluster:
cf-cache-status: HIT
age: 543
set-cookie: __cf_bm=HplJvASL6BUbM.74N8glCdqG_as3tquQoK_FXssnB1E-1710450137-1.0.1.1-YHGry1_1TlJMWhnCOWlaeeYTWM.WX7KA5v6TVqCoL47ProlZ5rVDP3YCXN_L1df0IibYqQlQAkIDRsUlnfjjEg; path=/; expires=Thu, 14-Mar-24 21:32:17 GMT; domain=.cdn.dxkulture.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 864734305fa27767-LHR
content-encoding: gzip
DNS

eb2.3lift.com

msedge.exe

Remote address:

8.8.8.8:53

Request

eb2.3lift.com

IN A

Response

eb2.3lift.com

IN CNAME

eu-eb2.3lift.com

eu-eb2.3lift.com

IN A

13.248.245.213

eu-eb2.3lift.com

IN A

76.223.111.18
DNS

eb2.3lift.com

msedge.exe

Remote address:

8.8.8.8:53

Request

eb2.3lift.com

IN A
DNS

21.4.17.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

21.4.17.2.in-addr.arpa

IN PTR

Response

21.4.17.2.in-addr.arpa

IN PTR

a2-17-4-21deploystaticakamaitechnologiescom
DNS

21.4.17.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

21.4.17.2.in-addr.arpa

IN PTR
DNS

59.39.156.108.in-addr.arpa

Remote address:

8.8.8.8:53

Request

59.39.156.108.in-addr.arpa

IN PTR

Response

59.39.156.108.in-addr.arpa

IN PTR

server-108-156-39-59lhr50r cloudfrontnet
DNS

59.39.156.108.in-addr.arpa

Remote address:

8.8.8.8:53

Request

59.39.156.108.in-addr.arpa

IN PTR
DNS

21.143.64.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

21.143.64.172.in-addr.arpa

IN PTR

Response
DNS

21.143.64.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

21.143.64.172.in-addr.arpa

IN PTR

Response
DNS

216.5.17.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

216.5.17.2.in-addr.arpa

IN PTR

Response

216.5.17.2.in-addr.arpa

IN PTR

a2-17-5-216deploystaticakamaitechnologiescom
DNS

216.5.17.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

216.5.17.2.in-addr.arpa

IN PTR

Response

216.5.17.2.in-addr.arpa

IN PTR

a2-17-5-216deploystaticakamaitechnologiescom
DNS

198.40.223.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

198.40.223.52.in-addr.arpa

IN PTR

Response

198.40.223.52.in-addr.arpa

IN PTR

a6370ebea231e0c9aawsglobalacceleratorcom
DNS

198.40.223.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

198.40.223.52.in-addr.arpa

IN PTR

Response

198.40.223.52.in-addr.arpa

IN PTR

a6370ebea231e0c9aawsglobalacceleratorcom
DNS

237.217.145.54.in-addr.arpa

Remote address:

8.8.8.8:53

Request

237.217.145.54.in-addr.arpa

IN PTR

Response

237.217.145.54.in-addr.arpa

IN PTR

ec2-54-145-217-237 compute-1 amazonawscom
DNS

237.217.145.54.in-addr.arpa

Remote address:

8.8.8.8:53

Request

237.217.145.54.in-addr.arpa

IN PTR
DNS

131.160.0.193.in-addr.arpa

Remote address:

8.8.8.8:53

Request

131.160.0.193.in-addr.arpa

IN PTR

Response
DNS

131.160.0.193.in-addr.arpa

Remote address:

8.8.8.8:53

Request

131.160.0.193.in-addr.arpa

IN PTR
DNS

91.149.214.35.in-addr.arpa

Remote address:

8.8.8.8:53

Request

91.149.214.35.in-addr.arpa

IN PTR

Response

91.149.214.35.in-addr.arpa

IN PTR

9114921435bcgoogleusercontentcom
DNS

91.149.214.35.in-addr.arpa

Remote address:

8.8.8.8:53

Request

91.149.214.35.in-addr.arpa

IN PTR
DNS

150.216.36.34.in-addr.arpa

Remote address:

8.8.8.8:53

Request

150.216.36.34.in-addr.arpa

IN PTR

Response

150.216.36.34.in-addr.arpa

IN PTR

1502163634bcgoogleusercontentcom
DNS

150.216.36.34.in-addr.arpa

Remote address:

8.8.8.8:53

Request

150.216.36.34.in-addr.arpa

IN PTR
DNS

47.153.172.18.in-addr.arpa

Remote address:

8.8.8.8:53

Request

47.153.172.18.in-addr.arpa

IN PTR

Response

47.153.172.18.in-addr.arpa

IN PTR

server-18-172-153-47lhr50r cloudfrontnet
DNS

47.153.172.18.in-addr.arpa

Remote address:

8.8.8.8:53

Request

47.153.172.18.in-addr.arpa

IN PTR
DNS

155.36.18.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

155.36.18.104.in-addr.arpa

IN PTR

Response
DNS

155.36.18.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

155.36.18.104.in-addr.arpa

IN PTR
DNS

98.86.75.51.in-addr.arpa

Remote address:

8.8.8.8:53

Request

98.86.75.51.in-addr.arpa

IN PTR

Response

98.86.75.51.in-addr.arpa

IN PTR

ip98ip-51-75-86eu
DNS

98.86.75.51.in-addr.arpa

Remote address:

8.8.8.8:53

Request

98.86.75.51.in-addr.arpa

IN PTR
DNS

170.55.17.81.in-addr.arpa

Remote address:

8.8.8.8:53

Request

170.55.17.81.in-addr.arpa

IN PTR

Response
DNS

170.55.17.81.in-addr.arpa

Remote address:

8.8.8.8:53

Request

170.55.17.81.in-addr.arpa

IN PTR
DNS

147.125.215.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

147.125.215.52.in-addr.arpa

IN PTR

Response

147.125.215.52.in-addr.arpa

IN PTR

ec2-52-215-125-147 eu-west-1compute amazonawscom
DNS

147.125.215.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

147.125.215.52.in-addr.arpa

IN PTR
DNS

190.239.215.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

190.239.215.23.in-addr.arpa

IN PTR

Response

190.239.215.23.in-addr.arpa

IN PTR

a23-215-239-190deploystaticakamaitechnologiescom
DNS

190.239.215.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

190.239.215.23.in-addr.arpa

IN PTR

Response

190.239.215.23.in-addr.arpa

IN PTR

a23-215-239-190deploystaticakamaitechnologiescom
DNS

80.162.19.213.in-addr.arpa

Remote address:

8.8.8.8:53

Request

80.162.19.213.in-addr.arpa

IN PTR

Response
DNS

80.162.19.213.in-addr.arpa

Remote address:

8.8.8.8:53

Request

80.162.19.213.in-addr.arpa

IN PTR
DNS

0.133.205.18.in-addr.arpa

Remote address:

8.8.8.8:53

Request

0.133.205.18.in-addr.arpa

IN PTR

Response

0.133.205.18.in-addr.arpa

IN PTR

ec2-18-205-133-0 compute-1 amazonawscom
DNS

0.133.205.18.in-addr.arpa

Remote address:

8.8.8.8:53

Request

0.133.205.18.in-addr.arpa

IN PTR
DNS

192.13.18.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

192.13.18.104.in-addr.arpa

IN PTR

Response
DNS

192.13.18.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

192.13.18.104.in-addr.arpa

IN PTR
DNS

cdn.connectad.io

msedge.exe

Remote address:

8.8.8.8:53

Request

cdn.connectad.io

IN A

Response

cdn.connectad.io

IN A

104.22.54.206

cdn.connectad.io

IN A

172.67.8.174

cdn.connectad.io

IN A

104.22.55.206
GET

https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:02:17 GMT
content-length: 0
location: /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID
cache-control: no-cache, no-store, must-revalidate
set-cookie: tluidp=3080571749874256514247; Path=/; Domain=.3lift.com; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:02:17 GMT; Secure; SameSite=None; Partitioned;
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
set-cookie: tluid=3080571749874256514247; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:02:17 GMT; Path=/; Domain=.3lift.com; Secure; SameSite=None
GET

https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:18 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
GET

https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:02:20 GMT
content-length: 0
location: /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID
cache-control: no-cache, no-store, must-revalidate
set-cookie: tluidp=1203579858304577407511; Path=/; Domain=.3lift.com; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:02:20 GMT; Secure; SameSite=None; Partitioned;
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
set-cookie: tluid=1203579858304577407511; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:02:20 GMT; Path=/; Domain=.3lift.com; Secure; SameSite=None
GET

https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:20 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
GET

https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:02:21 GMT
content-length: 0
location: /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID
cache-control: no-cache, no-store, must-revalidate
set-cookie: tluidp=2524767278054409230332; Path=/; Domain=.3lift.com; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:02:21 GMT; Secure; SameSite=None; Partitioned;
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
set-cookie: tluid=2524767278054409230332; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:02:21 GMT; Path=/; Domain=.3lift.com; Secure; SameSite=None
GET

https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:22 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
GET

https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:02:51 GMT
content-length: 0
location: /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID
cache-control: no-cache, no-store, must-revalidate
set-cookie: tluidp=4087980885534280482612; Path=/; Domain=.3lift.com; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:02:51 GMT; Secure; SameSite=None; Partitioned;
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
set-cookie: tluid=4087980885534280482612; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:02:51 GMT; Path=/; Domain=.3lift.com; Secure; SameSite=None
GET

https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:51 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
GET

https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:02:52 GMT
content-length: 0
location: /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID
cache-control: no-cache, no-store, must-revalidate
set-cookie: tluidp=3367561962433633982476; Path=/; Domain=.3lift.com; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:02:52 GMT; Secure; SameSite=None; Partitioned;
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
set-cookie: tluid=3367561962433633982476; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:02:52 GMT; Path=/; Domain=.3lift.com; Secure; SameSite=None
GET

https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:52 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
GET

https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:02:53 GMT
content-length: 0
location: /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID
cache-control: no-cache, no-store, must-revalidate
set-cookie: tluidp=40640649522728294176; Path=/; Domain=.3lift.com; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:02:53 GMT; Secure; SameSite=None; Partitioned;
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
set-cookie: tluid=40640649522728294176; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:02:53 GMT; Path=/; Domain=.3lift.com; Secure; SameSite=None
GET

https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:53 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
GET

https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:02:54 GMT
content-length: 0
location: /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID
cache-control: no-cache, no-store, must-revalidate
set-cookie: tluidp=3977137231847594266043; Path=/; Domain=.3lift.com; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:02:54 GMT; Secure; SameSite=None; Partitioned;
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
set-cookie: tluid=3977137231847594266043; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:02:54 GMT; Path=/; Domain=.3lift.com; Secure; SameSite=None
GET

https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:54 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
GET

https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:02:55 GMT
content-length: 0
location: /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID
cache-control: no-cache, no-store, must-revalidate
set-cookie: tluidp=2064502042727816987197; Path=/; Domain=.3lift.com; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:02:55 GMT; Secure; SameSite=None; Partitioned;
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
set-cookie: tluid=2064502042727816987197; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:02:55 GMT; Path=/; Domain=.3lift.com; Secure; SameSite=None
GET

https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:55 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
GET

https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:02:57 GMT
content-length: 0
location: /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID
cache-control: no-cache, no-store, must-revalidate
set-cookie: tluidp=2439131644362800877837; Path=/; Domain=.3lift.com; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:02:57 GMT; Secure; SameSite=None; Partitioned;
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
set-cookie: tluid=2439131644362800877837; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:02:57 GMT; Path=/; Domain=.3lift.com; Secure; SameSite=None
GET

https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:57 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
GET

https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:21 GMT
content-length: 0
location: /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID
cache-control: no-cache, no-store, must-revalidate
set-cookie: tluidp=3534947414516262214774; Path=/; Domain=.3lift.com; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:03:21 GMT; Secure; SameSite=None; Partitioned;
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
set-cookie: tluid=3534947414516262214774; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:03:21 GMT; Path=/; Domain=.3lift.com; Secure; SameSite=None
GET

https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:22 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
GET

https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:22 GMT
content-length: 0
location: /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID
cache-control: no-cache, no-store, must-revalidate
set-cookie: tluidp=3022786470218995537855; Path=/; Domain=.3lift.com; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:03:22 GMT; Secure; SameSite=None; Partitioned;
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
set-cookie: tluid=3022786470218995537855; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:03:22 GMT; Path=/; Domain=.3lift.com; Secure; SameSite=None
GET

https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:22 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
GET

https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:23 GMT
content-length: 0
location: /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID
cache-control: no-cache, no-store, must-revalidate
set-cookie: tluidp=2041736897801605993788; Path=/; Domain=.3lift.com; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:03:23 GMT; Secure; SameSite=None; Partitioned;
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
set-cookie: tluid=2041736897801605993788; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:03:23 GMT; Path=/; Domain=.3lift.com; Secure; SameSite=None
GET

https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:23 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
GET

https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:23 GMT
content-length: 0
location: /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID
cache-control: no-cache, no-store, must-revalidate
set-cookie: tluidp=1788845106461226545013; Path=/; Domain=.3lift.com; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:03:23 GMT; Secure; SameSite=None; Partitioned;
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
set-cookie: tluid=1788845106461226545013; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:03:23 GMT; Path=/; Domain=.3lift.com; Secure; SameSite=None
GET

https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:23 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
GET

https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:24 GMT
content-length: 0
location: /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID
cache-control: no-cache, no-store, must-revalidate
set-cookie: tluidp=852157188564229398310; Path=/; Domain=.3lift.com; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:03:24 GMT; Secure; SameSite=None; Partitioned;
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
set-cookie: tluid=852157188564229398310; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:03:24 GMT; Path=/; Domain=.3lift.com; Secure; SameSite=None
GET

https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:24 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
GET

https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:24 GMT
content-length: 0
location: /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID
cache-control: no-cache, no-store, must-revalidate
set-cookie: tluidp=2766076124164385701436; Path=/; Domain=.3lift.com; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:03:24 GMT; Secure; SameSite=None; Partitioned;
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
set-cookie: tluid=2766076124164385701436; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:03:24 GMT; Path=/; Domain=.3lift.com; Secure; SameSite=None
GET

https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:24 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
GET

https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:26 GMT
content-length: 0
location: /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID
cache-control: no-cache, no-store, must-revalidate
set-cookie: tluidp=1200063530761461990260; Path=/; Domain=.3lift.com; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:03:26 GMT; Secure; SameSite=None; Partitioned;
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
set-cookie: tluid=1200063530761461990260; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:03:26 GMT; Path=/; Domain=.3lift.com; Secure; SameSite=None
GET

https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:26 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
GET

https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:27 GMT
content-length: 0
location: /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID
cache-control: no-cache, no-store, must-revalidate
set-cookie: tluidp=4155474245342022991358; Path=/; Domain=.3lift.com; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:03:27 GMT; Secure; SameSite=None; Partitioned;
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
set-cookie: tluid=4155474245342022991358; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:03:27 GMT; Path=/; Domain=.3lift.com; Secure; SameSite=None
GET

https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:27 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
GET

https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:28 GMT
content-length: 0
location: /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID
cache-control: no-cache, no-store, must-revalidate
set-cookie: tluidp=3287682871304888790922; Path=/; Domain=.3lift.com; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:03:28 GMT; Secure; SameSite=None; Partitioned;
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
set-cookie: tluid=3287682871304888790922; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:03:28 GMT; Path=/; Domain=.3lift.com; Secure; SameSite=None
GET

https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:29 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
GET

https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:31 GMT
content-length: 0
location: /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID
cache-control: no-cache, no-store, must-revalidate
set-cookie: tluidp=2382643249991820483254; Path=/; Domain=.3lift.com; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:03:31 GMT; Secure; SameSite=None; Partitioned;
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
set-cookie: tluid=2382643249991820483254; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:03:31 GMT; Path=/; Domain=.3lift.com; Secure; SameSite=None
GET

https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:31 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
GET

https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:51 GMT
content-length: 0
location: /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID
cache-control: no-cache, no-store, must-revalidate
set-cookie: tluidp=2721286440329359046776; Path=/; Domain=.3lift.com; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:03:51 GMT; Secure; SameSite=None; Partitioned;
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
set-cookie: tluid=2721286440329359046776; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:03:51 GMT; Path=/; Domain=.3lift.com; Secure; SameSite=None
GET

https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:51 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
GET

https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:52 GMT
content-length: 0
location: /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID
cache-control: no-cache, no-store, must-revalidate
set-cookie: tluidp=826247387012852201313; Path=/; Domain=.3lift.com; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:03:52 GMT; Secure; SameSite=None; Partitioned;
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
set-cookie: tluid=826247387012852201313; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:03:52 GMT; Path=/; Domain=.3lift.com; Secure; SameSite=None
GET

https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:52 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
GET

https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:53 GMT
content-length: 0
location: /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID
cache-control: no-cache, no-store, must-revalidate
set-cookie: tluidp=4324173060525151769653; Path=/; Domain=.3lift.com; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:03:53 GMT; Secure; SameSite=None; Partitioned;
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
set-cookie: tluid=4324173060525151769653; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:03:53 GMT; Path=/; Domain=.3lift.com; Secure; SameSite=None
GET

https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:54 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
GET

https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:56 GMT
content-length: 0
location: /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID
cache-control: no-cache, no-store, must-revalidate
set-cookie: tluidp=843118488277006261679; Path=/; Domain=.3lift.com; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:03:56 GMT; Secure; SameSite=None; Partitioned;
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
set-cookie: tluid=843118488277006261679; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:03:56 GMT; Path=/; Domain=.3lift.com; Secure; SameSite=None
GET

https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:56 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
GET

https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:57 GMT
content-length: 0
location: /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID
cache-control: no-cache, no-store, must-revalidate
set-cookie: tluidp=3257725795716511374409; Path=/; Domain=.3lift.com; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:03:57 GMT; Secure; SameSite=None; Partitioned;
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
set-cookie: tluid=3257725795716511374409; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:03:57 GMT; Path=/; Domain=.3lift.com; Secure; SameSite=None
GET

https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:57 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
GET

https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:59 GMT
content-length: 0
location: /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID
cache-control: no-cache, no-store, must-revalidate
set-cookie: tluidp=831268827379828123723; Path=/; Domain=.3lift.com; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:03:59 GMT; Secure; SameSite=None; Partitioned;
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
set-cookie: tluid=831268827379828123723; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:03:59 GMT; Path=/; Domain=.3lift.com; Secure; SameSite=None
GET

https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:59 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
GET

https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:04:00 GMT
content-length: 0
location: /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID
cache-control: no-cache, no-store, must-revalidate
set-cookie: tluidp=660387019342844020943; Path=/; Domain=.3lift.com; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:04:00 GMT; Secure; SameSite=None; Partitioned;
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
set-cookie: tluid=660387019342844020943; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:04:00 GMT; Path=/; Domain=.3lift.com; Secure; SameSite=None
GET

https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:04:00 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
GET

https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:04:01 GMT
content-length: 0
location: /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID
cache-control: no-cache, no-store, must-revalidate
set-cookie: tluidp=3228848474615966148174; Path=/; Domain=.3lift.com; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:04:01 GMT; Secure; SameSite=None; Partitioned;
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
set-cookie: tluid=3228848474615966148174; Max-Age=7776000; Expires=Wed, 12 Jun 2024 21:04:01 GMT; Path=/; Domain=.3lift.com; Secure; SameSite=None
GET

https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

msedge.exe

Remote address:

13.248.245.213:443

Request

GET /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID HTTP/2.0
host: eb2.3lift.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:04:01 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
GET

https://cdn.connectad.io/connectmyusers.php?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D

msedge.exe

Remote address:

104.22.54.206:443

Request

GET /connectmyusers.php?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D HTTP/2.0
host: cdn.connectad.io
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:18 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=3600
cf-cache-status: HIT
age: 2449
last-modified: Thu, 14 Mar 2024 20:21:29 GMT
server: cloudflare
cf-ray: 864734341cc2b926-AMS
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
GET

https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D

msedge.exe

Remote address:

104.22.54.206:443

Request

GET /syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D HTTP/2.0
host: sync-eu.connectad.io
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.connectad.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: cadsync

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:02:19 GMT
set-cookie: id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
set-cookie: uid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
cache-control: no-cache, private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 86473439db6cb926-AMS
alt-svc: h3=":443"; ma=86400
GET

https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D

msedge.exe

Remote address:

104.22.54.206:443

Request

GET /syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D HTTP/2.0
host: sync-eu.connectad.io
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.connectad.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: cadsync

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:02:20 GMT
set-cookie: id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
set-cookie: uid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
cache-control: no-cache, private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 86473444381fb926-AMS
alt-svc: h3=":443"; ma=86400
GET

https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D

msedge.exe

Remote address:

104.22.54.206:443

Request

GET /syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D HTTP/2.0
host: sync-eu.connectad.io
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.connectad.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: cadsync

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:02:22 GMT
set-cookie: id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
set-cookie: uid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
cache-control: no-cache, private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8647344f1d50b926-AMS
alt-svc: h3=":443"; ma=86400
GET

https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D

msedge.exe

Remote address:

104.22.54.206:443

Request

GET /syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D HTTP/2.0
host: sync-eu.connectad.io
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.connectad.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: cadsync

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:02:52 GMT
set-cookie: id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
set-cookie: uid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
cache-control: no-cache, private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8647350bb919b926-AMS
alt-svc: h3=":443"; ma=86400
GET

https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D

msedge.exe

Remote address:

104.22.54.206:443

Request

GET /syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D HTTP/2.0
host: sync-eu.connectad.io
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.connectad.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:02:54 GMT
set-cookie: id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
set-cookie: uid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
cache-control: no-cache, private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 864735146ac6b926-AMS
alt-svc: h3=":443"; ma=86400
GET

https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D

msedge.exe

Remote address:

104.22.54.206:443

Request

GET /syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D HTTP/2.0
host: sync-eu.connectad.io
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.connectad.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: cadsync

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:02:56 GMT
set-cookie: id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
set-cookie: uid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
cache-control: no-cache, private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 864735250fe6b926-AMS
alt-svc: h3=":443"; ma=86400
GET

https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D

msedge.exe

Remote address:

104.22.54.206:443

Request

GET /syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D HTTP/2.0
host: sync-eu.connectad.io
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.connectad.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: cadsync

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:02:57 GMT
set-cookie: id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
set-cookie: uid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
cache-control: no-cache, private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 86473528ebc6b926-AMS
alt-svc: h3=":443"; ma=86400
GET

https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D

msedge.exe

Remote address:

104.22.54.206:443

Request

GET /syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D HTTP/2.0
host: sync-eu.connectad.io
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.connectad.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: cadsync

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:02:58 GMT
set-cookie: id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
set-cookie: uid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
cache-control: no-cache, private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 864735310b84b926-AMS
alt-svc: h3=":443"; ma=86400
GET

https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D

msedge.exe

Remote address:

104.22.54.206:443

Request

GET /syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D HTTP/2.0
host: sync-eu.connectad.io
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.connectad.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: cadsync

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:03:22 GMT
set-cookie: id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
set-cookie: uid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
cache-control: no-cache, private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 864735c62c93b926-AMS
alt-svc: h3=":443"; ma=86400
GET

https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D

msedge.exe

Remote address:

104.22.54.206:443

Request

GET /syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D HTTP/2.0
host: sync-eu.connectad.io
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.connectad.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: cadsync

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:03:23 GMT
set-cookie: id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
set-cookie: uid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
cache-control: no-cache, private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 864735cd3ca8b926-AMS
alt-svc: h3=":443"; ma=86400
GET

https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D

msedge.exe

Remote address:

104.22.54.206:443

Request

GET /syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D HTTP/2.0
host: sync-eu.connectad.io
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.connectad.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: cadsync

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:03:24 GMT
set-cookie: id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
set-cookie: uid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
cache-control: no-cache, private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 864735cfc80cb926-AMS
alt-svc: h3=":443"; ma=86400
GET

https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D

msedge.exe

Remote address:

104.22.54.206:443

Request

GET /syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D HTTP/2.0
host: sync-eu.connectad.io
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.connectad.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: cadsync

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:03:25 GMT
set-cookie: id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
set-cookie: uid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
cache-control: no-cache, private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 864735d57f35b926-AMS
alt-svc: h3=":443"; ma=86400
GET

https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D

msedge.exe

Remote address:

104.22.54.206:443

Request

GET /syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D HTTP/2.0
host: sync-eu.connectad.io
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.connectad.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: cadsync

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:03:26 GMT
set-cookie: id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
set-cookie: uid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
cache-control: no-cache, private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 864735e01bc5b926-AMS
alt-svc: h3=":443"; ma=86400
GET

https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D

msedge.exe

Remote address:

104.22.54.206:443

Request

GET /syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D HTTP/2.0
host: sync-eu.connectad.io
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.connectad.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: cadsync

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:03:27 GMT
set-cookie: id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
set-cookie: uid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
cache-control: no-cache, private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 864735e68abeb926-AMS
alt-svc: h3=":443"; ma=86400
GET

https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D

msedge.exe

Remote address:

104.22.54.206:443

Request

GET /syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D HTTP/2.0
host: sync-eu.connectad.io
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.connectad.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: cadsync

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:03:29 GMT
set-cookie: id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
set-cookie: uid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
cache-control: no-cache, private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 864735f1bf5bb926-AMS
alt-svc: h3=":443"; ma=86400
GET

https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D

msedge.exe

Remote address:

104.22.54.206:443

Request

GET /syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D HTTP/2.0
host: sync-eu.connectad.io
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.connectad.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: cadsync

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:03:31 GMT
set-cookie: id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
set-cookie: uid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
cache-control: no-cache, private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 864735fe5841b926-AMS
alt-svc: h3=":443"; ma=86400
GET

https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D

msedge.exe

Remote address:

104.22.54.206:443

Request

GET /syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D HTTP/2.0
host: sync-eu.connectad.io
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.connectad.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: cadsync

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:03:52 GMT
set-cookie: id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
set-cookie: uid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
cache-control: no-cache, private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 864736807cbeb926-AMS
alt-svc: h3=":443"; ma=86400
GET

https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D

msedge.exe

Remote address:

104.22.54.206:443

Request

GET /syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D HTTP/2.0
host: sync-eu.connectad.io
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.connectad.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: cadsync

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:03:53 GMT
set-cookie: id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
set-cookie: uid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
cache-control: no-cache, private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 864736895f44b926-AMS
alt-svc: h3=":443"; ma=86400
GET

https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D

msedge.exe

Remote address:

104.22.54.206:443

Request

GET /syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D HTTP/2.0
host: sync-eu.connectad.io
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.connectad.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: cadsync

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:03:56 GMT
set-cookie: id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
set-cookie: uid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
cache-control: no-cache, private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 86473696f813b926-AMS
alt-svc: h3=":443"; ma=86400
GET

https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D

msedge.exe

Remote address:

104.22.54.206:443

Request

GET /syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D HTTP/2.0
host: sync-eu.connectad.io
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.connectad.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:03:56 GMT
set-cookie: id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
set-cookie: uid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
cache-control: no-cache, private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8647369c8e74b926-AMS
alt-svc: h3=":443"; ma=86400
GET

https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D

msedge.exe

Remote address:

104.22.54.206:443

Request

GET /syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D HTTP/2.0
host: sync-eu.connectad.io
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.connectad.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: cadsync

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:03:58 GMT
set-cookie: id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
set-cookie: uid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
cache-control: no-cache, private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 864736a8fc5fb926-AMS
alt-svc: h3=":443"; ma=86400
GET

https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D

msedge.exe

Remote address:

104.22.54.206:443

Request

GET /syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D HTTP/2.0
host: sync-eu.connectad.io
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.connectad.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: cadsync

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:03:59 GMT
set-cookie: id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
set-cookie: uid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
cache-control: no-cache, private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 864736adc9a9b926-AMS
alt-svc: h3=":443"; ma=86400
GET

https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D

msedge.exe

Remote address:

104.22.54.206:443

Request

GET /syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D HTTP/2.0
host: sync-eu.connectad.io
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.connectad.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: cadsync

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:04:02 GMT
set-cookie: id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
set-cookie: uid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
cache-control: no-cache, private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 864736bd7c57b926-AMS
alt-svc: h3=":443"; ma=86400
DNS

prebid-match.dotomi.com

msedge.exe

Remote address:

8.8.8.8:53

Request

prebid-match.dotomi.com

IN A

Response

prebid-match.dotomi.com

IN CNAME

bfp.global.dual.dotomi.weighted.com.akadns.net

bfp.global.dual.dotomi.weighted.com.akadns.net

IN A

89.207.16.204
DNS

prebid-match.dotomi.com

msedge.exe

Remote address:

8.8.8.8:53

Request

prebid-match.dotomi.com

IN A
DNS

rtb.gumgum.com

msedge.exe

Remote address:

8.8.8.8:53

Request

rtb.gumgum.com

IN A

Response

rtb.gumgum.com

IN A

52.19.81.220

rtb.gumgum.com

IN A

52.215.125.147

rtb.gumgum.com

IN A

54.220.54.244

rtb.gumgum.com

IN A

52.211.35.42

rtb.gumgum.com

IN A

34.252.204.17

rtb.gumgum.com

IN A

52.208.188.224

rtb.gumgum.com

IN A

79.125.101.2

rtb.gumgum.com

IN A

52.213.137.156
DNS

c1.adform.net

msedge.exe

Remote address:

8.8.8.8:53

Request

c1.adform.net

IN A

Response

c1.adform.net

IN CNAME

track.adformnet.akadns.net

track.adformnet.akadns.net

IN A

37.157.6.233

track.adformnet.akadns.net

IN A

37.157.6.254

track.adformnet.akadns.net

IN A

37.157.6.232

track.adformnet.akadns.net

IN A

37.157.6.237

track.adformnet.akadns.net

IN A

37.157.6.243
DNS

c1.adform.net

msedge.exe

Remote address:

8.8.8.8:53

Request

c1.adform.net

IN A
DNS

cm.g.doubleclick.net

msedge.exe

Remote address:

8.8.8.8:53

Request

cm.g.doubleclick.net

IN A

Response

cm.g.doubleclick.net

IN A

142.250.178.2
DNS

cm.g.doubleclick.net

msedge.exe

Remote address:

8.8.8.8:53

Request

cm.g.doubleclick.net

IN A
DNS

tg.socdm.com

msedge.exe

Remote address:

8.8.8.8:53

Request

tg.socdm.com

IN A

Response

tg.socdm.com

IN CNAME

tg.dr.socdm.com

tg.dr.socdm.com

IN A

124.146.153.161

tg.dr.socdm.com

IN A

124.146.153.167

tg.dr.socdm.com

IN A

211.120.53.205

tg.dr.socdm.com

IN A

211.120.53.202

tg.dr.socdm.com

IN A

124.146.153.160

tg.dr.socdm.com

IN A

124.146.153.168

tg.dr.socdm.com

IN A

211.120.53.203

tg.dr.socdm.com

IN A

124.146.153.165

tg.dr.socdm.com

IN A

211.120.53.204

tg.dr.socdm.com

IN A

124.146.153.169

tg.dr.socdm.com

IN A

211.120.53.200

tg.dr.socdm.com

IN A

124.146.153.162

tg.dr.socdm.com

IN A

124.146.153.164

tg.dr.socdm.com

IN A

124.146.153.170

tg.dr.socdm.com

IN A

124.146.153.166

tg.dr.socdm.com

IN A

211.120.53.206

tg.dr.socdm.com

IN A

124.146.153.163

tg.dr.socdm.com

IN A

211.120.53.201
DNS

tg.socdm.com

msedge.exe

Remote address:

8.8.8.8:53

Request

tg.socdm.com

IN A

Response

tg.socdm.com

IN CNAME

tg.dr.socdm.com

tg.dr.socdm.com

IN A

211.120.53.201

tg.dr.socdm.com

IN A

124.146.153.168

tg.dr.socdm.com

IN A

211.120.53.206

tg.dr.socdm.com

IN A

124.146.153.169

tg.dr.socdm.com

IN A

124.146.153.166

tg.dr.socdm.com

IN A

211.120.53.202

tg.dr.socdm.com

IN A

211.120.53.204

tg.dr.socdm.com

IN A

124.146.153.165

tg.dr.socdm.com

IN A

211.120.53.200

tg.dr.socdm.com

IN A

124.146.153.164

tg.dr.socdm.com

IN A

124.146.153.170

tg.dr.socdm.com

IN A

211.120.53.205

tg.dr.socdm.com

IN A

124.146.153.162

tg.dr.socdm.com

IN A

211.120.53.203

tg.dr.socdm.com

IN A

124.146.153.167

tg.dr.socdm.com

IN A

124.146.153.161

tg.dr.socdm.com

IN A

124.146.153.160

tg.dr.socdm.com

IN A

124.146.153.163
DNS

creativecdn.com

msedge.exe

Remote address:

8.8.8.8:53

Request

creativecdn.com

IN A

Response

creativecdn.com

IN A

185.184.8.90
DNS

creativecdn.com

msedge.exe

Remote address:

8.8.8.8:53

Request

creativecdn.com

IN A
GET

https://sync.srv.stackadapt.com/sync?nid=286

msedge.exe

Remote address:

54.145.217.237:443

Request

GET /sync?nid=286 HTTP/1.1
Host: sync.srv.stackadapt.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.unknowncheats.me/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Content-Type: text/html; charset=utf-8
Date: Thu, 14 Mar 2024 21:02:18 GMT
Location: https://sync.go.sonobi.com/us.gif?nw=st&nuid=fHKyfRAKVDZ39DwilQps_1mVFzs
Set-Cookie: sa-user-id=s%3A0-7c72b27d-100a-5436-77f4-3c22950a6cff.4oNH0tpHNZeUKiHAXKXF03RzTN7Z8mEmzcC%2FGL8cBjo; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id=s%3A0-7c72b27d-100a-5436-77f4-3c22950a6cff.4oNH0tpHNZeUKiHAXKXF03RzTN7Z8mEmzcC%2FGL8cBjo; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v2=s%3AfHKyfRAKVDZ39DwilQps_1mVFzs.BXalIGJNpQI1gJNcBOImgKbMQV12eayRN58JgMI4Uww; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v2=s%3AfHKyfRAKVDZ39DwilQps_1mVFzs.BXalIGJNpQI1gJNcBOImgKbMQV12eayRN58JgMI4Uww; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v3=s%3AAQAKIMMOVsnI_jD_pKT_cSzy-hgI7oLKJYzUyOvvzIIlC2wBEFsYBCDay82vBjABOgSG_qDnQgQ2r_Dm.6efzBq1U%2BeVgdhpn2Jfh31T58jOPNX1THYuoKi3La%2Fc; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v3=s%3AAQAKIMMOVsnI_jD_pKT_cSzy-hgI7oLKJYzUyOvvzIIlC2wBEFsYBCDay82vBjABOgSG_qDnQgQ2r_Dm.6efzBq1U%2BeVgdhpn2Jfh31T58jOPNX1THYuoKi3La%2Fc; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length: 99
Connection: keep-alive
GET

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=

msedge.exe

Remote address:

54.145.217.237:443

Request

GET /sync?nid=1&gdpr=0&gdpr_consent= HTTP/1.1
Host: sync.srv.stackadapt.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://g2.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Content-Type: text/html; charset=utf-8
Date: Thu, 14 Mar 2024 21:02:18 GMT
Location: https://usersync.gumgum.com/usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59
Set-Cookie: sa-user-id=s%3A0-7c72b27d-100a-5436-77f4-3c22950a6cff.4oNH0tpHNZeUKiHAXKXF03RzTN7Z8mEmzcC%2FGL8cBjo; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id=s%3A0-7c72b27d-100a-5436-77f4-3c22950a6cff.4oNH0tpHNZeUKiHAXKXF03RzTN7Z8mEmzcC%2FGL8cBjo; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v2=s%3AfHKyfRAKVDZ39DwilQps_1mVFzs.BXalIGJNpQI1gJNcBOImgKbMQV12eayRN58JgMI4Uww; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v2=s%3AfHKyfRAKVDZ39DwilQps_1mVFzs.BXalIGJNpQI1gJNcBOImgKbMQV12eayRN58JgMI4Uww; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v3=s%3AAQAKIMMOVsnI_jD_pKT_cSzy-hgI7oLKJYzUyOvvzIIlC2wBEFsYBCDay82vBjABOgSG_qDnQgRkx4P0.zM7wILxR0n96r4GQLUu7pYStFaXuJCOsxdw6ZoypJIA; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v3=s%3AAQAKIMMOVsnI_jD_pKT_cSzy-hgI7oLKJYzUyOvvzIIlC2wBEFsYBCDay82vBjABOgSG_qDnQgRkx4P0.zM7wILxR0n96r4GQLUu7pYStFaXuJCOsxdw6ZoypJIA; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length: 126
Connection: keep-alive
GET

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

54.145.217.237:443

Request

GET /sync?nid=1&gdpr=0&gdpr_consent=0 HTTP/1.1
Host: sync.srv.stackadapt.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Content-Type: text/html; charset=utf-8
Date: Thu, 14 Mar 2024 21:02:20 GMT
Location: https://usersync.gumgum.com/usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59
Set-Cookie: sa-user-id=s%3A0-7c72b27d-100a-5436-77f4-3c22950a6cff.4oNH0tpHNZeUKiHAXKXF03RzTN7Z8mEmzcC%2FGL8cBjo; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id=s%3A0-7c72b27d-100a-5436-77f4-3c22950a6cff.4oNH0tpHNZeUKiHAXKXF03RzTN7Z8mEmzcC%2FGL8cBjo; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v2=s%3AfHKyfRAKVDZ39DwilQps_1mVFzs.BXalIGJNpQI1gJNcBOImgKbMQV12eayRN58JgMI4Uww; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v2=s%3AfHKyfRAKVDZ39DwilQps_1mVFzs.BXalIGJNpQI1gJNcBOImgKbMQV12eayRN58JgMI4Uww; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v3=s%3AAQAKIMMOVsnI_jD_pKT_cSzy-hgI7oLKJYzUyOvvzIIlC2wBEFsYBCDcy82vBjABOgSG_qDnQgSXcfSs.MyDBBpqFppd3DHRkhzSWpjY6%2BpS9jiXuBfy9AirJEHI; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v3=s%3AAQAKIMMOVsnI_jD_pKT_cSzy-hgI7oLKJYzUyOvvzIIlC2wBEFsYBCDcy82vBjABOgSG_qDnQgSXcfSs.MyDBBpqFppd3DHRkhzSWpjY6%2BpS9jiXuBfy9AirJEHI; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length: 126
Connection: keep-alive
GET

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

54.145.217.237:443

Request

GET /sync?nid=1&gdpr=0&gdpr_consent=0 HTTP/1.1
Host: sync.srv.stackadapt.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Content-Type: text/html; charset=utf-8
Date: Thu, 14 Mar 2024 21:02:21 GMT
Location: https://usersync.gumgum.com/usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59
Set-Cookie: sa-user-id=s%3A0-7c72b27d-100a-5436-77f4-3c22950a6cff.4oNH0tpHNZeUKiHAXKXF03RzTN7Z8mEmzcC%2FGL8cBjo; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id=s%3A0-7c72b27d-100a-5436-77f4-3c22950a6cff.4oNH0tpHNZeUKiHAXKXF03RzTN7Z8mEmzcC%2FGL8cBjo; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v2=s%3AfHKyfRAKVDZ39DwilQps_1mVFzs.BXalIGJNpQI1gJNcBOImgKbMQV12eayRN58JgMI4Uww; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v2=s%3AfHKyfRAKVDZ39DwilQps_1mVFzs.BXalIGJNpQI1gJNcBOImgKbMQV12eayRN58JgMI4Uww; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v3=s%3AAQAKIMMOVsnI_jD_pKT_cSzy-hgI7oLKJYzUyOvvzIIlC2wBEFsYBCDdy82vBjABOgSG_qDnQgQ4nCnx.r9IeWyRAH1n2RJPw3bqrCDuY65zjnRD%2Fk1B87aF%2FCMY; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v3=s%3AAQAKIMMOVsnI_jD_pKT_cSzy-hgI7oLKJYzUyOvvzIIlC2wBEFsYBCDdy82vBjABOgSG_qDnQgQ4nCnx.r9IeWyRAH1n2RJPw3bqrCDuY65zjnRD%2Fk1B87aF%2FCMY; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length: 126
Connection: keep-alive
GET

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

54.145.217.237:443

Request

GET /sync?nid=1&gdpr=0&gdpr_consent=0 HTTP/1.1
Host: sync.srv.stackadapt.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Content-Type: text/html; charset=utf-8
Date: Thu, 14 Mar 2024 21:02:23 GMT
Location: https://usersync.gumgum.com/usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59
Set-Cookie: sa-user-id=s%3A0-7c72b27d-100a-5436-77f4-3c22950a6cff.4oNH0tpHNZeUKiHAXKXF03RzTN7Z8mEmzcC%2FGL8cBjo; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id=s%3A0-7c72b27d-100a-5436-77f4-3c22950a6cff.4oNH0tpHNZeUKiHAXKXF03RzTN7Z8mEmzcC%2FGL8cBjo; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v2=s%3AfHKyfRAKVDZ39DwilQps_1mVFzs.BXalIGJNpQI1gJNcBOImgKbMQV12eayRN58JgMI4Uww; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v2=s%3AfHKyfRAKVDZ39DwilQps_1mVFzs.BXalIGJNpQI1gJNcBOImgKbMQV12eayRN58JgMI4Uww; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v3=s%3AAQAKIMMOVsnI_jD_pKT_cSzy-hgI7oLKJYzUyOvvzIIlC2wBEFsYBCDfy82vBjABOgSG_qDnQgRypPnH.zHHPAJd6%2BS7bX7%2Bjmw0VSkpobymdDncE6m5I%2FjukFCw; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v3=s%3AAQAKIMMOVsnI_jD_pKT_cSzy-hgI7oLKJYzUyOvvzIIlC2wBEFsYBCDfy82vBjABOgSG_qDnQgRypPnH.zHHPAJd6%2BS7bX7%2Bjmw0VSkpobymdDncE6m5I%2FjukFCw; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length: 126
Connection: keep-alive
DNS

pr-bh.ybp.yahoo.com

msedge.exe

Remote address:

8.8.8.8:53

Request

pr-bh.ybp.yahoo.com

IN A

Response

pr-bh.ybp.yahoo.com

IN CNAME

ds-pr-bh.ybp.gysm.yahoodns.net

ds-pr-bh.ybp.gysm.yahoodns.net

IN A

34.241.51.123

ds-pr-bh.ybp.gysm.yahoodns.net

IN A

52.215.103.37

ds-pr-bh.ybp.gysm.yahoodns.net

IN A

34.249.37.159

ds-pr-bh.ybp.gysm.yahoodns.net

IN A

108.128.78.248
DNS

us-u.openx.net

msedge.exe

Remote address:

8.8.8.8:53

Request

us-u.openx.net

IN A

Response

us-u.openx.net

IN A

35.244.159.8

us-u.openx.net

IN A

34.98.64.218
GET

https://ads.servenobid.com/sync?pid=309&uid=e_bafd225f-69ab-4af2-b288-ccd95597959c

msedge.exe

Remote address:

54.246.136.8:443

Request

GET /sync?pid=309&uid=e_bafd225f-69ab-4af2-b288-ccd95597959c HTTP/2.0
host: ads.servenobid.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:18 GMT
content-type: image/webp;charset=ISO-8859-1
content-length: 0
set-cookie: pid_309=e_bafd225f-69ab-4af2-b288-ccd95597959c; domain=servenobid.com; SameSite=None; Expires=Thu, 21 Mar 2024 21:02:18 GMT; secure
access-control-allow-origin: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
GET

https://ads.servenobid.com/sync?pid=333&uid=0

msedge.exe

Remote address:

54.246.136.8:443

Request

GET /sync?pid=333&uid=0 HTTP/2.0
host: ads.servenobid.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ssum-sec.casalemedia.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: pid_309=e_bafd225f-69ab-4af2-b288-ccd95597959c

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:18 GMT
content-type: image/webp;charset=ISO-8859-1
content-length: 0
set-cookie: pid_333=0; domain=servenobid.com; SameSite=None; Expires=Thu, 21 Mar 2024 21:02:18 GMT; secure
access-control-allow-origin: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
GET

https://ads.servenobid.com/getsync?tek=pbs&ver=1&gdpr=0&gdpr_consent=0&us_privacy=0&format=json

msedge.exe

Remote address:

54.246.136.8:443

Request

GET /getsync?tek=pbs&ver=1&gdpr=0&gdpr_consent=0&us_privacy=0&format=json HTTP/2.0
host: ads.servenobid.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
accept: */*
origin: https://s.0cf.io
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://s.0cf.io/?gdpr=1&gdprConsent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&bidid=321206534-19072067-24490-0&id=191beab17e050a2&uid=
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: pid_309=e_bafd225f-69ab-4af2-b288-ccd95597959c
cookie: pid_333=0

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:20 GMT
content-type: text/plain;charset=ISO-8859-1
content-length: 73
access-control-allow-origin: https://s.0cf.io
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
GET

https://ads.servenobid.com/getsync?tek=pbs&ver=1&gdpr=0&gdpr_consent=0&us_privacy=0&format=json

msedge.exe

Remote address:

54.246.136.8:443

Request

GET /getsync?tek=pbs&ver=1&gdpr=0&gdpr_consent=0&us_privacy=0&format=json HTTP/2.0
host: ads.servenobid.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
accept: */*
origin: https://s.0cf.io
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: pid_309=e_bafd225f-69ab-4af2-b288-ccd95597959c
cookie: pid_333=0

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:20 GMT
content-type: text/plain;charset=ISO-8859-1
content-length: 73
access-control-allow-origin: https://s.0cf.io
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
GET

https://ads.servenobid.com/getsync?tek=pbs&ver=1&gdpr=0&gdpr_consent=0&us_privacy=0&format=json

msedge.exe

Remote address:

54.246.136.8:443

Request

GET /getsync?tek=pbs&ver=1&gdpr=0&gdpr_consent=0&us_privacy=0&format=json HTTP/2.0
host: ads.servenobid.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
accept: */*
origin: https://s.0cf.io
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: pid_309=e_bafd225f-69ab-4af2-b288-ccd95597959c
cookie: pid_333=0

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:22 GMT
content-type: text/plain;charset=ISO-8859-1
content-length: 73
access-control-allow-origin: https://s.0cf.io
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
GET

https://ads.servenobid.com/sync?pid=369&uid=8ef2cb38-8c36-4e69-80d6-9f685d2f2d66

msedge.exe

Remote address:

54.246.136.8:443

Request

GET /sync?pid=369&uid=8ef2cb38-8c36-4e69-80d6-9f685d2f2d66 HTTP/2.0
host: ads.servenobid.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://cdn.dxkulture.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: pid_309=e_bafd225f-69ab-4af2-b288-ccd95597959c
cookie: pid_333=0

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:22 GMT
content-type: image/webp;charset=ISO-8859-1
content-length: 0
set-cookie: pid_369=8ef2cb38-8c36-4e69-80d6-9f685d2f2d66; domain=servenobid.com; SameSite=None; Expires=Thu, 21 Mar 2024 21:02:22 GMT; secure
access-control-allow-origin: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
GET

https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA

msedge.exe

Remote address:

54.246.136.8:443

Request

GET /sync?pid=327&uid=&us_privacy=1YN-&gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA HTTP/2.0
host: ads.servenobid.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://public.servenobid.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: pid_309=e_bafd225f-69ab-4af2-b288-ccd95597959c
cookie: pid_333=0
cookie: pid_369=8ef2cb38-8c36-4e69-80d6-9f685d2f2d66

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:22 GMT
content-type: image/webp;charset=ISO-8859-1
content-length: 0
access-control-allow-origin: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
GET

https://ads.servenobid.com/sync?pid=324&uid=5107433833055754450

msedge.exe

Remote address:

54.246.136.8:443

Request

GET /sync?pid=324&uid=5107433833055754450 HTTP/2.0
host: ads.servenobid.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://public.servenobid.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: pid_309=e_bafd225f-69ab-4af2-b288-ccd95597959c
cookie: pid_333=0
cookie: pid_369=8ef2cb38-8c36-4e69-80d6-9f685d2f2d66

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:22 GMT
content-type: image/webp;charset=ISO-8859-1
content-length: 0
set-cookie: pid_324=5107433833055754450; domain=servenobid.com; SameSite=None; Expires=Thu, 21 Mar 2024 21:02:22 GMT; secure
access-control-allow-origin: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
GET

https://ads.servenobid.com/sync?pid=353&uid=0000EEA

msedge.exe

Remote address:

54.246.136.8:443

Request

GET /sync?pid=353&uid=0000EEA HTTP/2.0
host: ads.servenobid.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://public.servenobid.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: pid_309=e_bafd225f-69ab-4af2-b288-ccd95597959c
cookie: pid_333=0
cookie: pid_369=8ef2cb38-8c36-4e69-80d6-9f685d2f2d66

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:22 GMT
content-type: image/webp;charset=ISO-8859-1
content-length: 0
set-cookie: pid_353=0000EEA; domain=servenobid.com; SameSite=None; Expires=Thu, 21 Mar 2024 21:02:22 GMT; secure
access-control-allow-origin: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
GET

https://ads.servenobid.com/sync?pid=312&uid=0

msedge.exe

Remote address:

54.246.136.8:443

Request

GET /sync?pid=312&uid=0 HTTP/2.0
host: ads.servenobid.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://public.servenobid.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: pid_309=e_bafd225f-69ab-4af2-b288-ccd95597959c
cookie: pid_333=0
cookie: pid_369=8ef2cb38-8c36-4e69-80d6-9f685d2f2d66

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:22 GMT
content-type: image/webp;charset=ISO-8859-1
content-length: 0
set-cookie: pid_312=0; domain=servenobid.com; SameSite=None; Expires=Thu, 21 Mar 2024 21:02:22 GMT; secure
access-control-allow-origin: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
GET

https://ads.servenobid.com/sync?pid=321&uid=OPTOUT

msedge.exe

Remote address:

54.246.136.8:443

Request

GET /sync?pid=321&uid=OPTOUT HTTP/2.0
host: ads.servenobid.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://public.servenobid.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: pid_309=e_bafd225f-69ab-4af2-b288-ccd95597959c
cookie: pid_333=0
cookie: pid_369=8ef2cb38-8c36-4e69-80d6-9f685d2f2d66

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:22 GMT
content-type: image/webp;charset=ISO-8859-1
content-length: 0
set-cookie: pid_321=OPTOUT; domain=servenobid.com; SameSite=None; Expires=Thu, 21 Mar 2024 21:02:22 GMT; secure
access-control-allow-origin: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
DNS

bh.contextweb.com

msedge.exe

Remote address:

8.8.8.8:53

Request

bh.contextweb.com

IN A

Response

bh.contextweb.com

IN CNAME

am1-bh.contextweb.com

am1-bh.contextweb.com

IN CNAME

am1-direct-bgp.contextweb.com

am1-direct-bgp.contextweb.com

IN A

208.93.169.131
DNS

sync.ipredictive.com

msedge.exe

Remote address:

8.8.8.8:53

Request

sync.ipredictive.com

IN A

Response

sync.ipredictive.com

IN A

52.71.44.145

sync.ipredictive.com

IN A

54.158.243.155

sync.ipredictive.com

IN A

52.70.187.13

sync.ipredictive.com

IN A

54.159.66.10

sync.ipredictive.com

IN A

52.44.255.182

sync.ipredictive.com

IN A

54.158.64.147

sync.ipredictive.com

IN A

52.87.49.60

sync.ipredictive.com

IN A

54.144.94.27
DNS

match.deepintent.com

msedge.exe

Remote address:

8.8.8.8:53

Request

match.deepintent.com

IN A

Response

match.deepintent.com

IN CNAME

m.deepintent.com

m.deepintent.com

IN A

169.197.150.8

m.deepintent.com

IN A

8.18.47.7

m.deepintent.com

IN A

169.197.150.7

m.deepintent.com

IN A

38.91.45.7
DNS

b1sync.zemanta.com

msedge.exe

Remote address:

8.8.8.8:53

Request

b1sync.zemanta.com

IN A

Response

b1sync.zemanta.com

IN CNAME

b1-use1.zemanta.com

b1-use1.zemanta.com

IN CNAME

zemanta-nychi2.outbrain.org

zemanta-nychi2.outbrain.org

IN CNAME

chidc2.outbrain.org

chidc2.outbrain.org

IN A

50.31.142.95
DNS

b1sync.zemanta.com

msedge.exe

Remote address:

8.8.8.8:53

Request

b1sync.zemanta.com

IN A

Response

b1sync.zemanta.com

IN CNAME

b1-use1.zemanta.com

b1-use1.zemanta.com

IN CNAME

zemanta-nychi2.outbrain.org

zemanta-nychi2.outbrain.org

IN CNAME

chidc2.outbrain.org

chidc2.outbrain.org

IN A

64.74.236.159
GET

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=

msedge.exe

Remote address:

34.241.51.123:443

Request

GET /sync/gumgum?gdpr=0&gdpr_consent= HTTP/2.0
host: pr-bh.ybp.yahoo.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:18 GMT
content-type: image/gif
content-length: 43
age: 0
strict-transport-security: max-age=31536000
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
GET

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

34.241.51.123:443

Request

GET /sync/gumgum?gdpr=0&gdpr_consent=0 HTTP/2.0
host: pr-bh.ybp.yahoo.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:20 GMT
content-type: image/gif
content-length: 43
age: 0
strict-transport-security: max-age=31536000
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
GET

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

34.241.51.123:443

Request

GET /sync/gumgum?gdpr=0&gdpr_consent=0 HTTP/2.0
host: pr-bh.ybp.yahoo.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:22 GMT
content-type: image/gif
content-length: 43
age: 0
strict-transport-security: max-age=31536000
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
GET

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

34.241.51.123:443

Request

GET /sync/gumgum?gdpr=0&gdpr_consent=0 HTTP/2.0
host: pr-bh.ybp.yahoo.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:23 GMT
content-type: image/gif
content-length: 43
age: 0
strict-transport-security: max-age=31536000
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
GET

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

34.241.51.123:443

Request

GET /sync/gumgum?gdpr=0&gdpr_consent=0 HTTP/2.0
host: pr-bh.ybp.yahoo.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:55 GMT
content-type: image/gif
content-length: 43
age: 0
strict-transport-security: max-age=31536000
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
GET

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

34.241.51.123:443

Request

GET /sync/gumgum?gdpr=0&gdpr_consent=0 HTTP/2.0
host: pr-bh.ybp.yahoo.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:56 GMT
content-type: image/gif
content-length: 43
age: 0
strict-transport-security: max-age=31536000
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
GET

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

34.241.51.123:443

Request

GET /sync/gumgum?gdpr=0&gdpr_consent=0 HTTP/2.0
host: pr-bh.ybp.yahoo.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:57 GMT
content-type: image/gif
content-length: 43
age: 0
strict-transport-security: max-age=31536000
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
GET

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

34.241.51.123:443

Request

GET /sync/gumgum?gdpr=0&gdpr_consent=0 HTTP/2.0
host: pr-bh.ybp.yahoo.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:58 GMT
content-type: image/gif
content-length: 43
age: 0
strict-transport-security: max-age=31536000
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
GET

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

34.241.51.123:443

Request

GET /sync/gumgum?gdpr=0&gdpr_consent=0 HTTP/2.0
host: pr-bh.ybp.yahoo.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:23 GMT
content-type: image/gif
content-length: 43
age: 0
strict-transport-security: max-age=31536000
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
GET

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

34.241.51.123:443

Request

GET /sync/gumgum?gdpr=0&gdpr_consent=0 HTTP/2.0
host: pr-bh.ybp.yahoo.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:25 GMT
content-type: image/gif
content-length: 43
age: 0
strict-transport-security: max-age=31536000
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
GET

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

34.241.51.123:443

Request

GET /sync/gumgum?gdpr=0&gdpr_consent=0 HTTP/2.0
host: pr-bh.ybp.yahoo.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:25 GMT
content-type: image/gif
content-length: 43
age: 0
strict-transport-security: max-age=31536000
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
GET

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

34.241.51.123:443

Request

GET /sync/gumgum?gdpr=0&gdpr_consent=0 HTTP/2.0
host: pr-bh.ybp.yahoo.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:29 GMT
content-type: image/gif
content-length: 43
age: 0
strict-transport-security: max-age=31536000
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
GET

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

34.241.51.123:443

Request

GET /sync/gumgum?gdpr=0&gdpr_consent=0 HTTP/2.0
host: pr-bh.ybp.yahoo.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:32 GMT
content-type: image/gif
content-length: 43
age: 0
strict-transport-security: max-age=31536000
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
GET

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

34.241.51.123:443

Request

GET /sync/gumgum?gdpr=0&gdpr_consent=0 HTTP/2.0
host: pr-bh.ybp.yahoo.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:55 GMT
content-type: image/gif
content-length: 43
age: 0
strict-transport-security: max-age=31536000
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
GET

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

34.241.51.123:443

Request

GET /sync/gumgum?gdpr=0&gdpr_consent=0 HTTP/2.0
host: pr-bh.ybp.yahoo.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:58 GMT
content-type: image/gif
content-length: 43
age: 0
strict-transport-security: max-age=31536000
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
GET

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D

msedge.exe

Remote address:

35.244.159.8:443

Request

GET /w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP/2.0
host: us-u.openx.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

sync.go.sonobi.com

msedge.exe

Remote address:

8.8.8.8:53

Request

sync.go.sonobi.com

IN A

Response

sync.go.sonobi.com

IN CNAME

iad-2-sync.go.sonobi.com

iad-2-sync.go.sonobi.com

IN A

69.166.1.34

iad-2-sync.go.sonobi.com

IN A

69.166.1.67

iad-2-sync.go.sonobi.com

IN A

69.166.1.66

iad-2-sync.go.sonobi.com

IN A

69.166.1.35
DNS

sync.go.sonobi.com

msedge.exe

Remote address:

8.8.8.8:53

Request

sync.go.sonobi.com

IN A
GET

https://tg.socdm.com/aux/idsync?proto=gumgum

msedge.exe

Remote address:

124.146.153.161:443

Request

GET /aux/idsync?proto=gumgum HTTP/1.1
Host: tg.socdm.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Server: nginx
Date: Thu, 14 Mar 2024 21:02:54 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: private
Location: https://usersync.gumgum.com/usersync?b=sus&i=ZfNl-sCo8YsAALcG.k0AAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time: 3
X-SO-HostName: m-ad276.dc4p.scaleout.jp
X-SO-LB-Hostname: m-tgng39.dc4p.scaleout.jp
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZfNl-sCo8YsAALcG.k0AAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad276"}
X-SO-Key: ZfNl-sCo8YsAALcG.k0AAAAA
X-SO-IP: 89.149.23.59
X-SO-Cluster-ID: 0
X-SO-Upstream-ID: m-ad276
GET

https://tg.socdm.com/aux/idsync?proto=gumgum

msedge.exe

Remote address:

124.146.153.161:443

Request

GET /aux/idsync?proto=gumgum HTTP/1.1
Host: tg.socdm.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Server: nginx
Date: Thu, 14 Mar 2024 21:02:56 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: private
Location: https://usersync.gumgum.com/usersync?b=sus&i=ZfNmAMCo8YsAALcG.vEAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time: 2
X-SO-HostName: m-ad396.dc4p.scaleout.jp
X-SO-LB-Hostname: m-tgng39.dc4p.scaleout.jp
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZfNmAMCo8YsAALcG.vEAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad396"}
X-SO-Key: ZfNmAMCo8YsAALcG.vEAAAAA
X-SO-IP: 89.149.23.59
X-SO-Cluster-ID: 0
X-SO-Upstream-ID: m-ad396
GET

https://tg.socdm.com/aux/idsync?proto=gumgum

msedge.exe

Remote address:

124.146.153.161:443

Request

GET /aux/idsync?proto=gumgum HTTP/1.1
Host: tg.socdm.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Server: nginx
Date: Thu, 14 Mar 2024 21:02:57 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: private
Location: https://usersync.gumgum.com/usersync?b=sus&i=ZfNmAcCo8YsAALcG.zcAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time: 2
X-SO-HostName: a-ad40334.dc2p.scaleout.jp
X-SO-LB-Hostname: m-tgng39.dc4p.scaleout.jp
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZfNmAcCo8YsAALcG.zcAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40334"}
X-SO-Key: ZfNmAcCo8YsAALcG.zcAAAAA
X-SO-IP: 89.149.23.59
X-SO-Cluster-ID: 0
X-SO-Upstream-ID: a-ad40334
GET

https://tg.socdm.com/aux/idsync?proto=gumgum

msedge.exe

Remote address:

124.146.153.161:443

Request

GET /aux/idsync?proto=gumgum HTTP/1.1
Host: tg.socdm.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Server: nginx
Date: Thu, 14 Mar 2024 21:02:59 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: private
Location: https://usersync.gumgum.com/usersync?b=sus&i=ZfNmA8Co8YsAALcG..oAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time: 3
X-SO-HostName: m-ad314.dc4p.scaleout.jp
X-SO-LB-Hostname: m-tgng39.dc4p.scaleout.jp
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZfNmA8Co8YsAALcG..oAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad314"}
X-SO-Key: ZfNmA8Co8YsAALcG..oAAAAA
X-SO-IP: 89.149.23.59
X-SO-Cluster-ID: 0
X-SO-Upstream-ID: m-ad314
GET

https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D

msedge.exe

Remote address:

169.197.150.8:443

Request

GET /usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D HTTP/2.0
host: match.deepintent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25

msedge.exe

Remote address:

208.93.169.131:443

Request

GET /bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP/2.0
host: bh.contextweb.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-648c8fd498-kc6cc
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://rtb.gumgum.com/usersync?b=pln&i=DBMDuObcjk7S&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
server: Jetty(10.0.14)
set-cookie: INGRESSCOOKIE=42b9ac66e10c2cbf; path=/; HttpOnly; Secure; SameSite=None
GET

https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D21%26uid%3D%25%25VGUID%25%25

msedge.exe

Remote address:

208.93.169.131:443

Request

GET /rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D21%26uid%3D%25%25VGUID%25%25 HTTP/2.0
host: bh.contextweb.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-648c8fd498-g47ql
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=21&uid=J9wjqgakOMjU&ev=1&pid=561205
server: Jetty(10.0.14)
set-cookie: INGRESSCOOKIE=464b58aa151d3db0; path=/; HttpOnly; Secure; SameSite=None
GET

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25

msedge.exe

Remote address:

208.93.169.131:443

Request

GET /bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP/2.0
host: bh.contextweb.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-648c8fd498-bmvbl
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://rtb.gumgum.com/usersync?b=pln&i=8otcXvUY5kcY&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
server: Jetty(10.0.14)
set-cookie: INGRESSCOOKIE=48e7372bb079d18b; path=/; HttpOnly; Secure; SameSite=None
GET

https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D21%26uid%3D%25%25VGUID%25%25

msedge.exe

Remote address:

208.93.169.131:443

Request

GET /rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D21%26uid%3D%25%25VGUID%25%25 HTTP/2.0
host: bh.contextweb.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-648c8fd498-2rtlk
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=21&uid=vQT3dzCcBSuq&ev=1&pid=561205
server: Jetty(10.0.14)
set-cookie: INGRESSCOOKIE=79c9d3632865f282; path=/; HttpOnly; Secure; SameSite=None
GET

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25

msedge.exe

Remote address:

208.93.169.131:443

Request

GET /bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP/2.0
host: bh.contextweb.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-648c8fd498-kbzds
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://rtb.gumgum.com/usersync?b=pln&i=YhKT4jHOYqxa&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
server: Jetty(10.0.14)
set-cookie: INGRESSCOOKIE=d6b42e6012428fd7; path=/; HttpOnly; Secure; SameSite=None
GET

https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D21%26uid%3D%25%25VGUID%25%25

msedge.exe

Remote address:

208.93.169.131:443

Request

GET /rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D21%26uid%3D%25%25VGUID%25%25 HTTP/2.0
host: bh.contextweb.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-648c8fd498-kc6cc
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=21&uid=pjL3fywZ8VzN&ev=1&pid=561205
server: Jetty(10.0.14)
set-cookie: INGRESSCOOKIE=42b9ac66e10c2cbf; path=/; HttpOnly; Secure; SameSite=None
GET

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25

msedge.exe

Remote address:

208.93.169.131:443

Request

GET /bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP/2.0
host: bh.contextweb.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-648c8fd498-kc6cc
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://rtb.gumgum.com/usersync?b=pln&i=F1Z5hkyNbVFL&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
server: Jetty(10.0.14)
set-cookie: INGRESSCOOKIE=42b9ac66e10c2cbf; path=/; HttpOnly; Secure; SameSite=None
GET

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9iYWZkMjI1Zi02OWFiLTRhZjItYjI4OC1jY2Q5NTU5Nzk1OWM=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv

msedge.exe

Remote address:

142.250.178.2:443

Request

GET /pixel?google_nid=gumgum_dbm&google_hm=ZV9iYWZkMjI1Zi02OWFiLTRhZjItYjI4OC1jY2Q5NTU5Nzk1OWM=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv HTTP/2.0
host: cm.g.doubleclick.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=

msedge.exe

Remote address:

37.157.6.233:443

Request

GET /serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP/2.0
host: c1.adform.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: nginx
date: Thu, 14 Mar 2024 21:02:18 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
set-cookie: C=1; expires=Sun, 14 Apr 2024 21:02:18 GMT; domain=adform.net; path=/; secure; samesite=none
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=31536000; includeSubDomains
GET

https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=

msedge.exe

Remote address:

37.157.6.233:443

Request

GET /serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent= HTTP/2.0
host: c1.adform.net
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Thu, 14 Mar 2024 21:02:18 GMT
content-type: image/gif
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=31536000; includeSubDomains
GET

https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

37.157.6.233:443

Request

GET /serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0 HTTP/2.0
host: c1.adform.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: nginx
date: Thu, 14 Mar 2024 21:02:19 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
set-cookie: C=1; expires=Sun, 14 Apr 2024 21:02:19 GMT; domain=adform.net; path=/; secure; samesite=none
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=31536000; includeSubDomains
GET

https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

37.157.6.233:443

Request

GET /serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0 HTTP/2.0
host: c1.adform.net
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Thu, 14 Mar 2024 21:02:19 GMT
content-type: image/gif
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=31536000; includeSubDomains
GET

https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

37.157.6.233:443

Request

GET /serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0 HTTP/2.0
host: c1.adform.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: nginx
date: Thu, 14 Mar 2024 21:02:20 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
set-cookie: C=1; expires=Sun, 14 Apr 2024 21:02:20 GMT; domain=adform.net; path=/; secure; samesite=none
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=31536000; includeSubDomains
GET

https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

37.157.6.233:443

Request

GET /serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0 HTTP/2.0
host: c1.adform.net
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Thu, 14 Mar 2024 21:02:20 GMT
content-type: image/gif
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=31536000; includeSubDomains
GET

https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

37.157.6.233:443

Request

GET /serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0 HTTP/2.0
host: c1.adform.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: nginx
date: Thu, 14 Mar 2024 21:02:22 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
set-cookie: C=1; expires=Sun, 14 Apr 2024 21:02:22 GMT; domain=adform.net; path=/; secure; samesite=none
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=31536000; includeSubDomains
GET

https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

37.157.6.233:443

Request

GET /serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0 HTTP/2.0
host: c1.adform.net
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Thu, 14 Mar 2024 21:02:23 GMT
content-type: image/gif
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=31536000; includeSubDomains
GET

https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

37.157.6.233:443

Request

GET /serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0 HTTP/2.0
host: c1.adform.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: nginx
date: Thu, 14 Mar 2024 21:02:54 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
set-cookie: C=1; expires=Sun, 14 Apr 2024 21:02:54 GMT; domain=adform.net; path=/; secure; samesite=none
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=31536000; includeSubDomains
GET

https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

37.157.6.233:443

Request

GET /serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0 HTTP/2.0
host: c1.adform.net
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Thu, 14 Mar 2024 21:02:55 GMT
content-type: image/gif
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=31536000; includeSubDomains
GET

https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

37.157.6.233:443

Request

GET /serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0 HTTP/2.0
host: c1.adform.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: nginx
date: Thu, 14 Mar 2024 21:02:56 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
set-cookie: C=1; expires=Sun, 14 Apr 2024 21:02:56 GMT; domain=adform.net; path=/; secure; samesite=none
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=31536000; includeSubDomains
GET

https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

37.157.6.233:443

Request

GET /serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0 HTTP/2.0
host: c1.adform.net
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Thu, 14 Mar 2024 21:02:56 GMT
content-type: image/gif
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=31536000; includeSubDomains
GET

https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

37.157.6.233:443

Request

GET /serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0 HTTP/2.0
host: c1.adform.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: nginx
date: Thu, 14 Mar 2024 21:02:57 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
set-cookie: C=1; expires=Sun, 14 Apr 2024 21:02:57 GMT; domain=adform.net; path=/; secure; samesite=none
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=31536000; includeSubDomains
GET

https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

37.157.6.233:443

Request

GET /serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0 HTTP/2.0
host: c1.adform.net
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Thu, 14 Mar 2024 21:02:57 GMT
content-type: image/gif
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=31536000; includeSubDomains
GET

https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

37.157.6.233:443

Request

GET /serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0 HTTP/2.0
host: c1.adform.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: nginx
date: Thu, 14 Mar 2024 21:02:58 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
set-cookie: C=1; expires=Sun, 14 Apr 2024 21:02:58 GMT; domain=adform.net; path=/; secure; samesite=none
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=31536000; includeSubDomains
GET

https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

37.157.6.233:443

Request

GET /serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0 HTTP/2.0
host: c1.adform.net
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Thu, 14 Mar 2024 21:02:58 GMT
content-type: image/gif
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=31536000; includeSubDomains
GET

https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

37.157.6.233:443

Request

GET /serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0 HTTP/2.0
host: c1.adform.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: nginx
date: Thu, 14 Mar 2024 21:03:23 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
set-cookie: C=1; expires=Sun, 14 Apr 2024 21:03:23 GMT; domain=adform.net; path=/; secure; samesite=none
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=31536000; includeSubDomains
GET

https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

37.157.6.233:443

Request

GET /serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0 HTTP/2.0
host: c1.adform.net
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Thu, 14 Mar 2024 21:03:23 GMT
content-type: image/gif
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=31536000; includeSubDomains
GET

https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

37.157.6.233:443

Request

GET /serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0 HTTP/2.0
host: c1.adform.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: nginx
date: Thu, 14 Mar 2024 21:03:25 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
set-cookie: C=1; expires=Sun, 14 Apr 2024 21:03:25 GMT; domain=adform.net; path=/; secure; samesite=none
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=31536000; includeSubDomains
GET

https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

37.157.6.233:443

Request

GET /serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0 HTTP/2.0
host: c1.adform.net
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Thu, 14 Mar 2024 21:03:25 GMT
content-type: image/gif
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=31536000; includeSubDomains
GET

https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

37.157.6.233:443

Request

GET /serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0 HTTP/2.0
host: c1.adform.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: nginx
date: Thu, 14 Mar 2024 21:03:25 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
set-cookie: C=1; expires=Sun, 14 Apr 2024 21:03:25 GMT; domain=adform.net; path=/; secure; samesite=none
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=31536000; includeSubDomains
GET

https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

37.157.6.233:443

Request

GET /serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0 HTTP/2.0
host: c1.adform.net
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Thu, 14 Mar 2024 21:03:25 GMT
content-type: image/gif
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=31536000; includeSubDomains
GET

https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

37.157.6.233:443

Request

GET /serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0 HTTP/2.0
host: c1.adform.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: nginx
date: Thu, 14 Mar 2024 21:03:29 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
set-cookie: C=1; expires=Sun, 14 Apr 2024 21:03:29 GMT; domain=adform.net; path=/; secure; samesite=none
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=31536000; includeSubDomains
GET

https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

37.157.6.233:443

Request

GET /serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0 HTTP/2.0
host: c1.adform.net
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Thu, 14 Mar 2024 21:03:29 GMT
content-type: image/gif
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=31536000; includeSubDomains
GET

https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

37.157.6.233:443

Request

GET /serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0 HTTP/2.0
host: c1.adform.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: nginx
date: Thu, 14 Mar 2024 21:03:31 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
set-cookie: C=1; expires=Sun, 14 Apr 2024 21:03:31 GMT; domain=adform.net; path=/; secure; samesite=none
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=31536000; includeSubDomains
GET

https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

37.157.6.233:443

Request

GET /serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0 HTTP/2.0
host: c1.adform.net
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Thu, 14 Mar 2024 21:03:31 GMT
content-type: image/gif
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=31536000; includeSubDomains
GET

https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

37.157.6.233:443

Request

GET /serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0 HTTP/2.0
host: c1.adform.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: nginx
date: Thu, 14 Mar 2024 21:03:55 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
set-cookie: C=1; expires=Sun, 14 Apr 2024 21:03:55 GMT; domain=adform.net; path=/; secure; samesite=none
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=31536000; includeSubDomains
GET

https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

37.157.6.233:443

Request

GET /serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0 HTTP/2.0
host: c1.adform.net
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Thu, 14 Mar 2024 21:03:55 GMT
content-type: image/gif
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=31536000; includeSubDomains
GET

https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

37.157.6.233:443

Request

GET /serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0 HTTP/2.0
host: c1.adform.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: nginx
date: Thu, 14 Mar 2024 21:03:57 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
set-cookie: C=1; expires=Sun, 14 Apr 2024 21:03:57 GMT; domain=adform.net; path=/; secure; samesite=none
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=31536000; includeSubDomains
GET

https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

37.157.6.233:443

Request

GET /serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0 HTTP/2.0
host: c1.adform.net
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Thu, 14 Mar 2024 21:03:57 GMT
content-type: image/gif
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=31536000; includeSubDomains
GET

https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

msedge.exe

Remote address:

89.207.16.204:443

Request

GET /match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D HTTP/2.0
host: prebid-match.dotomi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

server: nginx
date: Thu, 14 Mar 2024 21:02:18 GMT
cache-control: no-cache, private, max-age=0, no-store
expires: 0
pragma: no-cache
GET

https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

msedge.exe

Remote address:

89.207.16.204:443

Request

GET /match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D HTTP/2.0
host: prebid-match.dotomi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

server: nginx
date: Thu, 14 Mar 2024 21:02:20 GMT
cache-control: no-cache, private, max-age=0, no-store
expires: 0
pragma: no-cache
GET

https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

msedge.exe

Remote address:

89.207.16.204:443

Request

GET /match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D HTTP/2.0
host: prebid-match.dotomi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

server: nginx
date: Thu, 14 Mar 2024 21:02:21 GMT
cache-control: no-cache, private, max-age=0, no-store
expires: 0
pragma: no-cache
GET

https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

msedge.exe

Remote address:

89.207.16.204:443

Request

GET /match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D HTTP/2.0
host: prebid-match.dotomi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

server: nginx
date: Thu, 14 Mar 2024 21:02:51 GMT
cache-control: no-cache, private, max-age=0, no-store
expires: 0
pragma: no-cache
GET

https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

msedge.exe

Remote address:

89.207.16.204:443

Request

GET /match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D HTTP/2.0
host: prebid-match.dotomi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

server: nginx
date: Thu, 14 Mar 2024 21:02:52 GMT
cache-control: no-cache, private, max-age=0, no-store
expires: 0
pragma: no-cache
GET

https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

msedge.exe

Remote address:

89.207.16.204:443

Request

GET /match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D HTTP/2.0
host: prebid-match.dotomi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

server: nginx
date: Thu, 14 Mar 2024 21:02:53 GMT
cache-control: no-cache, private, max-age=0, no-store
expires: 0
pragma: no-cache
GET

https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

msedge.exe

Remote address:

89.207.16.204:443

Request

GET /match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D HTTP/2.0
host: prebid-match.dotomi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

server: nginx
date: Thu, 14 Mar 2024 21:02:54 GMT
cache-control: no-cache, private, max-age=0, no-store
expires: 0
pragma: no-cache
GET

https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

msedge.exe

Remote address:

89.207.16.204:443

Request

GET /match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D HTTP/2.0
host: prebid-match.dotomi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

server: nginx
date: Thu, 14 Mar 2024 21:02:55 GMT
cache-control: no-cache, private, max-age=0, no-store
expires: 0
pragma: no-cache
GET

https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

msedge.exe

Remote address:

89.207.16.204:443

Request

GET /match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D HTTP/2.0
host: prebid-match.dotomi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

server: nginx
date: Thu, 14 Mar 2024 21:02:57 GMT
cache-control: no-cache, private, max-age=0, no-store
expires: 0
pragma: no-cache
GET

https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

msedge.exe

Remote address:

89.207.16.204:443

Request

GET /match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D HTTP/2.0
host: prebid-match.dotomi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

server: nginx
date: Thu, 14 Mar 2024 21:03:21 GMT
cache-control: no-cache, private, max-age=0, no-store
expires: 0
pragma: no-cache
GET

https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

msedge.exe

Remote address:

89.207.16.204:443

Request

GET /match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D HTTP/2.0
host: prebid-match.dotomi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

server: nginx
date: Thu, 14 Mar 2024 21:03:22 GMT
cache-control: no-cache, private, max-age=0, no-store
expires: 0
pragma: no-cache
GET

https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

msedge.exe

Remote address:

89.207.16.204:443

Request

GET /match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D HTTP/2.0
host: prebid-match.dotomi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

server: nginx
date: Thu, 14 Mar 2024 21:03:22 GMT
cache-control: no-cache, private, max-age=0, no-store
expires: 0
pragma: no-cache
GET

https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

msedge.exe

Remote address:

89.207.16.204:443

Request

GET /match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D HTTP/2.0
host: prebid-match.dotomi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

server: nginx
date: Thu, 14 Mar 2024 21:03:23 GMT
cache-control: no-cache, private, max-age=0, no-store
expires: 0
pragma: no-cache
GET

https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

msedge.exe

Remote address:

89.207.16.204:443

Request

GET /match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D HTTP/2.0
host: prebid-match.dotomi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

server: nginx
date: Thu, 14 Mar 2024 21:03:24 GMT
cache-control: no-cache, private, max-age=0, no-store
expires: 0
pragma: no-cache
GET

https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

msedge.exe

Remote address:

89.207.16.204:443

Request

GET /match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D HTTP/2.0
host: prebid-match.dotomi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

server: nginx
date: Thu, 14 Mar 2024 21:03:24 GMT
cache-control: no-cache, private, max-age=0, no-store
expires: 0
pragma: no-cache
GET

https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

msedge.exe

Remote address:

89.207.16.204:443

Request

GET /match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D HTTP/2.0
host: prebid-match.dotomi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

server: nginx
date: Thu, 14 Mar 2024 21:03:26 GMT
cache-control: no-cache, private, max-age=0, no-store
expires: 0
pragma: no-cache
GET

https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

msedge.exe

Remote address:

89.207.16.204:443

Request

GET /match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D HTTP/2.0
host: prebid-match.dotomi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

server: nginx
date: Thu, 14 Mar 2024 21:03:27 GMT
cache-control: no-cache, private, max-age=0, no-store
expires: 0
pragma: no-cache
GET

https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

msedge.exe

Remote address:

89.207.16.204:443

Request

GET /match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D HTTP/2.0
host: prebid-match.dotomi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

server: nginx
date: Thu, 14 Mar 2024 21:03:28 GMT
cache-control: no-cache, private, max-age=0, no-store
expires: 0
pragma: no-cache
GET

https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

msedge.exe

Remote address:

89.207.16.204:443

Request

GET /match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D HTTP/2.0
host: prebid-match.dotomi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

server: nginx
date: Thu, 14 Mar 2024 21:03:31 GMT
cache-control: no-cache, private, max-age=0, no-store
expires: 0
pragma: no-cache
GET

https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

msedge.exe

Remote address:

89.207.16.204:443

Request

GET /match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D HTTP/2.0
host: prebid-match.dotomi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

server: nginx
date: Thu, 14 Mar 2024 21:03:51 GMT
cache-control: no-cache, private, max-age=0, no-store
expires: 0
pragma: no-cache
GET

https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

msedge.exe

Remote address:

89.207.16.204:443

Request

GET /match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D HTTP/2.0
host: prebid-match.dotomi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

server: nginx
date: Thu, 14 Mar 2024 21:03:52 GMT
cache-control: no-cache, private, max-age=0, no-store
expires: 0
pragma: no-cache
GET

https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

msedge.exe

Remote address:

89.207.16.204:443

Request

GET /match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D HTTP/2.0
host: prebid-match.dotomi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

server: nginx
date: Thu, 14 Mar 2024 21:03:54 GMT
cache-control: no-cache, private, max-age=0, no-store
expires: 0
pragma: no-cache
GET

https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

msedge.exe

Remote address:

89.207.16.204:443

Request

GET /match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D HTTP/2.0
host: prebid-match.dotomi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

server: nginx
date: Thu, 14 Mar 2024 21:03:56 GMT
cache-control: no-cache, private, max-age=0, no-store
expires: 0
pragma: no-cache
GET

https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

msedge.exe

Remote address:

89.207.16.204:443

Request

GET /match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D HTTP/2.0
host: prebid-match.dotomi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

server: nginx
date: Thu, 14 Mar 2024 21:03:57 GMT
cache-control: no-cache, private, max-age=0, no-store
expires: 0
pragma: no-cache
GET

https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

msedge.exe

Remote address:

89.207.16.204:443

Request

GET /match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D HTTP/2.0
host: prebid-match.dotomi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

server: nginx
date: Thu, 14 Mar 2024 21:03:59 GMT
cache-control: no-cache, private, max-age=0, no-store
expires: 0
pragma: no-cache
GET

https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

msedge.exe

Remote address:

89.207.16.204:443

Request

GET /match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D HTTP/2.0
host: prebid-match.dotomi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

server: nginx
date: Thu, 14 Mar 2024 21:04:00 GMT
cache-control: no-cache, private, max-age=0, no-store
expires: 0
pragma: no-cache
GET

https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

msedge.exe

Remote address:

89.207.16.204:443

Request

GET /match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D HTTP/2.0
host: prebid-match.dotomi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

server: nginx
date: Thu, 14 Mar 2024 21:04:01 GMT
cache-control: no-cache, private, max-age=0, no-store
expires: 0
pragma: no-cache
GET

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_bafd225f-69ab-4af2-b288-ccd95597959c&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__

msedge.exe

Remote address:

50.31.142.95:443

Request

GET /usersync/gumgum/?puid=e_bafd225f-69ab-4af2-b288-ccd95597959c&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP/1.1
Host: b1sync.zemanta.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://g2.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Content-Type: text/html; charset=utf-8
Content-Length: 218
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Location: /usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=e_bafd225f-69ab-4af2-b288-ccd95597959c&s=2&us_privacy=1---
P3p: CP="We do not support P3P header."
Pragma: no-cache
Set-Cookie: zuid=qkh52qBk8UPDQ9I0Bp0T; Path=/; Domain=zemanta.com; Expires=Fri, 14 Mar 2025 21:02:18 GMT; Max-Age=31536000; Secure; SameSite=None
Date: Thu, 14 Mar 2024 21:02:18 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
GET

https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=e_bafd225f-69ab-4af2-b288-ccd95597959c&s=2&us_privacy=1---

msedge.exe

Remote address:

50.31.142.95:443

Request

GET /usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=e_bafd225f-69ab-4af2-b288-ccd95597959c&s=2&us_privacy=1--- HTTP/1.1
Host: b1sync.zemanta.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://g2.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: image/gif
Content-Length: 26
P3p: CP="We do not support P3P header."
Set-Cookie: zuid=WZIc7hRnmai_DcxE1cAm; Path=/; Domain=zemanta.com; Expires=Fri, 14 Mar 2025 21:02:19 GMT; Max-Age=31536000; Secure; SameSite=None
Date: Thu, 14 Mar 2024 21:02:19 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
GET

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_42b4f343-c748-4a1c-af2d-c580b1cb3a8b&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__

msedge.exe

Remote address:

50.31.142.95:443

Request

GET /usersync/gumgum/?puid=e_42b4f343-c748-4a1c-af2d-c580b1cb3a8b&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP/1.1
Host: b1sync.zemanta.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Content-Type: text/html; charset=utf-8
Content-Length: 102
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Location: https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0
Pragma: no-cache
Date: Thu, 14 Mar 2024 21:02:20 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
GET

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_9325befe-7c61-44f2-a2c3-d8e0df605064&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__

msedge.exe

Remote address:

50.31.142.95:443

Request

GET /usersync/gumgum/?puid=e_9325befe-7c61-44f2-a2c3-d8e0df605064&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP/1.1
Host: b1sync.zemanta.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Content-Type: text/html; charset=utf-8
Content-Length: 102
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Location: https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0
Pragma: no-cache
Date: Thu, 14 Mar 2024 21:02:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
GET

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_b14c2044-9b0e-47c5-a311-93f487bb056b&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__

msedge.exe

Remote address:

50.31.142.95:443

Request

GET /usersync/gumgum/?puid=e_b14c2044-9b0e-47c5-a311-93f487bb056b&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP/1.1
Host: b1sync.zemanta.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Content-Type: text/html; charset=utf-8
Content-Length: 102
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Location: https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0
Pragma: no-cache
Date: Thu, 14 Mar 2024 21:02:23 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
GET

https://tg.socdm.com/aux/idsync?proto=gumgum

msedge.exe

Remote address:

124.146.153.161:443

Request

GET /aux/idsync?proto=gumgum HTTP/1.1
Host: tg.socdm.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://g2.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Server: nginx
Date: Thu, 14 Mar 2024 21:02:19 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: private
Location: https://usersync.gumgum.com/usersync?b=sus&i=ZfNl28Co8YIAAOd4Do0AAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time: 2
X-SO-HostName: m-ad153.dc4p.scaleout.jp
X-SO-LB-Hostname: m-tgng30.dc4p.scaleout.jp
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZfNl28Co8YIAAOd4Do0AAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad153"}
X-SO-Key: ZfNl28Co8YIAAOd4Do0AAAAA
X-SO-IP: 89.149.23.59
X-SO-Cluster-ID: 0
X-SO-Upstream-ID: m-ad153
GET

https://tg.socdm.com/aux/idsync?proto=gumgum

msedge.exe

Remote address:

124.146.153.161:443

Request

GET /aux/idsync?proto=gumgum HTTP/1.1
Host: tg.socdm.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Server: nginx
Date: Thu, 14 Mar 2024 21:02:22 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: private
Location: https://usersync.gumgum.com/usersync?b=sus&i=ZfNl3sCo8YIAAOd4D94AAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time: 1
X-SO-HostName: a-ad40093.dc2p.scaleout.jp
X-SO-LB-Hostname: m-tgng30.dc4p.scaleout.jp
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZfNl3sCo8YIAAOd4D94AAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40093"}
X-SO-Key: ZfNl3sCo8YIAAOd4D94AAAAA
X-SO-IP: 89.149.23.59
X-SO-Cluster-ID: 0
X-SO-Upstream-ID: a-ad40093
GET

https://tg.socdm.com/aux/idsync?proto=gumgum

msedge.exe

Remote address:

124.146.153.161:443

Request

GET /aux/idsync?proto=gumgum HTTP/1.1
Host: tg.socdm.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Server: nginx
Date: Thu, 14 Mar 2024 21:02:23 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: private
Location: https://usersync.gumgum.com/usersync?b=sus&i=ZfNl38Co8YIAAOd4D-wAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time: 3
X-SO-HostName: a-ad40109.dc2p.scaleout.jp
X-SO-LB-Hostname: m-tgng30.dc4p.scaleout.jp
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZfNl38Co8YIAAOd4D-wAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40109"}
X-SO-Key: ZfNl38Co8YIAAOd4D-wAAAAA
X-SO-IP: 89.149.23.59
X-SO-Cluster-ID: 0
X-SO-Upstream-ID: a-ad40109
GET

https://tg.socdm.com/aux/idsync?proto=gumgum

msedge.exe

Remote address:

124.146.153.161:443

Request

GET /aux/idsync?proto=gumgum HTTP/1.1
Host: tg.socdm.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Server: nginx
Date: Thu, 14 Mar 2024 21:02:23 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: private
Location: https://usersync.gumgum.com/usersync?b=sus&i=ZfNl38Co8YIAAOd4EBsAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time: 2
X-SO-HostName: a-ad40278.dc2p.scaleout.jp
X-SO-LB-Hostname: m-tgng30.dc4p.scaleout.jp
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZfNl38Co8YIAAOd4EBsAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40278"}
X-SO-Key: ZfNl38Co8YIAAOd4EBsAAAAA
X-SO-IP: 89.149.23.59
X-SO-Cluster-ID: 0
X-SO-Upstream-ID: a-ad40278
GET

https://creativecdn.com/cm-notify?pi=gumgum

msedge.exe

Remote address:

185.184.8.90:443

Request

GET /cm-notify?pi=gumgum HTTP/2.0
host: creativecdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:02:18 GMT
vary: Accept-Encoding
set-cookie: g=psZcGHVZV5sPgJ5Ri8Lx_1710450138319;Path=/;Domain=.creativecdn.com;Expires=Fri, 14-Mar-2025 21:02:18 GMT;Max-Age=31536000;Secure;SameSite=None
set-cookie: ts=1710450138;Path=/;Domain=.creativecdn.com;Expires=Fri, 14-Mar-2025 21:02:18 GMT;Max-Age=31536000;Secure;SameSite=None;Partitioned
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://creativecdn.com/cm-notify?pi=gumgum&tc=1
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
date: Thu, 14 Mar 2024 21:02:18 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0
GET

https://creativecdn.com/cm-notify?pi=gumgum&tc=1

msedge.exe

Remote address:

185.184.8.90:443

Request

GET /cm-notify?pi=gumgum&tc=1 HTTP/2.0
host: creativecdn.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:18 GMT
vary: Accept-Encoding
content-type: image/gif
content-length: 42
GET

https://creativecdn.com/cm-notify?pi=gumgum

msedge.exe

Remote address:

185.184.8.90:443

Request

GET /cm-notify?pi=gumgum HTTP/2.0
host: creativecdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:02:19 GMT
vary: Accept-Encoding
set-cookie: g=TzxtqS4RggszHOqdzO1a_1710450139446;Path=/;Domain=.creativecdn.com;Expires=Fri, 14-Mar-2025 21:02:19 GMT;Max-Age=31536000;Secure;SameSite=None
set-cookie: ts=1710450139;Path=/;Domain=.creativecdn.com;Expires=Fri, 14-Mar-2025 21:02:19 GMT;Max-Age=31536000;Secure;SameSite=None;Partitioned
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://creativecdn.com/cm-notify?pi=gumgum&tc=1
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
date: Thu, 14 Mar 2024 21:02:19 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0
GET

https://creativecdn.com/cm-notify?pi=gumgum&tc=1

msedge.exe

Remote address:

185.184.8.90:443

Request

GET /cm-notify?pi=gumgum&tc=1 HTTP/2.0
host: creativecdn.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:19 GMT
vary: Accept-Encoding
content-type: image/gif
content-length: 42
GET

https://creativecdn.com/cm-notify?pi=gumgum

msedge.exe

Remote address:

185.184.8.90:443

Request

GET /cm-notify?pi=gumgum HTTP/2.0
host: creativecdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:02:21 GMT
vary: Accept-Encoding
set-cookie: g=sNrCBxdIZZUOtCiuafvp_1710450141042;Path=/;Domain=.creativecdn.com;Expires=Fri, 14-Mar-2025 21:02:21 GMT;Max-Age=31536000;Secure;SameSite=None
set-cookie: ts=1710450141;Path=/;Domain=.creativecdn.com;Expires=Fri, 14-Mar-2025 21:02:21 GMT;Max-Age=31536000;Secure;SameSite=None;Partitioned
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://creativecdn.com/cm-notify?pi=gumgum&tc=1
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
date: Thu, 14 Mar 2024 21:02:21 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0
GET

https://creativecdn.com/cm-notify?pi=gumgum&tc=1

msedge.exe

Remote address:

185.184.8.90:443

Request

GET /cm-notify?pi=gumgum&tc=1 HTTP/2.0
host: creativecdn.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:21 GMT
vary: Accept-Encoding
content-type: image/gif
content-length: 42
GET

https://creativecdn.com/cm-notify?pi=gumgum

msedge.exe

Remote address:

185.184.8.90:443

Request

GET /cm-notify?pi=gumgum HTTP/2.0
host: creativecdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:02:23 GMT
vary: Accept-Encoding
set-cookie: g=jqh4TTv1A2iJNQYu9A3v_1710450143072;Path=/;Domain=.creativecdn.com;Expires=Fri, 14-Mar-2025 21:02:23 GMT;Max-Age=31536000;Secure;SameSite=None
set-cookie: ts=1710450143;Path=/;Domain=.creativecdn.com;Expires=Fri, 14-Mar-2025 21:02:23 GMT;Max-Age=31536000;Secure;SameSite=None;Partitioned
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://creativecdn.com/cm-notify?pi=gumgum&tc=1
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
date: Thu, 14 Mar 2024 21:02:23 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0
GET

https://creativecdn.com/cm-notify?pi=gumgum&tc=1

msedge.exe

Remote address:

185.184.8.90:443

Request

GET /cm-notify?pi=gumgum&tc=1 HTTP/2.0
host: creativecdn.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:23 GMT
vary: Accept-Encoding
content-type: image/gif
content-length: 42
GET

https://creativecdn.com/cm-notify?pi=gumgum

msedge.exe

Remote address:

185.184.8.90:443

Request

GET /cm-notify?pi=gumgum HTTP/2.0
host: creativecdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:02:54 GMT
vary: Accept-Encoding
set-cookie: g=d5xokKGdTYy7w5kCzqdb_1710450174619;Path=/;Domain=.creativecdn.com;Expires=Fri, 14-Mar-2025 21:02:54 GMT;Max-Age=31536000;Secure;SameSite=None
set-cookie: ts=1710450174;Path=/;Domain=.creativecdn.com;Expires=Fri, 14-Mar-2025 21:02:54 GMT;Max-Age=31536000;Secure;SameSite=None;Partitioned
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://creativecdn.com/cm-notify?pi=gumgum&tc=1
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
date: Thu, 14 Mar 2024 21:02:54 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0
GET

https://creativecdn.com/cm-notify?pi=gumgum&tc=1

msedge.exe

Remote address:

185.184.8.90:443

Request

GET /cm-notify?pi=gumgum&tc=1 HTTP/2.0
host: creativecdn.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:55 GMT
vary: Accept-Encoding
content-type: image/gif
content-length: 42
GET

https://creativecdn.com/cm-notify?pi=gumgum

msedge.exe

Remote address:

185.184.8.90:443

Request

GET /cm-notify?pi=gumgum HTTP/2.0
host: creativecdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:02:56 GMT
vary: Accept-Encoding
set-cookie: g=hmGaOWidggqcW9htXhqL_1710450176366;Path=/;Domain=.creativecdn.com;Expires=Fri, 14-Mar-2025 21:02:56 GMT;Max-Age=31536000;Secure;SameSite=None
set-cookie: ts=1710450176;Path=/;Domain=.creativecdn.com;Expires=Fri, 14-Mar-2025 21:02:56 GMT;Max-Age=31536000;Secure;SameSite=None;Partitioned
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://creativecdn.com/cm-notify?pi=gumgum&tc=1
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
date: Thu, 14 Mar 2024 21:02:56 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0
GET

https://creativecdn.com/cm-notify?pi=gumgum&tc=1

msedge.exe

Remote address:

185.184.8.90:443

Request

GET /cm-notify?pi=gumgum&tc=1 HTTP/2.0
host: creativecdn.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:56 GMT
vary: Accept-Encoding
content-type: image/gif
content-length: 42
GET

https://creativecdn.com/cm-notify?pi=gumgum

msedge.exe

Remote address:

185.184.8.90:443

Request

GET /cm-notify?pi=gumgum HTTP/2.0
host: creativecdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:02:57 GMT
vary: Accept-Encoding
set-cookie: g=Y4tlbnFWSWbcMoNxzO9I_1710450177230;Path=/;Domain=.creativecdn.com;Expires=Fri, 14-Mar-2025 21:02:57 GMT;Max-Age=31536000;Secure;SameSite=None
set-cookie: ts=1710450177;Path=/;Domain=.creativecdn.com;Expires=Fri, 14-Mar-2025 21:02:57 GMT;Max-Age=31536000;Secure;SameSite=None;Partitioned
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://creativecdn.com/cm-notify?pi=gumgum&tc=1
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
date: Thu, 14 Mar 2024 21:02:57 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0
GET

https://creativecdn.com/cm-notify?pi=gumgum&tc=1

msedge.exe

Remote address:

185.184.8.90:443

Request

GET /cm-notify?pi=gumgum&tc=1 HTTP/2.0
host: creativecdn.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:57 GMT
vary: Accept-Encoding
content-type: image/gif
content-length: 42
GET

https://creativecdn.com/cm-notify?pi=gumgum

msedge.exe

Remote address:

185.184.8.90:443

Request

GET /cm-notify?pi=gumgum HTTP/2.0
host: creativecdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:02:58 GMT
vary: Accept-Encoding
set-cookie: g=EL8Okre97Ft5EtXPFvYx_1710450178845;Path=/;Domain=.creativecdn.com;Expires=Fri, 14-Mar-2025 21:02:58 GMT;Max-Age=31536000;Secure;SameSite=None
set-cookie: ts=1710450178;Path=/;Domain=.creativecdn.com;Expires=Fri, 14-Mar-2025 21:02:58 GMT;Max-Age=31536000;Secure;SameSite=None;Partitioned
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://creativecdn.com/cm-notify?pi=gumgum&tc=1
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
date: Thu, 14 Mar 2024 21:02:58 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0
GET

https://creativecdn.com/cm-notify?pi=gumgum&tc=1

msedge.exe

Remote address:

185.184.8.90:443

Request

GET /cm-notify?pi=gumgum&tc=1 HTTP/2.0
host: creativecdn.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:58 GMT
vary: Accept-Encoding
content-type: image/gif
content-length: 42
GET

https://creativecdn.com/cm-notify?pi=gumgum

msedge.exe

Remote address:

185.184.8.90:443

Request

GET /cm-notify?pi=gumgum HTTP/2.0
host: creativecdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:23 GMT
vary: Accept-Encoding
set-cookie: g=KMm1fmPo2p9gpCLCKKXL_1710450203159;Path=/;Domain=.creativecdn.com;Expires=Fri, 14-Mar-2025 21:03:23 GMT;Max-Age=31536000;Secure;SameSite=None
set-cookie: ts=1710450203;Path=/;Domain=.creativecdn.com;Expires=Fri, 14-Mar-2025 21:03:23 GMT;Max-Age=31536000;Secure;SameSite=None;Partitioned
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://creativecdn.com/cm-notify?pi=gumgum&tc=1
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
date: Thu, 14 Mar 2024 21:03:23 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0
GET

https://creativecdn.com/cm-notify?pi=gumgum&tc=1

msedge.exe

Remote address:

185.184.8.90:443

Request

GET /cm-notify?pi=gumgum&tc=1 HTTP/2.0
host: creativecdn.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:23 GMT
vary: Accept-Encoding
content-type: image/gif
content-length: 42
GET

https://creativecdn.com/cm-notify?pi=gumgum

msedge.exe

Remote address:

185.184.8.90:443

Request

GET /cm-notify?pi=gumgum HTTP/2.0
host: creativecdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:25 GMT
vary: Accept-Encoding
set-cookie: g=30KaAdNV6bt8U0OQqR1z_1710450205208;Path=/;Domain=.creativecdn.com;Expires=Fri, 14-Mar-2025 21:03:25 GMT;Max-Age=31536000;Secure;SameSite=None
set-cookie: ts=1710450205;Path=/;Domain=.creativecdn.com;Expires=Fri, 14-Mar-2025 21:03:25 GMT;Max-Age=31536000;Secure;SameSite=None;Partitioned
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://creativecdn.com/cm-notify?pi=gumgum&tc=1
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
date: Thu, 14 Mar 2024 21:03:25 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0
GET

https://creativecdn.com/cm-notify?pi=gumgum&tc=1

msedge.exe

Remote address:

185.184.8.90:443

Request

GET /cm-notify?pi=gumgum&tc=1 HTTP/2.0
host: creativecdn.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:25 GMT
vary: Accept-Encoding
content-type: image/gif
content-length: 42
GET

https://creativecdn.com/cm-notify?pi=gumgum

msedge.exe

Remote address:

185.184.8.90:443

Request

GET /cm-notify?pi=gumgum HTTP/2.0
host: creativecdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:25 GMT
vary: Accept-Encoding
set-cookie: g=MSU50MlxP0rIDs3F6PFO_1710450205428;Path=/;Domain=.creativecdn.com;Expires=Fri, 14-Mar-2025 21:03:25 GMT;Max-Age=31536000;Secure;SameSite=None
set-cookie: ts=1710450205;Path=/;Domain=.creativecdn.com;Expires=Fri, 14-Mar-2025 21:03:25 GMT;Max-Age=31536000;Secure;SameSite=None;Partitioned
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://creativecdn.com/cm-notify?pi=gumgum&tc=1
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
date: Thu, 14 Mar 2024 21:03:25 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0
GET

https://creativecdn.com/cm-notify?pi=gumgum&tc=1

msedge.exe

Remote address:

185.184.8.90:443

Request

GET /cm-notify?pi=gumgum&tc=1 HTTP/2.0
host: creativecdn.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:25 GMT
vary: Accept-Encoding
content-type: image/gif
content-length: 42
GET

https://creativecdn.com/cm-notify?pi=gumgum

msedge.exe

Remote address:

185.184.8.90:443

Request

GET /cm-notify?pi=gumgum HTTP/2.0
host: creativecdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:29 GMT
vary: Accept-Encoding
set-cookie: g=nsmJpJ3zgSQLAxmzEJ3u_1710450209182;Path=/;Domain=.creativecdn.com;Expires=Fri, 14-Mar-2025 21:03:29 GMT;Max-Age=31536000;Secure;SameSite=None
set-cookie: ts=1710450209;Path=/;Domain=.creativecdn.com;Expires=Fri, 14-Mar-2025 21:03:29 GMT;Max-Age=31536000;Secure;SameSite=None;Partitioned
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://creativecdn.com/cm-notify?pi=gumgum&tc=1
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
date: Thu, 14 Mar 2024 21:03:29 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0
GET

https://creativecdn.com/cm-notify?pi=gumgum&tc=1

msedge.exe

Remote address:

185.184.8.90:443

Request

GET /cm-notify?pi=gumgum&tc=1 HTTP/2.0
host: creativecdn.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:29 GMT
vary: Accept-Encoding
content-type: image/gif
content-length: 42
GET

https://creativecdn.com/cm-notify?pi=gumgum

msedge.exe

Remote address:

185.184.8.90:443

Request

GET /cm-notify?pi=gumgum HTTP/2.0
host: creativecdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:32 GMT
vary: Accept-Encoding
set-cookie: g=DG0Gw7TaiLmRVYB2s5qJ_1710450212025;Path=/;Domain=.creativecdn.com;Expires=Fri, 14-Mar-2025 21:03:32 GMT;Max-Age=31536000;Secure;SameSite=None
set-cookie: ts=1710450212;Path=/;Domain=.creativecdn.com;Expires=Fri, 14-Mar-2025 21:03:32 GMT;Max-Age=31536000;Secure;SameSite=None;Partitioned
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://creativecdn.com/cm-notify?pi=gumgum&tc=1
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
date: Thu, 14 Mar 2024 21:03:32 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0
GET

https://creativecdn.com/cm-notify?pi=gumgum&tc=1

msedge.exe

Remote address:

185.184.8.90:443

Request

GET /cm-notify?pi=gumgum&tc=1 HTTP/2.0
host: creativecdn.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:32 GMT
vary: Accept-Encoding
content-type: image/gif
content-length: 42
GET

https://creativecdn.com/cm-notify?pi=gumgum

msedge.exe

Remote address:

185.184.8.90:443

Request

GET /cm-notify?pi=gumgum HTTP/2.0
host: creativecdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:55 GMT
vary: Accept-Encoding
set-cookie: g=VnFHft7Yf8h38o2IblUJ_1710450235786;Path=/;Domain=.creativecdn.com;Expires=Fri, 14-Mar-2025 21:03:55 GMT;Max-Age=31536000;Secure;SameSite=None
set-cookie: ts=1710450235;Path=/;Domain=.creativecdn.com;Expires=Fri, 14-Mar-2025 21:03:55 GMT;Max-Age=31536000;Secure;SameSite=None;Partitioned
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://creativecdn.com/cm-notify?pi=gumgum&tc=1
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
date: Thu, 14 Mar 2024 21:03:55 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0
GET

https://creativecdn.com/cm-notify?pi=gumgum&tc=1

msedge.exe

Remote address:

185.184.8.90:443

Request

GET /cm-notify?pi=gumgum&tc=1 HTTP/2.0
host: creativecdn.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:55 GMT
vary: Accept-Encoding
content-type: image/gif
content-length: 42
GET

https://creativecdn.com/cm-notify?pi=gumgum

msedge.exe

Remote address:

185.184.8.90:443

Request

GET /cm-notify?pi=gumgum HTTP/2.0
host: creativecdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:58 GMT
vary: Accept-Encoding
set-cookie: g=kgzeeGuk4JgHO17FHOfB_1710450238153;Path=/;Domain=.creativecdn.com;Expires=Fri, 14-Mar-2025 21:03:58 GMT;Max-Age=31536000;Secure;SameSite=None
set-cookie: ts=1710450238;Path=/;Domain=.creativecdn.com;Expires=Fri, 14-Mar-2025 21:03:58 GMT;Max-Age=31536000;Secure;SameSite=None;Partitioned
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://creativecdn.com/cm-notify?pi=gumgum&tc=1
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
date: Thu, 14 Mar 2024 21:03:58 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0
GET

https://creativecdn.com/cm-notify?pi=gumgum&tc=1

msedge.exe

Remote address:

185.184.8.90:443

Request

GET /cm-notify?pi=gumgum&tc=1 HTTP/2.0
host: creativecdn.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:58 GMT
vary: Accept-Encoding
content-type: image/gif
content-length: 42
GET

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID

msedge.exe

Remote address:

185.89.211.84:443

Request

GET /getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP/2.0
host: secure.adnxs.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 307

server: nginx/1.23.4
date: Thu, 14 Mar 2024 21:02:18 GMT
content-type: text/html; charset=utf-8
content-length: 0
cache-control: no-store, no-cache, private
pragma: no-cache
expires: Sat, 15 Nov 2008 16:00:00 GMT
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-xss-protection: 0
access-control-allow-credentials: true
access-control-allow-origin: *
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
location: https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID
an-x-request-uuid: 4b5e3c5a-f630-40bc-9ad1-a42a3eda7635
set-cookie: XANDR_PANID=jhlXVirZd11Xyqj1S4SyiuI_ynQZoeotOI4Sjmrs3JXfiZXR8kSnCitfurSpD-FHDTds0CowXWujcgYNbJVDtqhF_tijYu3iUqoqERzYDLY.; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 12-Jun-2024 21:02:18 GMT; Domain=.adnxs.com; Secure; Partitioned
set-cookie: receive-cookie-deprecation=1; SameSite=None; Path=/; Max-Age=314496000; Expires=Thu, 02-Mar-2034 21:02:18 GMT; Domain=.adnxs.com; Secure; HttpOnly; Partitioned
set-cookie: uuid2=2790140076719582252; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 12-Jun-2024 21:02:18 GMT; Domain=.adnxs.com; Secure; HttpOnly
x-proxy-origin: 89.149.23.59; 89.149.23.59; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
GET

https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID

msedge.exe

Remote address:

185.89.211.84:443

Request

GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID HTTP/2.0
host: secure.adnxs.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: nginx/1.23.4
date: Thu, 14 Mar 2024 21:02:18 GMT
content-type: text/html; charset=utf-8
content-length: 0
cache-control: no-store, no-cache, private
pragma: no-cache
expires: Sat, 15 Nov 2008 16:00:00 GMT
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-xss-protection: 0
access-control-allow-credentials: true
access-control-allow-origin: *
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
location: https://usersync.gumgum.com/usersync?b=apn&i=0
an-x-request-uuid: 9ea0e77c-f9be-4266-a700-462c98547ccd
set-cookie: receive-cookie-deprecation=1; SameSite=None; Path=/; Max-Age=314496000; Expires=Thu, 02-Mar-2034 21:02:18 GMT; Domain=.adnxs.com; Secure; HttpOnly; Partitioned
x-proxy-origin: 89.149.23.59; 89.149.23.59; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
GET

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID

msedge.exe

Remote address:

185.89.211.84:443

Request

GET /getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP/2.0
host: ib.adnxs.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://public.servenobid.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 307

server: nginx/1.23.4
date: Thu, 14 Mar 2024 21:02:19 GMT
content-type: text/html; charset=utf-8
content-length: 0
cache-control: no-store, no-cache, private
pragma: no-cache
expires: Sat, 15 Nov 2008 16:00:00 GMT
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-xss-protection: 0
access-control-allow-credentials: true
access-control-allow-origin: *
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526uid%253D%2524UID
an-x-request-uuid: e08a8471-8f83-49fe-ac09-b0812e67b4fd
set-cookie: XANDR_PANID=FB7jZHavz7Z668uZfwk_ZtyAoVSppu2GL7ugwb0uaCrNdgzQmp9X-4Yqss_YBDeWirsS3vvyq7i0R51hqVGdNEhgGUjDmOsFSR6jClQt2M0.; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 12-Jun-2024 21:02:19 GMT; Domain=.adnxs.com; Secure; Partitioned
set-cookie: receive-cookie-deprecation=1; SameSite=None; Path=/; Max-Age=314496000; Expires=Thu, 02-Mar-2034 21:02:19 GMT; Domain=.adnxs.com; Secure; HttpOnly; Partitioned
set-cookie: uuid2=2763814390155588377; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 12-Jun-2024 21:02:19 GMT; Domain=.adnxs.com; Secure; HttpOnly
x-proxy-origin: 89.149.23.59; 89.149.23.59; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
GET

https://ib.adnxs.com/getuid?https://ib.adnxs.com/getuidj

msedge.exe

Remote address:

185.89.211.84:443

Request

GET /getuid?https://ib.adnxs.com/getuidj HTTP/2.0
host: ib.adnxs.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
accept: */*
origin: https://s.0cf.io
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://s.0cf.io/?gdpr=1&gdprConsent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&bidid=321206534-19072067-24490-0&id=191beab17e050a2&uid=
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 307

server: nginx/1.23.4
date: Thu, 14 Mar 2024 21:02:19 GMT
content-type: text/html; charset=utf-8
content-length: 0
cache-control: no-store, no-cache, private
pragma: no-cache
expires: Sat, 15 Nov 2008 16:00:00 GMT
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-xss-protection: 0
access-control-allow-credentials: true
access-control-allow-origin: https://s.0cf.io
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fib.adnxs.com%2Fgetuidj
an-x-request-uuid: 575483df-fb19-4e73-b320-ea9e81c9a8ae
set-cookie: XANDR_PANID=tAqjtl-kVEBW-YxyRl-T4nystwzSvaRllK04FN21ZJbgQXjHzELx1ojhJtJQn455gNnnWiIPQJWCGr9Atijsjv5_PWDgrDCUa_3co6dykOo.; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 12-Jun-2024 21:02:19 GMT; Domain=.adnxs.com; Secure; Partitioned
set-cookie: receive-cookie-deprecation=1; SameSite=None; Path=/; Max-Age=314496000; Expires=Thu, 02-Mar-2034 21:02:19 GMT; Domain=.adnxs.com; Secure; HttpOnly; Partitioned
set-cookie: uuid2=4330432681988723971; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 12-Jun-2024 21:02:19 GMT; Domain=.adnxs.com; Secure; HttpOnly
x-proxy-origin: 89.149.23.59; 89.149.23.59; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
GET

https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fib.adnxs.com%2Fgetuidj

msedge.exe

Remote address:

185.89.211.84:443

Request

GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fib.adnxs.com%2Fgetuidj HTTP/2.0
host: ib.adnxs.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
accept: */*
origin: https://s.0cf.io
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://s.0cf.io/?gdpr=1&gdprConsent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&bidid=321206534-19072067-24490-0&id=191beab17e050a2&uid=
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 307

server: nginx/1.23.4
date: Thu, 14 Mar 2024 21:02:20 GMT
content-type: text/html; charset=utf-8
content-length: 0
cache-control: no-store, no-cache, private
pragma: no-cache
expires: Sat, 15 Nov 2008 16:00:00 GMT
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-xss-protection: 0
access-control-allow-credentials: true
access-control-allow-origin: https://s.0cf.io
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fib.adnxs.com%2Fgetuidj
an-x-request-uuid: 55fbed63-4816-4a1a-b9a7-00ef554160c6
set-cookie: XANDR_PANID=QTA3TGkzRJJeY0x8LLlAiBJDcOsutQ5rJKAeZV2Lf2jaqXzv9vhgBqKQPYKeEjIIazmyW-JxO6NZk_JokR_zd4xYPIU1a57kmfg0N3tbRYE.; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 12-Jun-2024 21:02:20 GMT; Domain=.adnxs.com; Secure; Partitioned
set-cookie: receive-cookie-deprecation=1; SameSite=None; Path=/; Max-Age=314496000; Expires=Thu, 02-Mar-2034 21:02:20 GMT; Domain=.adnxs.com; Secure; HttpOnly; Partitioned
set-cookie: uuid2=3459971846139933681; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 12-Jun-2024 21:02:20 GMT; Domain=.adnxs.com; Secure; HttpOnly
x-proxy-origin: 89.149.23.59; 89.149.23.59; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
GET

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID

msedge.exe

Remote address:

185.89.211.84:443

Request

GET /getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP/2.0
host: secure.adnxs.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 307

server: nginx/1.23.4
date: Thu, 14 Mar 2024 21:02:20 GMT
content-type: text/html; charset=utf-8
content-length: 0
cache-control: no-store, no-cache, private
pragma: no-cache
expires: Sat, 15 Nov 2008 16:00:00 GMT
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-xss-protection: 0
access-control-allow-credentials: true
access-control-allow-origin: *
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
location: https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID
an-x-request-uuid: a3886012-36fe-4dd1-b202-e48a2385480e
set-cookie: XANDR_PANID=HohM1A_iICGjrThLlnw28AGlUJgDI6XWxlFRiXFnGY1IilZ-Zvb8S51ydy7C9Q0S3x_Sm02KxIl9d4gi89eeOo7_TDwPi-slBZA_Qy5V8IU.; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 12-Jun-2024 21:02:20 GMT; Domain=.adnxs.com; Secure; Partitioned
set-cookie: receive-cookie-deprecation=1; SameSite=None; Path=/; Max-Age=314496000; Expires=Thu, 02-Mar-2034 21:02:20 GMT; Domain=.adnxs.com; Secure; HttpOnly; Partitioned
set-cookie: uuid2=5097333274229491212; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 12-Jun-2024 21:02:20 GMT; Domain=.adnxs.com; Secure; HttpOnly
x-proxy-origin: 89.149.23.59; 89.149.23.59; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
GET

https://ib.adnxs.com/getuid?https://ib.adnxs.com/getuidj

msedge.exe

Remote address:

185.89.211.84:443

Request

GET /getuid?https://ib.adnxs.com/getuidj HTTP/2.0
host: ib.adnxs.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
accept: */*
origin: https://s.0cf.io
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: nginx/1.23.4
date: Thu, 14 Mar 2024 21:02:20 GMT
content-type: text/html; charset=utf-8
content-length: 0
cache-control: no-store, no-cache, private
pragma: no-cache
expires: Sat, 15 Nov 2008 16:00:00 GMT
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-xss-protection: 0
access-control-allow-credentials: true
access-control-allow-origin: *
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
location: https://usersync.gumgum.com/usersync?b=apn&i=0
an-x-request-uuid: e409363b-e068-462d-9983-140525e7ce73
set-cookie: receive-cookie-deprecation=1; SameSite=None; Path=/; Max-Age=314496000; Expires=Thu, 02-Mar-2034 21:02:20 GMT; Domain=.adnxs.com; Secure; HttpOnly; Partitioned
x-proxy-origin: 89.149.23.59; 89.149.23.59; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
GET

https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID

msedge.exe

Remote address:

185.89.211.84:443

Request

GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID HTTP/2.0
host: secure.adnxs.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: nginx/1.23.4
date: Thu, 14 Mar 2024 21:02:20 GMT
content-type: text/html; charset=utf-8
content-length: 0
cache-control: no-store, no-cache, private
pragma: no-cache
expires: Sat, 15 Nov 2008 16:00:00 GMT
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-xss-protection: 0
access-control-allow-credentials: true
access-control-allow-origin: https://s.0cf.io
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
location: https://ib.adnxs.com/getuidj
an-x-request-uuid: 2857d3ef-ab8a-47d6-a023-52206b273b2f
set-cookie: receive-cookie-deprecation=1; SameSite=None; Path=/; Max-Age=314496000; Expires=Thu, 02-Mar-2034 21:02:20 GMT; Domain=.adnxs.com; Secure; HttpOnly; Partitioned
x-proxy-origin: 89.149.23.59; 89.149.23.59; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
GET

https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fib.adnxs.com%2Fgetuidj

msedge.exe

Remote address:

185.89.211.84:443

Request

GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fib.adnxs.com%2Fgetuidj HTTP/2.0
host: ib.adnxs.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
accept: */*
origin: https://s.0cf.io
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: nginx/1.23.4
date: Thu, 14 Mar 2024 21:02:20 GMT
content-type: text/html; charset=utf-8
content-length: 0
cache-control: no-store, no-cache, private
pragma: no-cache
expires: Sat, 15 Nov 2008 16:00:00 GMT
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-xss-protection: 0
access-control-allow-credentials: true
access-control-allow-origin: https://s.0cf.io
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
location: https://ib.adnxs.com/getuidj
an-x-request-uuid: f0a2b505-cf3f-4751-8bee-3fc73aba8795
set-cookie: receive-cookie-deprecation=1; SameSite=None; Path=/; Max-Age=314496000; Expires=Thu, 02-Mar-2034 21:02:20 GMT; Domain=.adnxs.com; Secure; HttpOnly; Partitioned
x-proxy-origin: 89.149.23.59; 89.149.23.59; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
GET

https://ib.adnxs.com/getuidj

msedge.exe

Remote address:

185.89.211.84:443

Request

GET /getuidj HTTP/2.0
host: ib.adnxs.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
accept: */*
origin: https://s.0cf.io
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://s.0cf.io/?gdpr=1&gdprConsent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&bidid=321206534-19072067-24490-0&id=191beab17e050a2&uid=
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx/1.23.4
date: Thu, 14 Mar 2024 21:02:20 GMT
content-type: application/json; charset=utf-8
content-length: 11
cache-control: no-store, no-cache, private
pragma: no-cache
expires: Sat, 15 Nov 2008 16:00:00 GMT
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-xss-protection: 0
access-control-allow-credentials: true
access-control-allow-origin: https://s.0cf.io
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
an-x-request-uuid: a1cc17e7-43c8-418a-81e1-f413a538ecae
set-cookie: receive-cookie-deprecation=1; SameSite=None; Path=/; Max-Age=314496000; Expires=Thu, 02-Mar-2034 21:02:20 GMT; Domain=.adnxs.com; Secure; HttpOnly; Partitioned
x-proxy-origin: 89.149.23.59; 89.149.23.59; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
GET

https://ib.adnxs.com/getuidj

msedge.exe

Remote address:

185.89.211.84:443

Request

GET /getuidj HTTP/2.0
host: ib.adnxs.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
accept: */*
origin: https://s.0cf.io
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 307

server: nginx/1.23.4
date: Thu, 14 Mar 2024 21:02:21 GMT
content-type: text/html; charset=utf-8
content-length: 0
cache-control: no-store, no-cache, private
pragma: no-cache
expires: Sat, 15 Nov 2008 16:00:00 GMT
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-xss-protection: 0
access-control-allow-credentials: true
access-control-allow-origin: *
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
location: https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID
an-x-request-uuid: b64a14fb-d989-4845-9c75-8d65580c6db2
set-cookie: XANDR_PANID=qBM4Ws7KVRpHK9vWvzls6aL6i3fLjbCVusKxRTHNwzAxSWprFzpQ9ddP2o5BZhZYaFl8kjxDAuHnqVL2wbPqN2xiuujdi06Hkj8VmgBgY5Y.; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 12-Jun-2024 21:02:21 GMT; Domain=.adnxs.com; Secure; Partitioned
set-cookie: receive-cookie-deprecation=1; SameSite=None; Path=/; Max-Age=314496000; Expires=Thu, 02-Mar-2034 21:02:21 GMT; Domain=.adnxs.com; Secure; HttpOnly; Partitioned
set-cookie: uuid2=3560992772453098477; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 12-Jun-2024 21:02:21 GMT; Domain=.adnxs.com; Secure; HttpOnly
x-proxy-origin: 89.149.23.59; 89.149.23.59; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
GET

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID

msedge.exe

Remote address:

185.89.211.84:443

Request

GET /getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP/2.0
host: secure.adnxs.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx/1.23.4
date: Thu, 14 Mar 2024 21:02:21 GMT
content-type: application/json; charset=utf-8
content-length: 11
cache-control: no-store, no-cache, private
pragma: no-cache
expires: Sat, 15 Nov 2008 16:00:00 GMT
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-xss-protection: 0
access-control-allow-credentials: true
access-control-allow-origin: https://s.0cf.io
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
an-x-request-uuid: 15567b52-a08d-41f6-8f90-a8ebc69f7dae
set-cookie: receive-cookie-deprecation=1; SameSite=None; Path=/; Max-Age=314496000; Expires=Thu, 02-Mar-2034 21:02:21 GMT; Domain=.adnxs.com; Secure; HttpOnly; Partitioned
x-proxy-origin: 89.149.23.59; 89.149.23.59; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
GET

https://ib.adnxs.com/getuid?https://ib.adnxs.com/getuidj

msedge.exe

Remote address:

185.89.211.84:443

Request

GET /getuid?https://ib.adnxs.com/getuidj HTTP/2.0
host: ib.adnxs.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
accept: */*
origin: https://s.0cf.io
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: nginx/1.23.4
date: Thu, 14 Mar 2024 21:02:22 GMT
content-type: text/html; charset=utf-8
content-length: 0
cache-control: no-store, no-cache, private
pragma: no-cache
expires: Sat, 15 Nov 2008 16:00:00 GMT
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-xss-protection: 0
access-control-allow-credentials: true
access-control-allow-origin: *
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
location: https://usersync.gumgum.com/usersync?b=apn&i=0
an-x-request-uuid: 5d532464-f53c-40c4-8c47-24e93e09f9a5
set-cookie: receive-cookie-deprecation=1; SameSite=None; Path=/; Max-Age=314496000; Expires=Thu, 02-Mar-2034 21:02:22 GMT; Domain=.adnxs.com; Secure; HttpOnly; Partitioned
x-proxy-origin: 89.149.23.59; 89.149.23.59; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
GET

https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID

msedge.exe

Remote address:

185.89.211.84:443

Request

GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID HTTP/2.0
host: secure.adnxs.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 307

server: nginx/1.23.4
date: Thu, 14 Mar 2024 21:02:22 GMT
content-type: text/html; charset=utf-8
content-length: 0
cache-control: no-store, no-cache, private
pragma: no-cache
expires: Sat, 15 Nov 2008 16:00:00 GMT
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-xss-protection: 0
access-control-allow-credentials: true
access-control-allow-origin: https://s.0cf.io
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fib.adnxs.com%2Fgetuidj
an-x-request-uuid: 50b345ad-7a8e-4a3d-9044-4bab07729ed4
set-cookie: XANDR_PANID=dHDZQX6bWWM6ICC7ju-6_tpJs4tPxLju7Jxa0OcxD_x7d1G8ADhAnFjCDIqEcYK1Ld4rwKXr2PwTJS7feVe8MePkf0b-ASdLTHYGutV9CeU.; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 12-Jun-2024 21:02:22 GMT; Domain=.adnxs.com; Secure; Partitioned
set-cookie: receive-cookie-deprecation=1; SameSite=None; Path=/; Max-Age=314496000; Expires=Thu, 02-Mar-2034 21:02:22 GMT; Domain=.adnxs.com; Secure; HttpOnly; Partitioned
set-cookie: uuid2=954470252951615472; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 12-Jun-2024 21:02:22 GMT; Domain=.adnxs.com; Secure; HttpOnly
x-proxy-origin: 89.149.23.59; 89.149.23.59; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
GET

https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526uid%253D%2524UID

msedge.exe

Remote address:

185.89.211.84:443

Request

GET /bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526uid%253D%2524UID HTTP/2.0
host: ib.adnxs.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://public.servenobid.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: nginx/1.23.4
date: Thu, 14 Mar 2024 21:02:22 GMT
content-type: text/html; charset=utf-8
content-length: 0
cache-control: no-store, no-cache, private
pragma: no-cache
expires: Sat, 15 Nov 2008 16:00:00 GMT
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-xss-protection: 0
access-control-allow-credentials: true
access-control-allow-origin: *
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
location: https://ads.servenobid.com/sync?pid=312&uid=0
an-x-request-uuid: 2719e475-356f-4875-add2-cde0fffd9915
set-cookie: receive-cookie-deprecation=1; SameSite=None; Path=/; Max-Age=314496000; Expires=Thu, 02-Mar-2034 21:02:22 GMT; Domain=.adnxs.com; Secure; HttpOnly; Partitioned
x-proxy-origin: 89.149.23.59; 89.149.23.59; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
GET

https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fib.adnxs.com%2Fgetuidj

msedge.exe

Remote address:

185.89.211.84:443

Request

GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fib.adnxs.com%2Fgetuidj HTTP/2.0
host: ib.adnxs.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
accept: */*
origin: https://s.0cf.io
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: nginx/1.23.4
date: Thu, 14 Mar 2024 21:02:22 GMT
content-type: text/html; charset=utf-8
content-length: 0
cache-control: no-store, no-cache, private
pragma: no-cache
expires: Sat, 15 Nov 2008 16:00:00 GMT
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-xss-protection: 0
access-control-allow-credentials: true
access-control-allow-origin: https://s.0cf.io
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
location: https://ib.adnxs.com/getuidj
an-x-request-uuid: aa693560-0534-42f7-9897-85194f85e742
set-cookie: receive-cookie-deprecation=1; SameSite=None; Path=/; Max-Age=314496000; Expires=Thu, 02-Mar-2034 21:02:22 GMT; Domain=.adnxs.com; Secure; HttpOnly; Partitioned
x-proxy-origin: 89.149.23.59; 89.149.23.59; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
GET

https://ib.adnxs.com/getuidj

msedge.exe

Remote address:

185.89.211.84:443

Request

GET /getuidj HTTP/2.0
host: ib.adnxs.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
accept: */*
origin: https://s.0cf.io
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx/1.23.4
date: Thu, 14 Mar 2024 21:02:22 GMT
content-type: application/json; charset=utf-8
content-length: 11
cache-control: no-store, no-cache, private
pragma: no-cache
expires: Sat, 15 Nov 2008 16:00:00 GMT
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-xss-protection: 0
access-control-allow-credentials: true
access-control-allow-origin: https://s.0cf.io
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
an-x-request-uuid: 2b2be6f1-deee-4b0d-8587-824c4b944a41
set-cookie: receive-cookie-deprecation=1; SameSite=None; Path=/; Max-Age=314496000; Expires=Thu, 02-Mar-2034 21:02:22 GMT; Domain=.adnxs.com; Secure; HttpOnly; Partitioned
x-proxy-origin: 89.149.23.59; 89.149.23.59; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
GET

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID

msedge.exe

Remote address:

185.89.211.84:443

Request

GET /getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP/2.0
host: secure.adnxs.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 307

server: nginx/1.23.4
date: Thu, 14 Mar 2024 21:02:23 GMT
content-type: text/html; charset=utf-8
content-length: 0
cache-control: no-store, no-cache, private
pragma: no-cache
expires: Sat, 15 Nov 2008 16:00:00 GMT
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-xss-protection: 0
access-control-allow-credentials: true
access-control-allow-origin: *
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
location: https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID
an-x-request-uuid: 1e15d242-2f94-4480-9263-f868f3d26ed4
set-cookie: XANDR_PANID=VfwbV3WulVKZpw8xDsuWEUKfsN9jvNflwrBB2lwzYpPkqvor8xLe7P_D5bHEurQ1lvo8LDDFn-8sviDB5BYDGVdTJF4zOlt5C1hpBMUjS80.; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 12-Jun-2024 21:02:23 GMT; Domain=.adnxs.com; Secure; Partitioned
set-cookie: receive-cookie-deprecation=1; SameSite=None; Path=/; Max-Age=314496000; Expires=Thu, 02-Mar-2034 21:02:23 GMT; Domain=.adnxs.com; Secure; HttpOnly; Partitioned
set-cookie: uuid2=6256612383898764214; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 12-Jun-2024 21:02:23 GMT; Domain=.adnxs.com; Secure; HttpOnly
x-proxy-origin: 89.149.23.59; 89.149.23.59; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
GET

https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID

msedge.exe

Remote address:

185.89.211.84:443

Request

GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID HTTP/2.0
host: secure.adnxs.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: nginx/1.23.4
date: Thu, 14 Mar 2024 21:02:23 GMT
content-type: text/html; charset=utf-8
content-length: 0
cache-control: no-store, no-cache, private
pragma: no-cache
expires: Sat, 15 Nov 2008 16:00:00 GMT
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-xss-protection: 0
access-control-allow-credentials: true
access-control-allow-origin: *
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
location: https://usersync.gumgum.com/usersync?b=apn&i=0
an-x-request-uuid: 87c7fc0a-157b-4c07-8e72-e8e35dd14fd9
set-cookie: receive-cookie-deprecation=1; SameSite=None; Path=/; Max-Age=314496000; Expires=Thu, 02-Mar-2034 21:02:23 GMT; Domain=.adnxs.com; Secure; HttpOnly; Partitioned
x-proxy-origin: 89.149.23.59; 89.149.23.59; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
DNS

usersync.gumgum.com

msedge.exe

Remote address:

8.8.8.8:53

Request

usersync.gumgum.com

IN A

Response

usersync.gumgum.com

IN A

52.210.15.1

usersync.gumgum.com

IN A

34.247.233.198

usersync.gumgum.com

IN A

34.247.205.196
DNS

usersync.gumgum.com

msedge.exe

Remote address:

8.8.8.8:53

Request

usersync.gumgum.com

IN A
GET

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D

msedge.exe

Remote address:

52.71.44.145:443

Request

GET /d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP/1.1
Host: sync.ipredictive.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://g2.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Content-Type: text/html; charset=utf-8
Date: Thu, 14 Mar 2024 21:02:18 GMT
Location: https://usersync.gumgum.com/usersync?b=vnt&i=66d637b9-bbf9-49b4-abb5-0b3ceaefdf36
Set-Cookie: cu=66d637b9-bbf9-49b4-abb5-0b3ceaefdf36|1710450138656; Path=/; Domain=ipredictive.com; Expires=Fri, 14 Mar 2025 21:02:18 GMT; Max-Age=31536000; SameSite=None; Secure
X-CI-RTID: df6c6ca2-4e3e-425e-baf4-21a98fe8c148
Content-Length: 108
Connection: keep-alive
GET

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D

msedge.exe

Remote address:

52.71.44.145:443

Request

GET /d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP/1.1
Host: sync.ipredictive.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Content-Type: text/html; charset=utf-8
Date: Thu, 14 Mar 2024 21:02:20 GMT
Location: https://usersync.gumgum.com/usersync?b=vnt&i=11fe93da-6baf-4a17-811d-28b12186d02c
Set-Cookie: cu=11fe93da-6baf-4a17-811d-28b12186d02c|1710450140132; Path=/; Domain=ipredictive.com; Expires=Fri, 14 Mar 2025 21:02:20 GMT; Max-Age=31536000; SameSite=None; Secure
X-CI-RTID: 154fa401-d8c7-47b3-9b87-2b15e6c5a691
Content-Length: 108
Connection: keep-alive
GET

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D

msedge.exe

Remote address:

52.71.44.145:443

Request

GET /d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP/1.1
Host: sync.ipredictive.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Content-Type: text/html; charset=utf-8
Date: Thu, 14 Mar 2024 21:02:21 GMT
Location: https://usersync.gumgum.com/usersync?b=vnt&i=0527c9e9-0001-4e92-b25a-2636167fd3c1
Set-Cookie: cu=0527c9e9-0001-4e92-b25a-2636167fd3c1|1710450141581; Path=/; Domain=ipredictive.com; Expires=Fri, 14 Mar 2025 21:02:21 GMT; Max-Age=31536000; SameSite=None; Secure
X-CI-RTID: e700d860-8502-4264-aadd-4f83b9b89b1e
Content-Length: 108
Connection: keep-alive
GET

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D

msedge.exe

Remote address:

52.71.44.145:443

Request

GET /d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP/1.1
Host: sync.ipredictive.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Content-Type: text/html; charset=utf-8
Date: Thu, 14 Mar 2024 21:02:23 GMT
Location: https://usersync.gumgum.com/usersync?b=vnt&i=eb79bc10-a9ac-4daf-af96-5ff1796862b7
Set-Cookie: cu=eb79bc10-a9ac-4daf-af96-5ff1796862b7|1710450143190; Path=/; Domain=ipredictive.com; Expires=Fri, 14 Mar 2025 21:02:23 GMT; Max-Age=31536000; SameSite=None; Secure
X-CI-RTID: 81cecd7b-ac5a-42e0-b3c3-e68bf29c2487
Content-Length: 108
Connection: keep-alive
GET

https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D

msedge.exe

Remote address:

169.197.150.8:443

Request

GET /usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D HTTP/2.0
host: match.deepintent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 0
date: Thu, 14 Mar 2024 21:02:18 GMT
server: c
GET

https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D

msedge.exe

Remote address:

169.197.150.8:443

Request

GET /usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D HTTP/2.0
host: match.deepintent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 0
date: Thu, 14 Mar 2024 21:02:19 GMT
server: c
GET

https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D

msedge.exe

Remote address:

169.197.150.8:443

Request

GET /usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D HTTP/2.0
host: match.deepintent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 0
date: Thu, 14 Mar 2024 21:02:21 GMT
server: c
GET

https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D

msedge.exe

Remote address:

169.197.150.8:443

Request

GET /usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D HTTP/2.0
host: match.deepintent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 0
date: Thu, 14 Mar 2024 21:02:22 GMT
server: c
GET

https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D

msedge.exe

Remote address:

169.197.150.8:443

Request

GET /usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D HTTP/2.0
host: match.deepintent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=zem&i=&gdpr=0&gdpr_consent=0 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:20 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=vnt&i=11fe93da-6baf-4a17-811d-28b12186d02c

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=vnt&i=11fe93da-6baf-4a17-811d-28b12186d02c HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:20 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=opx&i=a6a8c80d-a804-4dba-8189-5ffe749d0461&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=opx&i=a6a8c80d-a804-4dba-8189-5ffe749d0461&gdpr=0&gdpr_consent=0 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:20 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:21 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=sad&i=1847014831823629830

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=sad&i=1847014831823629830 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:22 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:23 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=opx&i=3a4265e0-6486-4195-9a3a-faf652bec80d&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=opx&i=3a4265e0-6486-4195-9a3a-faf652bec80d&gdpr=0&gdpr_consent=0 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:23 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
DNS

ssum.casalemedia.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ssum.casalemedia.com

IN A

Response

ssum.casalemedia.com

IN A

172.64.151.101

ssum.casalemedia.com

IN A

104.18.36.155
DNS

ssum.casalemedia.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ssum.casalemedia.com

IN A
DNS

rtb.openx.net

msedge.exe

Remote address:

8.8.8.8:53

Request

rtb.openx.net

IN A

Response

rtb.openx.net

IN A

35.186.253.211

rtb.openx.net

IN A

35.227.252.103
DNS

rtb.openx.net

msedge.exe

Remote address:

8.8.8.8:53

Request

rtb.openx.net

IN A
DNS

ap.lijit.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ap.lijit.com

IN A

Response

ap.lijit.com

IN CNAME

vap.lijit.com

vap.lijit.com

IN CNAME

emeas.vap.lijit.com

emeas.vap.lijit.com

IN CNAME

eu.vap.lijit.com

eu.vap.lijit.com

IN CNAME

blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com

blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com

IN A

18.203.108.67

blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com

IN A

54.154.101.9

blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com

IN A

52.30.255.45

blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com

IN A

52.17.165.98

blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com

IN A

54.229.199.32

blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com

IN A

52.19.161.39

blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com

IN A

63.32.81.121

blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com

IN A

52.51.220.206
DNS

ap.lijit.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ap.lijit.com

IN A
DNS

ap.lijit.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ap.lijit.com

IN A
GET

https://usersync.gumgum.com/usersync?b=sad&i=6229780957390024286

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=sad&i=6229780957390024286 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://g2.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:18 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=opx&i=a239d5dd-b4eb-4ff2-8137-e8518b0f81d3

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=opx&i=a239d5dd-b4eb-4ff2-8137-e8518b0f81d3 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://g2.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:19 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=apn&i=0

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=apn&i=0 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://g2.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:19 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=sus&i=ZfNl28Co8YIAAOd4Do0AAAAA

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=sus&i=ZfNl28Co8YIAAOd4Do0AAAAA HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Referer: https://g2.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:20 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:20 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=apn&i=0

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=apn&i=0 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:20 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=apn&i=0

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=apn&i=0 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:22 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=apn&i=0

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=apn&i=0 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:23 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=sus&i=ZfNl38Co8YIAAOd4D-wAAAAA

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=sus&i=ZfNl38Co8YIAAOd4D-wAAAAA HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:23 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=sus&i=ZfNl38Co8YIAAOd4EBsAAAAA

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=sus&i=ZfNl38Co8YIAAOd4EBsAAAAA HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:23 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=zem&i=&gdpr=0&gdpr_consent=0 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:23 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D19%26uid%3D%24%7BUID%7D

msedge.exe

Remote address:

35.186.253.211:443

Request

GET /sync/prebid?r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D19%26uid%3D%24%7BUID%7D HTTP/2.0
host: rtb.openx.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D19%26uid%3D%24%7BUID%7D

msedge.exe

Remote address:

35.186.253.211:443

Request

GET /sync/prebid?r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D19%26uid%3D%24%7BUID%7D HTTP/2.0
host: rtb.openx.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

msedge.exe

Remote address:

69.166.1.34:443

Request

GET /us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D HTTP/2.0
host: sync.go.sonobi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:18 GMT
content-type: image/gif
content-length: 49
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache, no-store, private
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
tcn: Choice
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-176
x-xss-protection: 0
set-cookie: HAPLB8G=s85176|ZfNl3; path=/; domain=.go.sonobi.com; SameSite=none; Secure
server: sonobi-go
GET

https://sync.go.sonobi.com/us.gif?nw=st&nuid=fHKyfRAKVDZ39DwilQps_1mVFzs

msedge.exe

Remote address:

69.166.1.34:443

Request

GET /us.gif?nw=st&nuid=fHKyfRAKVDZ39DwilQps_1mVFzs HTTP/2.0
host: sync.go.sonobi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:18 GMT
content-type: image/gif
content-length: 49
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache, no-store, private
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
tcn: Choice
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-106
x-xss-protection: 0
set-cookie: HAPLB8G=s86106|ZfNl3; path=/; domain=.go.sonobi.com; SameSite=none; Secure
server: sonobi-go
GET

https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5141210830210547066

msedge.exe

Remote address:

69.166.1.34:443

Request

GET /us.gif?nw=zt&nuid=5141210830210547066 HTTP/2.0
host: sync.go.sonobi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.unknowncheats.me/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:18 GMT
content-type: image/gif
content-length: 49
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache, no-store, private
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
tcn: Choice
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-87
x-xss-protection: 0
set-cookie: HAPLB8G=s8587|ZfNl3; path=/; domain=.go.sonobi.com; SameSite=none; Secure
server: sonobi-go
GET

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D

msedge.exe

Remote address:

69.166.1.34:443

Request

GET /usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP/2.0
host: sync.go.sonobi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://public.servenobid.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:19 GMT
content-type: text/plain; charset=utf8
content-length: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache, no-store, private
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
tcn: Choice
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-21
x-xss-protection: 0
set-cookie: HAPLB8G=s8521|ZfNl3; path=/; domain=.go.sonobi.com; SameSite=none; Secure
server: sonobi-go
GET

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

msedge.exe

Remote address:

69.166.1.34:443

Request

GET /us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D HTTP/2.0
host: sync.go.sonobi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:20 GMT
content-type: image/gif
content-length: 49
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache, no-store, private
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
tcn: Choice
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-191
x-xss-protection: 0
set-cookie: HAPLB8G=s86191|ZfNl3; path=/; domain=.go.sonobi.com; SameSite=none; Secure
server: sonobi-go
DNS

sync.1rx.io

msedge.exe

Remote address:

8.8.8.8:53

Request

sync.1rx.io

IN A

Response

sync.1rx.io

IN A

46.228.174.117
DNS

sync.1rx.io

msedge.exe

Remote address:

8.8.8.8:53

Request

sync.1rx.io

IN A

Response

sync.1rx.io

IN A

46.228.174.117
GET

https://usersync.gumgum.com/usersync?b=sad&i=9053718131989130816

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=sad&i=9053718131989130816 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:55 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=apn&i=0

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=apn&i=0 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:55 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=opx&i=9c16963e-5892-44cc-875a-60c67a6a1f4f&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=opx&i=9c16963e-5892-44cc-875a-60c67a6a1f4f&gdpr=0&gdpr_consent=0 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:55 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=sus&i=ZfNl-sCo8YsAALcG.k0AAAAA

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=sus&i=ZfNl-sCo8YsAALcG.k0AAAAA HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:55 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=sad&i=6457097766592687760

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=sad&i=6457097766592687760 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:56 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=opx&i=cfc69cc5-e403-4454-bf8a-aa053dfbaa1f&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=opx&i=cfc69cc5-e403-4454-bf8a-aa053dfbaa1f&gdpr=0&gdpr_consent=0 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:56 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=zem&i=&gdpr=0&gdpr_consent=0 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:56 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=sus&i=ZfNmAMCo8YsAALcG.vEAAAAA

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=sus&i=ZfNmAMCo8YsAALcG.vEAAAAA HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:56 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=apn&i=0

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=apn&i=0 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:56 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=vnt&i=1bb208a9-71cd-441e-b433-bd2a94f46887

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=vnt&i=1bb208a9-71cd-441e-b433-bd2a94f46887 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:57 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=sad&i=4982400275696954953

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=sad&i=4982400275696954953 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:58 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:58 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
DNS

prebid.a-mo.net

msedge.exe

Remote address:

8.8.8.8:53

Request

prebid.a-mo.net

IN A

Response

prebid.a-mo.net

IN CNAME

am6-prebid.a-mx.net

am6-prebid.a-mx.net

IN A

145.40.97.67

am6-prebid.a-mx.net

IN A

147.75.84.158

am6-prebid.a-mx.net

IN A

145.40.97.66
DNS

prebid.a-mo.net

msedge.exe

Remote address:

8.8.8.8:53

Request

prebid.a-mo.net

IN A

Response

ssc-cms.33across.com

IN CNAME

pixel.33across.com

pixel.33across.com

IN A

67.202.105.24

pixel.33across.com

IN A

67.202.105.21
DNS

ssc-cms.33across.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ssc-cms.33across.com

IN A

Response

ssc-cms.33across.com

IN CNAME

pixel.33across.com

pixel.33across.com

IN A

67.202.105.23

pixel.33across.com

IN A

67.202.105.24
DNS

ssc-cms.33across.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ssc-cms.33across.com

IN A
DNS

ups.analytics.yahoo.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ups.analytics.yahoo.com

IN A

Response

ups.analytics.yahoo.com

IN CNAME

prod.ups-ats.aolp-ds-prd.aws.oath.cloud

prod.ups-ats.aolp-ds-prd.aws.oath.cloud

IN CNAME

prod.ups-ats.eu-central-1.aolp-ds-prd.aws.oath.cloud

prod.ups-ats.eu-central-1.aolp-ds-prd.aws.oath.cloud

IN CNAME

ats-eks.eu-central-1.dcs-online-targeting-prd.aws.oath.cloud

ats-eks.eu-central-1.dcs-online-targeting-prd.aws.oath.cloud

IN A

3.71.149.231

ats-eks.eu-central-1.dcs-online-targeting-prd.aws.oath.cloud

IN A

3.75.62.37
DNS

ups.analytics.yahoo.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ups.analytics.yahoo.com

IN A
GET

https://usersync.gumgum.com/usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://g2.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:18 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=vnt&i=66d637b9-bbf9-49b4-abb5-0b3ceaefdf36

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=vnt&i=66d637b9-bbf9-49b4-abb5-0b3ceaefdf36 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://g2.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:18 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=sad&i=2625197540751552148

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=sad&i=2625197540751552148 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:20 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=zem&i=&gdpr=0&gdpr_consent=0 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:21 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=vnt&i=0527c9e9-0001-4e92-b25a-2636167fd3c1

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=vnt&i=0527c9e9-0001-4e92-b25a-2636167fd3c1 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:21 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=opx&i=3f67069a-b229-4141-b580-89f371c28b11&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=opx&i=3f67069a-b229-4141-b580-89f371c28b11&gdpr=0&gdpr_consent=0 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:22 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=sus&i=ZfNl3sCo8YIAAOd4D94AAAAA

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=sus&i=ZfNl3sCo8YIAAOd4D94AAAAA HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:23 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=sad&i=5136342417665535719

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=sad&i=5136342417665535719 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:23 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
DNS

213.245.248.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

213.245.248.13.in-addr.arpa

IN PTR

Response

213.245.248.13.in-addr.arpa

IN PTR

a0f671730127a0812awsglobalacceleratorcom
DNS

213.245.248.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

213.245.248.13.in-addr.arpa

IN PTR

Response

213.245.248.13.in-addr.arpa

IN PTR

a0f671730127a0812awsglobalacceleratorcom
DNS

206.54.22.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

206.54.22.104.in-addr.arpa

IN PTR

Response
DNS

206.54.22.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

206.54.22.104.in-addr.arpa

IN PTR

Response
DNS

8.159.244.35.in-addr.arpa

Remote address:

8.8.8.8:53

Request

8.159.244.35.in-addr.arpa

IN PTR

Response

8.159.244.35.in-addr.arpa

IN PTR

815924435bcgoogleusercontentcom
DNS

8.159.244.35.in-addr.arpa

Remote address:

8.8.8.8:53

Request

8.159.244.35.in-addr.arpa

IN PTR

Response

8.159.244.35.in-addr.arpa

IN PTR

815924435bcgoogleusercontentcom
DNS

123.51.241.34.in-addr.arpa

Remote address:

8.8.8.8:53

Request

123.51.241.34.in-addr.arpa

IN PTR

Response

123.51.241.34.in-addr.arpa

IN PTR

ec2-34-241-51-123 eu-west-1compute amazonawscom
DNS

123.51.241.34.in-addr.arpa

Remote address:

8.8.8.8:53

Request

123.51.241.34.in-addr.arpa

IN PTR
DNS

2.178.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

2.178.250.142.in-addr.arpa

IN PTR

Response

2.178.250.142.in-addr.arpa

IN PTR

lhr48s27-in-f21e100net
DNS

2.178.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

2.178.250.142.in-addr.arpa

IN PTR

Response

2.178.250.142.in-addr.arpa

IN PTR

lhr48s27-in-f21e100net
DNS

131.169.93.208.in-addr.arpa

Remote address:

8.8.8.8:53

Request

131.169.93.208.in-addr.arpa

IN PTR

Response
DNS

131.169.93.208.in-addr.arpa

Remote address:

8.8.8.8:53

Request

131.169.93.208.in-addr.arpa

IN PTR

Response
DNS

204.16.207.89.in-addr.arpa

Remote address:

8.8.8.8:53

Request

204.16.207.89.in-addr.arpa

IN PTR

Response

204.16.207.89.in-addr.arpa

IN PTR

ams04-nessy-float2dotomicom
DNS

204.16.207.89.in-addr.arpa

Remote address:

8.8.8.8:53

Request

204.16.207.89.in-addr.arpa

IN PTR
DNS

233.6.157.37.in-addr.arpa

Remote address:

8.8.8.8:53

Request

233.6.157.37.in-addr.arpa

IN PTR

Response
DNS

233.6.157.37.in-addr.arpa

Remote address:

8.8.8.8:53

Request

233.6.157.37.in-addr.arpa

IN PTR
DNS

90.8.184.185.in-addr.arpa

Remote address:

8.8.8.8:53

Request

90.8.184.185.in-addr.arpa

IN PTR

Response

90.8.184.185.in-addr.arpa

IN PTR

ip-185-184-8-90rtbhousenet
DNS

90.8.184.185.in-addr.arpa

Remote address:

8.8.8.8:53

Request

90.8.184.185.in-addr.arpa

IN PTR
DNS

84.211.89.185.in-addr.arpa

Remote address:

8.8.8.8:53

Request

84.211.89.185.in-addr.arpa

IN PTR

Response

84.211.89.185.in-addr.arpa

IN PTR

959bm-nginx-loadbalancermgmtams3adnexusnet
DNS

84.211.89.185.in-addr.arpa

Remote address:

8.8.8.8:53

Request

84.211.89.185.in-addr.arpa

IN PTR
DNS

8.150.197.169.in-addr.arpa

Remote address:

8.8.8.8:53

Request

8.150.197.169.in-addr.arpa

IN PTR

Response

8.150.197.169.in-addr.arpa

IN PTR

g deepintentcom
DNS

8.150.197.169.in-addr.arpa

Remote address:

8.8.8.8:53

Request

8.150.197.169.in-addr.arpa

IN PTR
DNS

95.142.31.50.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.142.31.50.in-addr.arpa

IN PTR

Response

95.142.31.50.in-addr.arpa

IN PTR

chioutbraincom
DNS

95.142.31.50.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.142.31.50.in-addr.arpa

IN PTR
DNS

145.44.71.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

145.44.71.52.in-addr.arpa

IN PTR

Response

145.44.71.52.in-addr.arpa

IN PTR

ec2-52-71-44-145 compute-1 amazonawscom
DNS

145.44.71.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

145.44.71.52.in-addr.arpa

IN PTR
DNS

34.1.166.69.in-addr.arpa

Remote address:

8.8.8.8:53

Request

34.1.166.69.in-addr.arpa

IN PTR

Response
DNS

34.1.166.69.in-addr.arpa

Remote address:

8.8.8.8:53

Request

34.1.166.69.in-addr.arpa

IN PTR
DNS

161.153.146.124.in-addr.arpa

Remote address:

8.8.8.8:53

Request

161.153.146.124.in-addr.arpa

IN PTR

Response
DNS

161.153.146.124.in-addr.arpa

Remote address:

8.8.8.8:53

Request

161.153.146.124.in-addr.arpa

IN PTR
DNS

211.253.186.35.in-addr.arpa

Remote address:

8.8.8.8:53

Request

211.253.186.35.in-addr.arpa

IN PTR

Response

211.253.186.35.in-addr.arpa

IN PTR

21125318635bcgoogleusercontentcom
DNS

211.253.186.35.in-addr.arpa

Remote address:

8.8.8.8:53

Request

211.253.186.35.in-addr.arpa

IN PTR
GET

https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

msedge.exe

Remote address:

3.71.149.231:443

Request

GET /ups/58448/occ?uid=191beab17e050a277%26uid%3D HTTP/2.0
host: ups.analytics.yahoo.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://ups.analytics.yahoo.com/ups/58559/occ

msedge.exe

Remote address:

3.71.149.231:443

Request

GET /ups/58559/occ HTTP/2.0
host: ups.analytics.yahoo.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://public.servenobid.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

msedge.exe

Remote address:

3.71.149.231:443

Request

GET /ups/58448/occ?uid=191beab17e050a277%26uid%3D HTTP/2.0
host: ups.analytics.yahoo.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

msedge.exe

Remote address:

3.71.149.231:443

Request

GET /ups/58448/occ?uid=191beab17e050a277%26uid%3D HTTP/2.0
host: ups.analytics.yahoo.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://ups.analytics.yahoo.com/ups/58632/occ

msedge.exe

Remote address:

3.71.149.231:443

Request

GET /ups/58632/occ HTTP/2.0
host: ups.analytics.yahoo.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://public.servenobid.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

msedge.exe

Remote address:

3.71.149.231:443

Request

GET /ups/58448/occ?uid=191beab17e050a277%26uid%3D HTTP/2.0
host: ups.analytics.yahoo.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

msedge.exe

Remote address:

3.71.149.231:443

Request

GET /ups/58448/occ?uid=191beab17e050a277%26uid%3D HTTP/2.0
host: ups.analytics.yahoo.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

msedge.exe

Remote address:

3.71.149.231:443

Request

GET /ups/58448/occ?uid=191beab17e050a277%26uid%3D HTTP/2.0
host: ups.analytics.yahoo.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

msedge.exe

Remote address:

3.71.149.231:443

Request

GET /ups/58448/occ?uid=191beab17e050a277%26uid%3D HTTP/2.0
host: ups.analytics.yahoo.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

msedge.exe

Remote address:

3.71.149.231:443

Request

GET /ups/58448/occ?uid=191beab17e050a277%26uid%3D HTTP/2.0
host: ups.analytics.yahoo.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

msedge.exe

Remote address:

3.71.149.231:443

Request

GET /ups/58448/occ?uid=191beab17e050a277%26uid%3D HTTP/2.0
host: ups.analytics.yahoo.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

msedge.exe

Remote address:

3.71.149.231:443

Request

GET /ups/58448/occ?uid=191beab17e050a277%26uid%3D HTTP/2.0
host: ups.analytics.yahoo.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

msedge.exe

Remote address:

3.71.149.231:443

Request

GET /ups/58448/occ?uid=191beab17e050a277%26uid%3D HTTP/2.0
host: ups.analytics.yahoo.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

msedge.exe

Remote address:

3.71.149.231:443

Request

GET /ups/58448/occ?uid=191beab17e050a277%26uid%3D HTTP/2.0
host: ups.analytics.yahoo.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

msedge.exe

Remote address:

3.71.149.231:443

Request

GET /ups/58448/occ?uid=191beab17e050a277%26uid%3D HTTP/2.0
host: ups.analytics.yahoo.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

msedge.exe

Remote address:

3.71.149.231:443

Request

GET /ups/58448/occ?uid=191beab17e050a277%26uid%3D HTTP/2.0
host: ups.analytics.yahoo.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

msedge.exe

Remote address:

3.71.149.231:443

Request

GET /ups/58448/occ?uid=191beab17e050a277%26uid%3D HTTP/2.0
host: ups.analytics.yahoo.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

msedge.exe

Remote address:

3.71.149.231:443

Request

GET /ups/58448/occ?uid=191beab17e050a277%26uid%3D HTTP/2.0
host: ups.analytics.yahoo.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

msedge.exe

Remote address:

3.71.149.231:443

Request

GET /ups/58448/occ?uid=191beab17e050a277%26uid%3D HTTP/2.0
host: ups.analytics.yahoo.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

msedge.exe

Remote address:

3.71.149.231:443

Request

GET /ups/58448/occ?uid=191beab17e050a277%26uid%3D HTTP/2.0
host: ups.analytics.yahoo.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

msedge.exe

Remote address:

3.71.149.231:443

Request

GET /ups/58448/occ?uid=191beab17e050a277%26uid%3D HTTP/2.0
host: ups.analytics.yahoo.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

msedge.exe

Remote address:

3.71.149.231:443

Request

GET /ups/58448/occ?uid=191beab17e050a277%26uid%3D HTTP/2.0
host: ups.analytics.yahoo.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

msedge.exe

Remote address:

3.71.149.231:443

Request

GET /ups/58448/occ?uid=191beab17e050a277%26uid%3D HTTP/2.0
host: ups.analytics.yahoo.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

msedge.exe

Remote address:

3.71.149.231:443

Request

GET /ups/58448/occ?uid=191beab17e050a277%26uid%3D HTTP/2.0
host: ups.analytics.yahoo.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

msedge.exe

Remote address:

3.71.149.231:443

Request

GET /ups/58448/occ?uid=191beab17e050a277%26uid%3D HTTP/2.0
host: ups.analytics.yahoo.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

msedge.exe

Remote address:

3.71.149.231:443

Request

GET /ups/58448/occ?uid=191beab17e050a277%26uid%3D HTTP/2.0
host: ups.analytics.yahoo.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

msedge.exe

Remote address:

3.71.149.231:443

Request

GET /ups/58448/occ?uid=191beab17e050a277%26uid%3D HTTP/2.0
host: ups.analytics.yahoo.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

msedge.exe

Remote address:

3.71.149.231:443

Request

GET /ups/58448/occ?uid=191beab17e050a277%26uid%3D HTTP/2.0
host: ups.analytics.yahoo.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

msedge.exe

Remote address:

3.71.149.231:443

Request

GET /ups/58448/occ?uid=191beab17e050a277%26uid%3D HTTP/2.0
host: ups.analytics.yahoo.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

msedge.exe

Remote address:

145.40.97.67:443

Request

GET /cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D HTTP/2.0
host: prebid.a-mo.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

cache-control: max-age=0, private, must-revalidate
content-length: 0
date: Thu, 14 Mar 2024 21:02:18 GMT
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=81&uid=?gdpr=0&gdpr_consent=0
server: envoy
set-cookie: _Amc_b=0; path=/; expires=Thu, 14 Mar 2024 21:07:19 GMT; max-age=300; secure; HttpOnly; SameSite=None
x-envoy-upstream-service-time: 1
GET

https://prebid.a-mo.net/cchain/0?gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D

msedge.exe

Remote address:

145.40.97.67:443

Request

GET /cchain/0?gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP/2.0
host: prebid.a-mo.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://public.servenobid.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

cache-control: max-age=0, private, must-revalidate
content-length: 0
date: Thu, 14 Mar 2024 21:02:18 GMT
location: https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA
server: envoy
set-cookie: _Amc_b=0; path=/; expires=Thu, 14 Mar 2024 21:07:19 GMT; max-age=300; secure; HttpOnly; SameSite=None
x-envoy-upstream-service-time: 1
GET

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

msedge.exe

Remote address:

145.40.97.67:443

Request

GET /cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D HTTP/2.0
host: prebid.a-mo.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _Amc_b=0

Response

HTTP/2.0 302

cache-control: max-age=0, private, must-revalidate
content-length: 0
date: Thu, 14 Mar 2024 21:02:19 GMT
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=81&uid=?gdpr=0&gdpr_consent=0
server: envoy
set-cookie: _Amc_b=0; path=/; expires=Thu, 14 Mar 2024 21:07:20 GMT; max-age=300; secure; HttpOnly; SameSite=None
x-envoy-upstream-service-time: 2
GET

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

msedge.exe

Remote address:

145.40.97.67:443

Request

GET /cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D HTTP/2.0
host: prebid.a-mo.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _Amc_b=0

Response

HTTP/2.0 302

cache-control: max-age=0, private, must-revalidate
content-length: 0
date: Thu, 14 Mar 2024 21:02:20 GMT
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=81&uid=?gdpr=0&gdpr_consent=0
server: envoy
set-cookie: _Amc_b=0; path=/; expires=Thu, 14 Mar 2024 21:07:21 GMT; max-age=300; secure; HttpOnly; SameSite=None
x-envoy-upstream-service-time: 1
GET

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

msedge.exe

Remote address:

145.40.97.67:443

Request

GET /cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D HTTP/2.0
host: prebid.a-mo.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _Amc_b=0

Response

HTTP/2.0 302

cache-control: max-age=0, private, must-revalidate
content-length: 0
date: Thu, 14 Mar 2024 21:02:51 GMT
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=81&uid=?gdpr=0&gdpr_consent=0
server: envoy
set-cookie: _Amc_b=0; path=/; expires=Thu, 14 Mar 2024 21:07:52 GMT; max-age=300; secure; HttpOnly; SameSite=None
x-envoy-upstream-service-time: 1
GET

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

msedge.exe

Remote address:

145.40.97.67:443

Request

GET /cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D HTTP/2.0
host: prebid.a-mo.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _Amc_b=0

Response

HTTP/2.0 302

cache-control: max-age=0, private, must-revalidate
content-length: 0
date: Thu, 14 Mar 2024 21:02:52 GMT
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=81&uid=?gdpr=0&gdpr_consent=0
server: envoy
set-cookie: _Amc_b=0; path=/; expires=Thu, 14 Mar 2024 21:07:52 GMT; max-age=300; secure; HttpOnly; SameSite=None
x-envoy-upstream-service-time: 0
GET

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

msedge.exe

Remote address:

145.40.97.67:443

Request

GET /cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D HTTP/2.0
host: prebid.a-mo.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _Amc_b=0

Response

HTTP/2.0 302

cache-control: max-age=0, private, must-revalidate
content-length: 0
date: Thu, 14 Mar 2024 21:02:52 GMT
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=81&uid=?gdpr=0&gdpr_consent=0
server: envoy
set-cookie: _Amc_b=0; path=/; expires=Thu, 14 Mar 2024 21:07:53 GMT; max-age=300; secure; HttpOnly; SameSite=None
x-envoy-upstream-service-time: 0
GET

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

msedge.exe

Remote address:

145.40.97.67:443

Request

GET /cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D HTTP/2.0
host: prebid.a-mo.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _Amc_b=0

Response

HTTP/2.0 302

cache-control: max-age=0, private, must-revalidate
content-length: 0
date: Thu, 14 Mar 2024 21:02:54 GMT
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=81&uid=?gdpr=0&gdpr_consent=0
server: envoy
set-cookie: _Amc_b=0; path=/; expires=Thu, 14 Mar 2024 21:07:55 GMT; max-age=300; secure; HttpOnly; SameSite=None
x-envoy-upstream-service-time: 6
GET

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

msedge.exe

Remote address:

145.40.97.67:443

Request

GET /cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D HTTP/2.0
host: prebid.a-mo.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _Amc_b=0

Response

HTTP/2.0 302

cache-control: max-age=0, private, must-revalidate
content-length: 0
date: Thu, 14 Mar 2024 21:02:55 GMT
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=81&uid=?gdpr=0&gdpr_consent=0
server: envoy
set-cookie: _Amc_b=0; path=/; expires=Thu, 14 Mar 2024 21:07:55 GMT; max-age=300; secure; HttpOnly; SameSite=None
x-envoy-upstream-service-time: 3
GET

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

msedge.exe

Remote address:

145.40.97.67:443

Request

GET /cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D HTTP/2.0
host: prebid.a-mo.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _Amc_b=0

Response

HTTP/2.0 302

cache-control: max-age=0, private, must-revalidate
content-length: 0
date: Thu, 14 Mar 2024 21:02:57 GMT
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=81&uid=?gdpr=0&gdpr_consent=0
server: envoy
set-cookie: _Amc_b=0; path=/; expires=Thu, 14 Mar 2024 21:07:57 GMT; max-age=300; secure; HttpOnly; SameSite=None
x-envoy-upstream-service-time: 1
GET

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

msedge.exe

Remote address:

145.40.97.67:443

Request

GET /cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D HTTP/2.0
host: prebid.a-mo.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _Amc_b=0

Response

HTTP/2.0 302

cache-control: max-age=0, private, must-revalidate
content-length: 0
date: Thu, 14 Mar 2024 21:03:21 GMT
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=81&uid=?gdpr=0&gdpr_consent=0
server: envoy
set-cookie: _Amc_b=0; path=/; expires=Thu, 14 Mar 2024 21:08:21 GMT; max-age=300; secure; HttpOnly; SameSite=None
x-envoy-upstream-service-time: 0
GET

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

msedge.exe

Remote address:

145.40.97.67:443

Request

GET /cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D HTTP/2.0
host: prebid.a-mo.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _Amc_b=0

Response

HTTP/2.0 302

cache-control: max-age=0, private, must-revalidate
content-length: 0
date: Thu, 14 Mar 2024 21:03:22 GMT
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=81&uid=?gdpr=0&gdpr_consent=0
server: envoy
set-cookie: _Amc_b=0; path=/; expires=Thu, 14 Mar 2024 21:08:22 GMT; max-age=300; secure; HttpOnly; SameSite=None
x-envoy-upstream-service-time: 0
GET

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

msedge.exe

Remote address:

145.40.97.67:443

Request

GET /cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D HTTP/2.0
host: prebid.a-mo.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _Amc_b=0

Response

HTTP/2.0 302

cache-control: max-age=0, private, must-revalidate
content-length: 0
date: Thu, 14 Mar 2024 21:03:21 GMT
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=81&uid=?gdpr=0&gdpr_consent=0
server: envoy
set-cookie: _Amc_b=0; path=/; expires=Thu, 14 Mar 2024 21:08:22 GMT; max-age=300; secure; HttpOnly; SameSite=None
x-envoy-upstream-service-time: 1
GET

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

msedge.exe

Remote address:

145.40.97.67:443

Request

GET /cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D HTTP/2.0
host: prebid.a-mo.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _Amc_b=0

Response

HTTP/2.0 302

cache-control: max-age=0, private, must-revalidate
content-length: 0
date: Thu, 14 Mar 2024 21:03:22 GMT
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=81&uid=?gdpr=0&gdpr_consent=0
server: envoy
set-cookie: _Amc_b=0; path=/; expires=Thu, 14 Mar 2024 21:08:23 GMT; max-age=300; secure; HttpOnly; SameSite=None
x-envoy-upstream-service-time: 0
GET

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

msedge.exe

Remote address:

145.40.97.67:443

Request

GET /cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D HTTP/2.0
host: prebid.a-mo.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _Amc_b=0

Response

HTTP/2.0 302

cache-control: max-age=0, private, must-revalidate
content-length: 0
date: Thu, 14 Mar 2024 21:03:24 GMT
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=81&uid=?gdpr=0&gdpr_consent=0
server: envoy
set-cookie: _Amc_b=0; path=/; expires=Thu, 14 Mar 2024 21:08:24 GMT; max-age=300; secure; HttpOnly; SameSite=None
x-envoy-upstream-service-time: 1
GET

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

msedge.exe

Remote address:

145.40.97.67:443

Request

GET /cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D HTTP/2.0
host: prebid.a-mo.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _Amc_b=0

Response

HTTP/2.0 302

cache-control: max-age=0, private, must-revalidate
content-length: 0
date: Thu, 14 Mar 2024 21:03:24 GMT
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=81&uid=?gdpr=0&gdpr_consent=0
server: envoy
set-cookie: _Amc_b=0; path=/; expires=Thu, 14 Mar 2024 21:08:24 GMT; max-age=300; secure; HttpOnly; SameSite=None
x-envoy-upstream-service-time: 0
GET

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

msedge.exe

Remote address:

145.40.97.67:443

Request

GET /cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D HTTP/2.0
host: prebid.a-mo.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _Amc_b=0

Response

HTTP/2.0 302

cache-control: max-age=0, private, must-revalidate
content-length: 0
date: Thu, 14 Mar 2024 21:03:26 GMT
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=81&uid=?gdpr=0&gdpr_consent=0
server: envoy
set-cookie: _Amc_b=0; path=/; expires=Thu, 14 Mar 2024 21:08:26 GMT; max-age=300; secure; HttpOnly; SameSite=None
x-envoy-upstream-service-time: 1
GET

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

msedge.exe

Remote address:

145.40.97.67:443

Request

GET /cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D HTTP/2.0
host: prebid.a-mo.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _Amc_b=0

Response

HTTP/2.0 302

cache-control: max-age=0, private, must-revalidate
content-length: 0
date: Thu, 14 Mar 2024 21:03:27 GMT
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=81&uid=?gdpr=0&gdpr_consent=0
server: envoy
set-cookie: _Amc_b=0; path=/; expires=Thu, 14 Mar 2024 21:08:27 GMT; max-age=300; secure; HttpOnly; SameSite=None
x-envoy-upstream-service-time: 0
GET

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

msedge.exe

Remote address:

145.40.97.67:443

Request

GET /cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D HTTP/2.0
host: prebid.a-mo.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _Amc_b=0

Response

HTTP/2.0 302

cache-control: max-age=0, private, must-revalidate
content-length: 0
date: Thu, 14 Mar 2024 21:03:29 GMT
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=81&uid=?gdpr=0&gdpr_consent=0
server: envoy
set-cookie: _Amc_b=0; path=/; expires=Thu, 14 Mar 2024 21:08:29 GMT; max-age=300; secure; HttpOnly; SameSite=None
x-envoy-upstream-service-time: 0
GET

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

msedge.exe

Remote address:

145.40.97.67:443

Request

GET /cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D HTTP/2.0
host: prebid.a-mo.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _Amc_b=0

Response

HTTP/2.0 302

cache-control: max-age=0, private, must-revalidate
content-length: 0
date: Thu, 14 Mar 2024 21:03:31 GMT
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=81&uid=?gdpr=0&gdpr_consent=0
server: envoy
set-cookie: _Amc_b=0; path=/; expires=Thu, 14 Mar 2024 21:08:31 GMT; max-age=300; secure; HttpOnly; SameSite=None
x-envoy-upstream-service-time: 1
GET

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

msedge.exe

Remote address:

145.40.97.67:443

Request

GET /cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D HTTP/2.0
host: prebid.a-mo.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _Amc_b=0

Response

HTTP/2.0 302

cache-control: max-age=0, private, must-revalidate
content-length: 0
date: Thu, 14 Mar 2024 21:03:51 GMT
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=81&uid=?gdpr=0&gdpr_consent=0
server: envoy
set-cookie: _Amc_b=0; path=/; expires=Thu, 14 Mar 2024 21:08:52 GMT; max-age=300; secure; HttpOnly; SameSite=None
x-envoy-upstream-service-time: 1
GET

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

msedge.exe

Remote address:

145.40.97.67:443

Request

GET /cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D HTTP/2.0
host: prebid.a-mo.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _Amc_b=0

Response

HTTP/2.0 302

cache-control: max-age=0, private, must-revalidate
content-length: 0
date: Thu, 14 Mar 2024 21:03:52 GMT
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=81&uid=?gdpr=0&gdpr_consent=0
server: envoy
set-cookie: _Amc_b=0; path=/; expires=Thu, 14 Mar 2024 21:08:53 GMT; max-age=300; secure; HttpOnly; SameSite=None
x-envoy-upstream-service-time: 0
GET

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

msedge.exe

Remote address:

145.40.97.67:443

Request

GET /cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D HTTP/2.0
host: prebid.a-mo.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _Amc_b=0

Response

HTTP/2.0 302

cache-control: max-age=0, private, must-revalidate
content-length: 0
date: Thu, 14 Mar 2024 21:03:54 GMT
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=81&uid=?gdpr=0&gdpr_consent=0
server: envoy
set-cookie: _Amc_b=0; path=/; expires=Thu, 14 Mar 2024 21:08:54 GMT; max-age=300; secure; HttpOnly; SameSite=None
x-envoy-upstream-service-time: 1
GET

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

msedge.exe

Remote address:

145.40.97.67:443

Request

GET /cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D HTTP/2.0
host: prebid.a-mo.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _Amc_b=0

Response

HTTP/2.0 302

cache-control: max-age=0, private, must-revalidate
content-length: 0
date: Thu, 14 Mar 2024 21:03:56 GMT
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=81&uid=?gdpr=0&gdpr_consent=0
server: envoy
set-cookie: _Amc_b=0; path=/; expires=Thu, 14 Mar 2024 21:08:56 GMT; max-age=300; secure; HttpOnly; SameSite=None
x-envoy-upstream-service-time: 1
GET

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

msedge.exe

Remote address:

145.40.97.67:443

Request

GET /cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D HTTP/2.0
host: prebid.a-mo.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _Amc_b=0

Response

HTTP/2.0 302

cache-control: max-age=0, private, must-revalidate
content-length: 0
date: Thu, 14 Mar 2024 21:03:58 GMT
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=81&uid=?gdpr=0&gdpr_consent=0
server: envoy
set-cookie: _Amc_b=0; path=/; expires=Thu, 14 Mar 2024 21:08:58 GMT; max-age=300; secure; HttpOnly; SameSite=None
x-envoy-upstream-service-time: 1
GET

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

msedge.exe

Remote address:

145.40.97.67:443

Request

GET /cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D HTTP/2.0
host: prebid.a-mo.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _Amc_b=0

Response

HTTP/2.0 302

cache-control: max-age=0, private, must-revalidate
content-length: 0
date: Thu, 14 Mar 2024 21:03:59 GMT
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=81&uid=?gdpr=0&gdpr_consent=0
server: envoy
set-cookie: _Amc_b=0; path=/; expires=Thu, 14 Mar 2024 21:09:00 GMT; max-age=300; secure; HttpOnly; SameSite=None
x-envoy-upstream-service-time: 7
GET

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

msedge.exe

Remote address:

145.40.97.67:443

Request

GET /cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D HTTP/2.0
host: prebid.a-mo.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _Amc_b=0

Response

HTTP/2.0 302

cache-control: max-age=0, private, must-revalidate
content-length: 0
date: Thu, 14 Mar 2024 21:04:01 GMT
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=81&uid=?gdpr=0&gdpr_consent=0
server: envoy
set-cookie: _Amc_b=0; path=/; expires=Thu, 14 Mar 2024 21:09:01 GMT; max-age=300; secure; HttpOnly; SameSite=None
x-envoy-upstream-service-time: 0
GET

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

msedge.exe

Remote address:

145.40.97.67:443

Request

GET /cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D HTTP/2.0
host: prebid.a-mo.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _Amc_b=0

Response

HTTP/2.0 302

cache-control: max-age=0, private, must-revalidate
content-length: 0
date: Thu, 14 Mar 2024 21:04:01 GMT
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=81&uid=?gdpr=0&gdpr_consent=0
server: envoy
set-cookie: _Amc_b=0; path=/; expires=Thu, 14 Mar 2024 21:09:02 GMT; max-age=300; secure; HttpOnly; SameSite=None
x-envoy-upstream-service-time: 0
DNS

ib.adnxs.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ib.adnxs.com

IN A

Response

ib.adnxs.com

IN CNAME

g.geo.appnexusgslb.net

g.geo.appnexusgslb.net

IN CNAME

ib.anycast.adnxs.com

ib.anycast.adnxs.com

IN A

185.89.210.90

ib.anycast.adnxs.com

IN A

185.89.210.180

ib.anycast.adnxs.com

IN A

185.89.211.12

ib.anycast.adnxs.com

IN A

185.89.210.46

ib.anycast.adnxs.com

IN A

185.89.211.116

ib.anycast.adnxs.com

IN A

185.89.210.20

ib.anycast.adnxs.com

IN A

185.89.210.153

ib.anycast.adnxs.com

IN A

185.89.210.141

ib.anycast.adnxs.com

IN A

185.89.210.212

ib.anycast.adnxs.com

IN A

185.89.210.244

ib.anycast.adnxs.com

IN A

185.89.210.122

ib.anycast.adnxs.com

IN A

185.89.211.84
DNS

ib.adnxs.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ib.adnxs.com

IN A

Response

ib.adnxs.com

IN CNAME

g.geo.appnexusgslb.net

g.geo.appnexusgslb.net

IN CNAME

ib.anycast.adnxs.com

ib.anycast.adnxs.com

IN A

185.89.210.90

ib.anycast.adnxs.com

IN A

185.89.210.180

ib.anycast.adnxs.com

IN A

185.89.211.12

ib.anycast.adnxs.com

IN A

185.89.210.46

ib.anycast.adnxs.com

IN A

185.89.211.116

ib.anycast.adnxs.com

IN A

185.89.210.20

ib.anycast.adnxs.com

IN A

185.89.210.153

ib.anycast.adnxs.com

IN A

185.89.210.141

ib.anycast.adnxs.com

IN A

185.89.210.212

ib.anycast.adnxs.com

IN A

185.89.210.244

ib.anycast.adnxs.com

IN A

185.89.210.122

ib.anycast.adnxs.com

IN A

185.89.211.84
DNS

ce.lijit.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ce.lijit.com

IN A

Response

ce.lijit.com

IN CNAME

ce-ew1.lijit.com

ce-ew1.lijit.com

IN CNAME

raptor-prd-ew1-alb-2127381300.eu-west-1.elb.amazonaws.com

raptor-prd-ew1-alb-2127381300.eu-west-1.elb.amazonaws.com

IN A

52.18.81.199

raptor-prd-ew1-alb-2127381300.eu-west-1.elb.amazonaws.com

IN A

52.208.110.223

raptor-prd-ew1-alb-2127381300.eu-west-1.elb.amazonaws.com

IN A

34.246.118.212

raptor-prd-ew1-alb-2127381300.eu-west-1.elb.amazonaws.com

IN A

52.16.5.90

raptor-prd-ew1-alb-2127381300.eu-west-1.elb.amazonaws.com

IN A

52.50.177.153

raptor-prd-ew1-alb-2127381300.eu-west-1.elb.amazonaws.com

IN A

34.242.0.137

raptor-prd-ew1-alb-2127381300.eu-west-1.elb.amazonaws.com

IN A

52.214.8.205

raptor-prd-ew1-alb-2127381300.eu-west-1.elb.amazonaws.com

IN A

52.209.217.26
DNS

ce.lijit.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ce.lijit.com

IN A

Response

ce.lijit.com

IN CNAME

ce-ew1.lijit.com

ce-ew1.lijit.com

IN CNAME

raptor-prd-ew1-alb-2127381300.eu-west-1.elb.amazonaws.com

raptor-prd-ew1-alb-2127381300.eu-west-1.elb.amazonaws.com

IN A

52.50.177.153

raptor-prd-ew1-alb-2127381300.eu-west-1.elb.amazonaws.com

IN A

52.209.217.26

raptor-prd-ew1-alb-2127381300.eu-west-1.elb.amazonaws.com

IN A

54.155.46.140

raptor-prd-ew1-alb-2127381300.eu-west-1.elb.amazonaws.com

IN A

52.214.8.205

raptor-prd-ew1-alb-2127381300.eu-west-1.elb.amazonaws.com

IN A

34.242.0.137

raptor-prd-ew1-alb-2127381300.eu-west-1.elb.amazonaws.com

IN A

52.48.98.218

raptor-prd-ew1-alb-2127381300.eu-west-1.elb.amazonaws.com

IN A

34.248.19.205

raptor-prd-ew1-alb-2127381300.eu-west-1.elb.amazonaws.com

IN A

54.72.52.169
GET

https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D

msedge.exe

Remote address:

46.228.174.117:443

Request

GET /usersync2/rmphb?gdpr=0&gdpr_consent=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D HTTP/2.0
host: sync.1rx.io
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:02:19 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-003ae4c6-e445-4d13-979b-1c8410698f49-003%22%2C%22zdxidn%22%3A%222064%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D%22%7D; path=/; expires=Fri, 14 Mar 2025 21:02:19 GMT; domain=.1rx.io; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D&cb=1710450139161
etag: RX003ae4c6e4454d13979b1c8410698f49003
GET

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D

msedge.exe

Remote address:

46.228.174.117:443

Request

GET /usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP/2.0
host: sync.1rx.io
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://public.servenobid.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:02:19 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=22&uid=OPTOUT
etag: OPTOUT
GET

https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D&cb=1710450139161

msedge.exe

Remote address:

46.228.174.117:443

Request

GET /usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D&cb=1710450139161 HTTP/2.0
host: sync.1rx.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:02:19 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-d3b98511-2f7a-4fc8-bc36-39bb2f96859c-003%22%2C%22zdxidn%22%3A%222069.26%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D%22%7D; path=/; expires=Fri, 14 Mar 2025 21:02:19 GMT; domain=.1rx.io; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1710450139554
etag: RXd3b985112f7a4fc8bc3639bb2f96859c003
GET

https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D

msedge.exe

Remote address:

46.228.174.117:443

Request

GET /usersync2/rmphb?gdpr=0&gdpr_consent=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D HTTP/2.0
host: sync.1rx.io
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:02:20 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-d6a93a43-778b-4c9c-b0b7-4c37e7820666-003%22%2C%22zdxidn%22%3A%222064%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D%22%7D; path=/; expires=Fri, 14 Mar 2025 21:02:20 GMT; domain=.1rx.io; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D&cb=1710450140100
etag: RXd6a93a43778b4c9cb0b74c37e7820666003
GET

https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D&cb=1710450140100

msedge.exe

Remote address:

46.228.174.117:443

Request

GET /usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D&cb=1710450140100 HTTP/2.0
host: sync.1rx.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:02:20 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=22&uid=OPTOUT
etag: OPTOUT
GET

https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D

msedge.exe

Remote address:

46.228.174.117:443

Request

GET /usersync2/rmphb?gdpr=0&gdpr_consent=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D HTTP/2.0
host: sync.1rx.io
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:02:21 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-87a5721d-b340-41a7-bb5c-a9a628014f7b-003%22%2C%22zdxidn%22%3A%222064%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D%22%7D; path=/; expires=Fri, 14 Mar 2025 21:02:21 GMT; domain=.1rx.io; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D&cb=1710450141431
etag: RX87a5721db34041a7bb5ca9a628014f7b003
GET

https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D&cb=1710450141431

msedge.exe

Remote address:

46.228.174.117:443

Request

GET /usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D&cb=1710450141431 HTTP/2.0
host: sync.1rx.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:02:21 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=22&uid=OPTOUT
etag: OPTOUT
GET

https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1710450139554

msedge.exe

Remote address:

46.228.174.117:443

Request

GET /usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1710450139554 HTTP/2.0
host: sync.1rx.io
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://public.servenobid.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:02:22 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
location: https://ads.servenobid.com/sync?pid=321&uid=OPTOUT
etag: OPTOUT
DNS

ssp.disqus.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ssp.disqus.com

IN A

Response

ssp.disqus.com

IN CNAME

zeta-ssp-385516103.us-east-1.elb.amazonaws.com

zeta-ssp-385516103.us-east-1.elb.amazonaws.com

IN A

54.92.234.85

zeta-ssp-385516103.us-east-1.elb.amazonaws.com

IN A

34.203.46.26

zeta-ssp-385516103.us-east-1.elb.amazonaws.com

IN A

3.230.35.233

zeta-ssp-385516103.us-east-1.elb.amazonaws.com

IN A

18.211.88.58

zeta-ssp-385516103.us-east-1.elb.amazonaws.com

IN A

3.215.148.169

zeta-ssp-385516103.us-east-1.elb.amazonaws.com

IN A

3.222.70.158

zeta-ssp-385516103.us-east-1.elb.amazonaws.com

IN A

54.243.61.221

zeta-ssp-385516103.us-east-1.elb.amazonaws.com

IN A

34.197.250.40
DNS

ssp.disqus.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ssp.disqus.com

IN A

Response

ssp.disqus.com

IN CNAME

zeta-ssp-385516103.us-east-1.elb.amazonaws.com

zeta-ssp-385516103.us-east-1.elb.amazonaws.com

IN A

54.92.234.85

zeta-ssp-385516103.us-east-1.elb.amazonaws.com

IN A

34.203.46.26

zeta-ssp-385516103.us-east-1.elb.amazonaws.com

IN A

3.230.35.233

zeta-ssp-385516103.us-east-1.elb.amazonaws.com

IN A

18.211.88.58

zeta-ssp-385516103.us-east-1.elb.amazonaws.com

IN A

3.215.148.169

zeta-ssp-385516103.us-east-1.elb.amazonaws.com

IN A

3.222.70.158

zeta-ssp-385516103.us-east-1.elb.amazonaws.com

IN A

54.243.61.221

zeta-ssp-385516103.us-east-1.elb.amazonaws.com

IN A

34.197.250.40
DNS

ads.dxkulture.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ads.dxkulture.com

IN A

Response

ads.dxkulture.com

IN CNAME

do-default-lb.dxkulture.com

do-default-lb.dxkulture.com

IN A

45.55.126.71
DNS

ads.dxkulture.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ads.dxkulture.com

IN A

Response

ads.dxkulture.com

IN CNAME

do-default-lb.dxkulture.com

do-default-lb.dxkulture.com

IN A

45.55.126.71
GET

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D

msedge.exe

Remote address:

52.18.81.199:443

Request

GET /merge?pid=273657&3pid=273657&gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP/2.0
host: ce.lijit.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://public.servenobid.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:02:19 GMT
x-merge: Optout true
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
pragma: no-cache
expires: Fri, 20 Mar 2009 00:00:00 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
GET

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID

msedge.exe

Remote address:

54.92.234.85:443

Request

GET /redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP/2.0
host: ssp.disqus.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://public.servenobid.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:02:19 GMT
cache-control: no-store
pragma: no-cache
expires: 0
GET

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.dxkulture.com%2Fsetuid%3Fbidder%3Dzeta%26uid%3D%24UID&partner=kulturemedia

msedge.exe

Remote address:

54.92.234.85:443

Request

GET /redirectuser?r=https%3A%2F%2Fads.dxkulture.com%2Fsetuid%3Fbidder%3Dzeta%26uid%3D%24UID&partner=kulturemedia HTTP/2.0
host: ssp.disqus.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://cdn.dxkulture.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:02:19 GMT
cache-control: no-store
pragma: no-cache
expires: 0
DNS

sync-eu.connectad.io

msedge.exe

Remote address:

8.8.8.8:53

Request

sync-eu.connectad.io

IN A

Response

sync-eu.connectad.io

IN A

104.22.54.206

sync-eu.connectad.io

IN A

104.22.55.206

sync-eu.connectad.io

IN A

172.67.8.174
DNS

sync-eu.connectad.io

msedge.exe

Remote address:

8.8.8.8:53

Request

sync-eu.connectad.io

IN A
GET

https://ads.dxkulture.com/usync?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D369%26uid%3D%24UID

msedge.exe

Remote address:

45.55.126.71:443

Request

GET /usync?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D369%26uid%3D%24UID HTTP/1.1
Host: ads.dxkulture.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://cdn.dxkulture.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Date: Thu, 14 Mar 2024 21:02:19 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 119
Connection: close
Cache-Control: no-cache, no-store
Location: https://ads.servenobid.com/sync?pid=369&uid=8ef2cb38-8c36-4e69-80d6-9f685d2f2d66
Set-Cookie: mtuid=8ef2cb38-8c36-4e69-80d6-9f685d2f2d66; Path=/; Domain=dxkulture.com; Expires=Tue, 10 Sep 2024 21:02:19 GMT; Secure; SameSite=None
Vary: Origin
Strict-Transport-Security: max-age=15724800; includeSubDomains
GET

https://ads.dxkulture.com/usync/lr.gif

msedge.exe

Remote address:

45.55.126.71:443

Request

GET /usync/lr.gif HTTP/1.1
Host: ads.dxkulture.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://cdn.dxkulture.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Date: Thu, 14 Mar 2024 21:02:19 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 107
Connection: close
Cache-Control: no-cache, no-store
Location: https://idsync.rlcdn.com/712910.gif?partner_uid=2fe71f95-f992-4311-8df2-794ceaa27aab
Set-Cookie: mtuid=2fe71f95-f992-4311-8df2-794ceaa27aab; Path=/; Domain=dxkulture.com; Expires=Tue, 10 Sep 2024 21:02:19 GMT; Secure; SameSite=None
Vary: Origin
Strict-Transport-Security: max-age=15724800; includeSubDomains
GET

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

msedge.exe

Remote address:

18.203.108.67:443

Request

GET /pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID HTTP/2.0
host: ap.lijit.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:02:19 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
GET

https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID

msedge.exe

Remote address:

18.203.108.67:443

Request

GET /pixel?pid=273657&3pid=273657&gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP/2.0
host: ap.lijit.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://public.servenobid.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:02:19 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
GET

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

msedge.exe

Remote address:

18.203.108.67:443

Request

GET /pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID HTTP/2.0
host: ap.lijit.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:02:20 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
GET

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

msedge.exe

Remote address:

18.203.108.67:443

Request

GET /pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID HTTP/2.0
host: ap.lijit.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:02:21 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
GET

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

msedge.exe

Remote address:

18.203.108.67:443

Request

GET /pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID HTTP/2.0
host: ap.lijit.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:02:51 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
GET

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

msedge.exe

Remote address:

18.203.108.67:443

Request

GET /pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID HTTP/2.0
host: ap.lijit.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:02:52 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
GET

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

msedge.exe

Remote address:

18.203.108.67:443

Request

GET /pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID HTTP/2.0
host: ap.lijit.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:02:53 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
GET

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

msedge.exe

Remote address:

18.203.108.67:443

Request

GET /pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID HTTP/2.0
host: ap.lijit.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:02:55 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
GET

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

msedge.exe

Remote address:

18.203.108.67:443

Request

GET /pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID HTTP/2.0
host: ap.lijit.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:02:55 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
GET

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

msedge.exe

Remote address:

18.203.108.67:443

Request

GET /pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID HTTP/2.0
host: ap.lijit.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:02:57 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
GET

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

msedge.exe

Remote address:

18.203.108.67:443

Request

GET /pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID HTTP/2.0
host: ap.lijit.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:03:22 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
GET

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

msedge.exe

Remote address:

18.203.108.67:443

Request

GET /pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID HTTP/2.0
host: ap.lijit.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:03:22 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
GET

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

msedge.exe

Remote address:

18.203.108.67:443

Request

GET /pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID HTTP/2.0
host: ap.lijit.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:03:23 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
GET

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

msedge.exe

Remote address:

18.203.108.67:443

Request

GET /pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID HTTP/2.0
host: ap.lijit.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:03:23 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
GET

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

msedge.exe

Remote address:

18.203.108.67:443

Request

GET /pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID HTTP/2.0
host: ap.lijit.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:03:24 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
GET

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

msedge.exe

Remote address:

18.203.108.67:443

Request

GET /pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID HTTP/2.0
host: ap.lijit.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:03:24 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
GET

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

msedge.exe

Remote address:

18.203.108.67:443

Request

GET /pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID HTTP/2.0
host: ap.lijit.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:03:26 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
GET

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

msedge.exe

Remote address:

18.203.108.67:443

Request

GET /pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID HTTP/2.0
host: ap.lijit.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:03:27 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
GET

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

msedge.exe

Remote address:

18.203.108.67:443

Request

GET /pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID HTTP/2.0
host: ap.lijit.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:03:29 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
GET

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

msedge.exe

Remote address:

18.203.108.67:443

Request

GET /pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID HTTP/2.0
host: ap.lijit.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:03:31 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
GET

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

msedge.exe

Remote address:

18.203.108.67:443

Request

GET /pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID HTTP/2.0
host: ap.lijit.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:03:52 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
GET

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

msedge.exe

Remote address:

18.203.108.67:443

Request

GET /pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID HTTP/2.0
host: ap.lijit.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:03:53 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
GET

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

msedge.exe

Remote address:

18.203.108.67:443

Request

GET /pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID HTTP/2.0
host: ap.lijit.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:03:54 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
GET

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

msedge.exe

Remote address:

18.203.108.67:443

Request

GET /pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID HTTP/2.0
host: ap.lijit.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:03:56 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
GET

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

msedge.exe

Remote address:

18.203.108.67:443

Request

GET /pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID HTTP/2.0
host: ap.lijit.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:03:57 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
GET

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

msedge.exe

Remote address:

18.203.108.67:443

Request

GET /pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID HTTP/2.0
host: ap.lijit.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:03:59 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
GET

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

msedge.exe

Remote address:

18.203.108.67:443

Request

GET /pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID HTTP/2.0
host: ap.lijit.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:04:00 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
GET

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

msedge.exe

Remote address:

18.203.108.67:443

Request

GET /pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID HTTP/2.0
host: ap.lijit.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:04:02 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
DNS

image8.pubmatic.com

msedge.exe

Remote address:

8.8.8.8:53

Request

image8.pubmatic.com

IN A

Response

image8.pubmatic.com

IN CNAME

image8-v2.pubmnet.com

image8-v2.pubmnet.com

IN CNAME

imagesync-lhrc.pubmnet.com

imagesync-lhrc.pubmnet.com

IN A

185.64.190.79
DNS

image8.pubmatic.com

msedge.exe

Remote address:

8.8.8.8:53

Request

image8.pubmatic.com

IN A

Response

image8.pubmatic.com

IN CNAME

image8-v2.pubmnet.com

image8-v2.pubmnet.com

IN CNAME

imagesync-lhrc.pubmnet.com

imagesync-lhrc.pubmnet.com

IN A

185.64.190.79
DNS

match.sharethrough.com

msedge.exe

Remote address:

8.8.8.8:53

Request

match.sharethrough.com

IN A

Response

match.sharethrough.com

IN CNAME

match-eu-central-1-ecs.sharethrough.com

match-eu-central-1-ecs.sharethrough.com

IN A

18.158.75.183

match-eu-central-1-ecs.sharethrough.com

IN A

3.122.73.140

match-eu-central-1-ecs.sharethrough.com

IN A

52.28.186.109

match-eu-central-1-ecs.sharethrough.com

IN A

52.29.151.147

match-eu-central-1-ecs.sharethrough.com

IN A

54.93.196.121

match-eu-central-1-ecs.sharethrough.com

IN A

3.122.11.77

match-eu-central-1-ecs.sharethrough.com

IN A

18.197.241.118

match-eu-central-1-ecs.sharethrough.com

IN A

52.59.69.244
DNS

ssbsync-global.smartadserver.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ssbsync-global.smartadserver.com

IN A

Response

ssbsync-global.smartadserver.com

IN CNAME

usersync-geo-global.usersync-prod-sas.akadns.net

usersync-geo-global.usersync-prod-sas.akadns.net

IN CNAME

ssbsync-euw1.smartadserver.com

ssbsync-euw1.smartadserver.com

IN A

81.17.55.122

ssbsync-euw1.smartadserver.com

IN A

81.17.55.108

ssbsync-euw1.smartadserver.com

IN A

81.17.55.170

ssbsync-euw1.smartadserver.com

IN A

89.149.192.196

ssbsync-euw1.smartadserver.com

IN A

89.149.192.75

ssbsync-euw1.smartadserver.com

IN A

89.149.192.245

ssbsync-euw1.smartadserver.com

IN A

89.149.192.244

ssbsync-euw1.smartadserver.com

IN A

81.17.55.123

ssbsync-euw1.smartadserver.com

IN A

81.17.55.109

ssbsync-euw1.smartadserver.com

IN A

81.17.55.171

ssbsync-euw1.smartadserver.com

IN A

89.149.192.76

ssbsync-euw1.smartadserver.com

IN A

89.149.192.197
GET

https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

msedge.exe

Remote address:

67.202.105.24:443

Request

GET /ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X HTTP/2.0
host: ssc-cms.33across.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

x-33x-status: 2800208
server: 33XP016
date: Thu, 14 Mar 2024 21:02:18 GMT
GET

https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

msedge.exe

Remote address:

67.202.105.24:443

Request

GET /ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X HTTP/2.0
host: ssc-cms.33across.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

x-33x-status: 2800208
server: 33XP006
date: Thu, 14 Mar 2024 21:02:20 GMT
GET

https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

msedge.exe

Remote address:

67.202.105.24:443

Request

GET /ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X HTTP/2.0
host: ssc-cms.33across.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

x-33x-status: 2800208
server: 33XP017
date: Thu, 14 Mar 2024 21:02:21 GMT
DNS

sync.mathtag.com

msedge.exe

Remote address:

8.8.8.8:53

Request

sync.mathtag.com

IN A

Response

sync.mathtag.com

IN CNAME

pixel-origin.mathtag.com

pixel-origin.mathtag.com

IN A

216.200.232.253

pixel-origin.mathtag.com

IN A

74.121.140.211

pixel-origin.mathtag.com

IN A

216.200.232.249
GET

https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

msedge.exe

Remote address:

185.64.190.79:443

Request

GET /AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID HTTP/2.0
host: image8.pubmatic.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:18 GMT
content-length: 0
GET

https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

msedge.exe

Remote address:

185.64.190.79:443

Request

GET /AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID HTTP/2.0
host: image8.pubmatic.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:19 GMT
content-length: 0
GET

https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

msedge.exe

Remote address:

185.64.190.79:443

Request

GET /AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID HTTP/2.0
host: image8.pubmatic.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:20 GMT
content-length: 0
GET

https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

msedge.exe

Remote address:

185.64.190.79:443

Request

GET /AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID HTTP/2.0
host: image8.pubmatic.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:51 GMT
content-length: 0
GET

https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

msedge.exe

Remote address:

185.64.190.79:443

Request

GET /AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID HTTP/2.0
host: image8.pubmatic.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:51 GMT
content-length: 0
GET

https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

msedge.exe

Remote address:

185.64.190.79:443

Request

GET /AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID HTTP/2.0
host: image8.pubmatic.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:52 GMT
content-length: 0
GET

https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

msedge.exe

Remote address:

185.64.190.79:443

Request

GET /AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID HTTP/2.0
host: image8.pubmatic.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:55 GMT
content-length: 0
GET

https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

msedge.exe

Remote address:

185.64.190.79:443

Request

GET /AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID HTTP/2.0
host: image8.pubmatic.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:54 GMT
content-length: 0
GET

https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

msedge.exe

Remote address:

185.64.190.79:443

Request

GET /AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID HTTP/2.0
host: image8.pubmatic.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:57 GMT
content-length: 0
GET

https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

msedge.exe

Remote address:

185.64.190.79:443

Request

GET /AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID HTTP/2.0
host: image8.pubmatic.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:21 GMT
content-length: 0
GET

https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

msedge.exe

Remote address:

185.64.190.79:443

Request

GET /AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID HTTP/2.0
host: image8.pubmatic.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:23 GMT
content-length: 0
GET

https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

msedge.exe

Remote address:

185.64.190.79:443

Request

GET /AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID HTTP/2.0
host: image8.pubmatic.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:22 GMT
content-length: 0
GET

https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

msedge.exe

Remote address:

185.64.190.79:443

Request

GET /AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID HTTP/2.0
host: image8.pubmatic.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:22 GMT
content-length: 0
GET

https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

msedge.exe

Remote address:

185.64.190.79:443

Request

GET /AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID HTTP/2.0
host: image8.pubmatic.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:23 GMT
content-length: 0
GET

https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

msedge.exe

Remote address:

185.64.190.79:443

Request

GET /AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID HTTP/2.0
host: image8.pubmatic.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:23 GMT
content-length: 0
GET

https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

msedge.exe

Remote address:

185.64.190.79:443

Request

GET /AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID HTTP/2.0
host: image8.pubmatic.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:27 GMT
content-length: 0
GET

https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

msedge.exe

Remote address:

185.64.190.79:443

Request

GET /AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID HTTP/2.0
host: image8.pubmatic.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:26 GMT
content-length: 0
GET

https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

msedge.exe

Remote address:

185.64.190.79:443

Request

GET /AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID HTTP/2.0
host: image8.pubmatic.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:30 GMT
content-length: 0
GET

https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

msedge.exe

Remote address:

185.64.190.79:443

Request

GET /AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID HTTP/2.0
host: image8.pubmatic.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:30 GMT
content-length: 0
GET

https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

msedge.exe

Remote address:

185.64.190.79:443

Request

GET /AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID HTTP/2.0
host: image8.pubmatic.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:51 GMT
content-length: 0
GET

https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

msedge.exe

Remote address:

185.64.190.79:443

Request

GET /AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID HTTP/2.0
host: image8.pubmatic.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:53 GMT
content-length: 0
GET

https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

msedge.exe

Remote address:

185.64.190.79:443

Request

GET /AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID HTTP/2.0
host: image8.pubmatic.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:54 GMT
content-length: 0
GET

https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

msedge.exe

Remote address:

185.64.190.79:443

Request

GET /AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID HTTP/2.0
host: image8.pubmatic.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:57 GMT
content-length: 0
GET

https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

msedge.exe

Remote address:

185.64.190.79:443

Request

GET /AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID HTTP/2.0
host: image8.pubmatic.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:57 GMT
content-length: 0
GET

https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

msedge.exe

Remote address:

185.64.190.79:443

Request

GET /AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID HTTP/2.0
host: image8.pubmatic.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:59 GMT
content-length: 0
GET

https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

msedge.exe

Remote address:

185.64.190.79:443

Request

GET /AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID HTTP/2.0
host: image8.pubmatic.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:04:00 GMT
content-length: 0
DNS

hbx.media.net

msedge.exe

Remote address:

8.8.8.8:53

Request

hbx.media.net

IN A

Response

hbx.media.net

IN A

23.44.232.24
DNS

hbx.media.net

msedge.exe

Remote address:

8.8.8.8:53

Request

hbx.media.net

IN A

Response

hbx.media.net

IN A

23.44.232.24
GET

https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

msedge.exe

Remote address:

18.158.75.183:443

Request

GET /universal/v1?supply_id=Uj448boa HTTP/2.0
host: match.sharethrough.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:02:20 GMT
GET

https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

msedge.exe

Remote address:

18.158.75.183:443

Request

GET /universal/v1?supply_id=Uj448boa HTTP/2.0
host: match.sharethrough.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:02:20 GMT
GET

https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

msedge.exe

Remote address:

18.158.75.183:443

Request

GET /universal/v1?supply_id=Uj448boa HTTP/2.0
host: match.sharethrough.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:02:21 GMT
GET

https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&us_privacy=1YN-&

msedge.exe

Remote address:

18.158.75.183:443

Request

GET /universal/v1?supply_id=KW3eSFMR&gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&us_privacy=1YN-& HTTP/2.0
host: match.sharethrough.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://public.servenobid.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:02:22 GMT
GET

https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

msedge.exe

Remote address:

18.158.75.183:443

Request

GET /universal/v1?supply_id=Uj448boa HTTP/2.0
host: match.sharethrough.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:02:52 GMT
GET

https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

msedge.exe

Remote address:

18.158.75.183:443

Request

GET /universal/v1?supply_id=Uj448boa HTTP/2.0
host: match.sharethrough.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:02:52 GMT
GET

https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

msedge.exe

Remote address:

18.158.75.183:443

Request

GET /universal/v1?supply_id=Uj448boa HTTP/2.0
host: match.sharethrough.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:02:53 GMT
GET

https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

msedge.exe

Remote address:

18.158.75.183:443

Request

GET /universal/v1?supply_id=Uj448boa HTTP/2.0
host: match.sharethrough.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:02:55 GMT
GET

https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

msedge.exe

Remote address:

18.158.75.183:443

Request

GET /universal/v1?supply_id=Uj448boa HTTP/2.0
host: match.sharethrough.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:02:55 GMT
GET

https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

msedge.exe

Remote address:

18.158.75.183:443

Request

GET /universal/v1?supply_id=Uj448boa HTTP/2.0
host: match.sharethrough.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:02:58 GMT
GET

https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

msedge.exe

Remote address:

18.158.75.183:443

Request

GET /universal/v1?supply_id=Uj448boa HTTP/2.0
host: match.sharethrough.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:03:22 GMT
GET

https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

msedge.exe

Remote address:

18.158.75.183:443

Request

GET /universal/v1?supply_id=Uj448boa HTTP/2.0
host: match.sharethrough.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:03:22 GMT
GET

https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

msedge.exe

Remote address:

18.158.75.183:443

Request

GET /universal/v1?supply_id=Uj448boa HTTP/2.0
host: match.sharethrough.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:03:22 GMT
GET

https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

msedge.exe

Remote address:

18.158.75.183:443

Request

GET /universal/v1?supply_id=Uj448boa HTTP/2.0
host: match.sharethrough.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:03:23 GMT
GET

https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

msedge.exe

Remote address:

18.158.75.183:443

Request

GET /universal/v1?supply_id=Uj448boa HTTP/2.0
host: match.sharethrough.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:03:24 GMT
GET

https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

msedge.exe

Remote address:

18.158.75.183:443

Request

GET /universal/v1?supply_id=Uj448boa HTTP/2.0
host: match.sharethrough.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:03:24 GMT
GET

https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

msedge.exe

Remote address:

18.158.75.183:443

Request

GET /universal/v1?supply_id=Uj448boa HTTP/2.0
host: match.sharethrough.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:03:27 GMT
GET

https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

msedge.exe

Remote address:

18.158.75.183:443

Request

GET /universal/v1?supply_id=Uj448boa HTTP/2.0
host: match.sharethrough.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:03:27 GMT
GET

https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

msedge.exe

Remote address:

18.158.75.183:443

Request

GET /universal/v1?supply_id=Uj448boa HTTP/2.0
host: match.sharethrough.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:03:30 GMT
GET

https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

msedge.exe

Remote address:

18.158.75.183:443

Request

GET /universal/v1?supply_id=Uj448boa HTTP/2.0
host: match.sharethrough.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:03:31 GMT
GET

https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

msedge.exe

Remote address:

18.158.75.183:443

Request

GET /universal/v1?supply_id=Uj448boa HTTP/2.0
host: match.sharethrough.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:03:52 GMT
GET

https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

msedge.exe

Remote address:

18.158.75.183:443

Request

GET /universal/v1?supply_id=Uj448boa HTTP/2.0
host: match.sharethrough.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:03:54 GMT
GET

https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

msedge.exe

Remote address:

18.158.75.183:443

Request

GET /universal/v1?supply_id=Uj448boa HTTP/2.0
host: match.sharethrough.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:03:55 GMT
GET

https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

msedge.exe

Remote address:

18.158.75.183:443

Request

GET /universal/v1?supply_id=Uj448boa HTTP/2.0
host: match.sharethrough.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:03:56 GMT
GET

https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

msedge.exe

Remote address:

18.158.75.183:443

Request

GET /universal/v1?supply_id=Uj448boa HTTP/2.0
host: match.sharethrough.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:03:58 GMT
GET

https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

msedge.exe

Remote address:

18.158.75.183:443

Request

GET /universal/v1?supply_id=Uj448boa HTTP/2.0
host: match.sharethrough.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:04:00 GMT
GET

https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

msedge.exe

Remote address:

18.158.75.183:443

Request

GET /universal/v1?supply_id=Uj448boa HTTP/2.0
host: match.sharethrough.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 14 Mar 2024 21:04:01 GMT
GET

https://sync.mathtag.com/sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D61%26uid%3D%5BMM_UUID%5D

msedge.exe

Remote address:

216.200.232.253:443

Request

GET /sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D61%26uid%3D%5BMM_UUID%5D HTTP/1.1
Host: sync.mathtag.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Moved Temporarily

Date: Thu, 14 Mar 2024 21:02:20 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 1549 cea2cde master ord ord-pixel-x5 config_version:"437"
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: uuid=7d1c65f3-65dd-4200-918e-bbf55b6807fa; domain=.mathtag.com; path=/; expires=Fri, 11-Apr-2025 21:02:21 GMT; SameSite=None; Secure
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=61&uid=7d1c65f3-65dd-4200-918e-bbf55b6807fa&gdpr=0&gdpr_consent=0
Expires: Thu, 14 Mar 2024 21:02:19 GMT
GET

https://sync.mathtag.com/sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D61%26uid%3D%5BMM_UUID%5D

msedge.exe

Remote address:

216.200.232.253:443

Request

GET /sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D61%26uid%3D%5BMM_UUID%5D HTTP/1.1
Host: sync.mathtag.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Moved Temporarily

Date: Thu, 14 Mar 2024 21:02:21 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 1549 cea2cde master ord ord-pixel-x10 config_version:"437"
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: uuid=965e65f3-65dd-4c00-af0f-340f6521889d; domain=.mathtag.com; path=/; expires=Fri, 11-Apr-2025 21:02:21 GMT; SameSite=None; Secure
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=61&uid=965e65f3-65dd-4c00-af0f-340f6521889d&gdpr=0&gdpr_consent=0
Expires: Thu, 14 Mar 2024 21:02:20 GMT
GET

https://sync.mathtag.com/sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D61%26uid%3D%5BMM_UUID%5D

msedge.exe

Remote address:

216.200.232.253:443

Request

GET /sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D61%26uid%3D%5BMM_UUID%5D HTTP/1.1
Host: sync.mathtag.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Moved Temporarily

Date: Thu, 14 Mar 2024 21:02:22 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 1549 cea2cde master ord ord-pixel-x48 config_version:"437"
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: uuid=332565f3-65de-4800-b8cc-a339fbf1c261; domain=.mathtag.com; path=/; expires=Fri, 11-Apr-2025 21:02:22 GMT; SameSite=None; Secure
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=61&uid=332565f3-65de-4800-b8cc-a339fbf1c261&gdpr=0&gdpr_consent=0
Expires: Thu, 14 Mar 2024 21:02:21 GMT
GET

https://sync.mathtag.com/sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D61%26uid%3D%5BMM_UUID%5D

msedge.exe

Remote address:

216.200.232.253:443

Request

GET /sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D61%26uid%3D%5BMM_UUID%5D HTTP/1.1
Host: sync.mathtag.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Moved Temporarily

Date: Thu, 14 Mar 2024 21:02:54 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 1549 cea2cde master ord ord-pixel-x28 config_version:"437"
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: uuid=523065f3-65fe-4800-b54d-45cd6a4e9875; domain=.mathtag.com; path=/; expires=Fri, 11-Apr-2025 21:02:54 GMT; SameSite=None; Secure
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=61&uid=523065f3-65fe-4800-b54d-45cd6a4e9875&gdpr=0&gdpr_consent=0
Expires: Thu, 14 Mar 2024 21:02:53 GMT
GET

https://sync.mathtag.com/sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D61%26uid%3D%5BMM_UUID%5D

msedge.exe

Remote address:

216.200.232.253:443

Request

GET /sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D61%26uid%3D%5BMM_UUID%5D HTTP/1.1
Host: sync.mathtag.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Moved Temporarily

Date: Thu, 14 Mar 2024 21:02:55 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 1549 cea2cde master ord ord-pixel-x21 config_version:"437"
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: uuid=b79d65f3-65ff-4d00-8006-f448e48815db; domain=.mathtag.com; path=/; expires=Fri, 11-Apr-2025 21:02:55 GMT; SameSite=None; Secure
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=61&uid=b79d65f3-65ff-4d00-8006-f448e48815db&gdpr=0&gdpr_consent=0
Expires: Thu, 14 Mar 2024 21:02:54 GMT
GET

https://sync.mathtag.com/sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D61%26uid%3D%5BMM_UUID%5D

msedge.exe

Remote address:

216.200.232.253:443

Request

GET /sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D61%26uid%3D%5BMM_UUID%5D HTTP/1.1
Host: sync.mathtag.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Moved Temporarily

Date: Thu, 14 Mar 2024 21:02:55 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 1549 cea2cde master ord ord-pixel-x51 config_version:"437"
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: uuid=df1765f3-65ff-4100-804f-c3976fcdb3ef; domain=.mathtag.com; path=/; expires=Fri, 11-Apr-2025 21:02:55 GMT; SameSite=None; Secure
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=61&uid=df1765f3-65ff-4100-804f-c3976fcdb3ef&gdpr=0&gdpr_consent=0
Expires: Thu, 14 Mar 2024 21:02:54 GMT
GET

https://sync.mathtag.com/sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D61%26uid%3D%5BMM_UUID%5D

msedge.exe

Remote address:

216.200.232.253:443

Request

GET /sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D61%26uid%3D%5BMM_UUID%5D HTTP/1.1
Host: sync.mathtag.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Moved Temporarily

Date: Thu, 14 Mar 2024 21:02:58 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 1549 cea2cde master ord ord-pixel-x49 config_version:"437"
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: uuid=0f1765f3-6602-4b00-bea4-ac447ff80491; domain=.mathtag.com; path=/; expires=Fri, 11-Apr-2025 21:02:58 GMT; SameSite=None; Secure
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=61&uid=0f1765f3-6602-4b00-bea4-ac447ff80491&gdpr=0&gdpr_consent=0
Expires: Thu, 14 Mar 2024 21:02:57 GMT
GET

https://sync.mathtag.com/sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D61%26uid%3D%5BMM_UUID%5D

msedge.exe

Remote address:

216.200.232.253:443

Request

GET /sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D61%26uid%3D%5BMM_UUID%5D HTTP/1.1
Host: sync.mathtag.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Moved Temporarily

Date: Thu, 14 Mar 2024 21:03:23 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 1549 cea2cde master ord ord-pixel-x22 config_version:"437"
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: uuid=f2b965f3-661b-4c00-8b7a-34f5fd2b71f3; domain=.mathtag.com; path=/; expires=Fri, 11-Apr-2025 21:03:23 GMT; SameSite=None; Secure
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=61&uid=f2b965f3-661b-4c00-8b7a-34f5fd2b71f3&gdpr=0&gdpr_consent=0
Expires: Thu, 14 Mar 2024 21:03:22 GMT
GET

https://sync.mathtag.com/sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D61%26uid%3D%5BMM_UUID%5D

msedge.exe

Remote address:

216.200.232.253:443

Request

GET /sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D61%26uid%3D%5BMM_UUID%5D HTTP/1.1
Host: sync.mathtag.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Moved Temporarily

Date: Thu, 14 Mar 2024 21:03:23 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 1549 cea2cde master ord ord-pixel-x53 config_version:"437"
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: uuid=6ffd65f3-661c-4e00-8aa6-8440c23ae6b0; domain=.mathtag.com; path=/; expires=Fri, 11-Apr-2025 21:03:24 GMT; SameSite=None; Secure
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=61&uid=6ffd65f3-661c-4e00-8aa6-8440c23ae6b0&gdpr=0&gdpr_consent=0
Expires: Thu, 14 Mar 2024 21:03:22 GMT
GET

https://sync.mathtag.com/sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D61%26uid%3D%5BMM_UUID%5D

msedge.exe

Remote address:

216.200.232.253:443

Request

GET /sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D61%26uid%3D%5BMM_UUID%5D HTTP/1.1
Host: sync.mathtag.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Moved Temporarily

Date: Thu, 14 Mar 2024 21:03:24 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 1549 cea2cde master ord ord-pixel-x29 config_version:"437"
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: uuid=cd6365f3-661c-4f00-9d0b-c84b32d12451; domain=.mathtag.com; path=/; expires=Fri, 11-Apr-2025 21:03:24 GMT; SameSite=None; Secure
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=61&uid=cd6365f3-661c-4f00-9d0b-c84b32d12451&gdpr=0&gdpr_consent=0
Expires: Thu, 14 Mar 2024 21:03:23 GMT
GET

https://sync.mathtag.com/sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D61%26uid%3D%5BMM_UUID%5D

msedge.exe

Remote address:

216.200.232.253:443

Request

GET /sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D61%26uid%3D%5BMM_UUID%5D HTTP/1.1
Host: sync.mathtag.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Moved Temporarily

Date: Thu, 14 Mar 2024 21:03:31 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 1549 cea2cde master ord ord-pixel-x3 config_version:"437"
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: uuid=1ab565f3-6623-4400-8381-7a7859e48ee1; domain=.mathtag.com; path=/; expires=Fri, 11-Apr-2025 21:03:31 GMT; SameSite=None; Secure
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=61&uid=1ab565f3-6623-4400-8381-7a7859e48ee1&gdpr=0&gdpr_consent=0
Expires: Thu, 14 Mar 2024 21:03:30 GMT
GET

https://sync.mathtag.com/sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D61%26uid%3D%5BMM_UUID%5D

msedge.exe

Remote address:

216.200.232.253:443

Request

GET /sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D61%26uid%3D%5BMM_UUID%5D HTTP/1.1
Host: sync.mathtag.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Moved Temporarily

Date: Thu, 14 Mar 2024 21:03:31 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 1549 cea2cde master ord ord-pixel-x58 config_version:"437"
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: uuid=0c7765f3-6624-4200-82cd-1cc86111c60f; domain=.mathtag.com; path=/; expires=Fri, 11-Apr-2025 21:03:32 GMT; SameSite=None; Secure
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=61&uid=0c7765f3-6624-4200-82cd-1cc86111c60f&gdpr=0&gdpr_consent=0
Expires: Thu, 14 Mar 2024 21:03:30 GMT
GET

https://sync.mathtag.com/sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D61%26uid%3D%5BMM_UUID%5D

msedge.exe

Remote address:

216.200.232.253:443

Request

GET /sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D61%26uid%3D%5BMM_UUID%5D HTTP/1.1
Host: sync.mathtag.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Moved Temporarily

Date: Thu, 14 Mar 2024 21:03:55 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 1549 cea2cde master ord ord-pixel-x48 config_version:"437"
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: uuid=b62365f3-663b-4500-8d0b-e7425ef4d7e1; domain=.mathtag.com; path=/; expires=Fri, 11-Apr-2025 21:03:55 GMT; SameSite=None; Secure
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=61&uid=b62365f3-663b-4500-8d0b-e7425ef4d7e1&gdpr=0&gdpr_consent=0
Expires: Thu, 14 Mar 2024 21:03:54 GMT
GET

https://sync.mathtag.com/sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D61%26uid%3D%5BMM_UUID%5D

msedge.exe

Remote address:

216.200.232.253:443

Request

GET /sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D61%26uid%3D%5BMM_UUID%5D HTTP/1.1
Host: sync.mathtag.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Moved Temporarily

Date: Thu, 14 Mar 2024 21:03:59 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 1549 cea2cde master ord ord-pixel-x56 config_version:"437"
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: uuid=5d3265f3-663f-4f00-937f-d5177f47b49d; domain=.mathtag.com; path=/; expires=Fri, 11-Apr-2025 21:03:59 GMT; SameSite=None; Secure
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=61&uid=5d3265f3-663f-4f00-937f-d5177f47b49d&gdpr=0&gdpr_consent=0
Expires: Thu, 14 Mar 2024 21:03:58 GMT
GET

https://sync.mathtag.com/sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D61%26uid%3D%5BMM_UUID%5D

msedge.exe

Remote address:

216.200.232.253:443

Request

GET /sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D61%26uid%3D%5BMM_UUID%5D HTTP/1.1
Host: sync.mathtag.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Moved Temporarily

Date: Thu, 14 Mar 2024 21:04:01 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 1549 cea2cde master ord ord-pixel-x51 config_version:"437"
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: uuid=7c3265f3-6641-4300-a7d0-fe91ac218536; domain=.mathtag.com; path=/; expires=Fri, 11-Apr-2025 21:04:01 GMT; SameSite=None; Secure
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=61&uid=7c3265f3-6641-4300-a7d0-fe91ac218536&gdpr=0&gdpr_consent=0
Expires: Thu, 14 Mar 2024 21:04:00 GMT
DNS

prebid-server.rubiconproject.com

msedge.exe

Remote address:

8.8.8.8:53

Request

prebid-server.rubiconproject.com

IN A

Response

prebid-server.rubiconproject.com

IN CNAME

prebid-server.rubiconproject.net.akadns.net

prebid-server.rubiconproject.net.akadns.net

IN CNAME

prebid-server-perf-eu.rubiconproject.net.akadns.net

prebid-server-perf-eu.rubiconproject.net.akadns.net

IN A

213.19.162.71
GET

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D88%26uid%3D%3Cvsid%3E

msedge.exe

Remote address:

23.44.232.24:443

Request

GET /cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D88%26uid%3D%3Cvsid%3E HTTP/2.0
host: hbx.media.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: Apache
content-length: 154
content-type: text/html
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=88&uid=0000EEA
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
strict-transport-security: max-age=86400 ; includeSubDomains
strict-transport-security: max-age=604800
x-mnet-hl2: E
expires: Thu, 14 Mar 2024 21:02:20 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 14 Mar 2024 21:02:20 GMT
GET

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D88%26uid%3D%3Cvsid%3E

msedge.exe

Remote address:

23.44.232.24:443

Request

GET /cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D88%26uid%3D%3Cvsid%3E HTTP/2.0
host: hbx.media.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: Apache
content-length: 154
content-type: text/html
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=88&uid=0000EEA
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
strict-transport-security: max-age=86400 ; includeSubDomains
strict-transport-security: max-age=604800
x-mnet-hl2: E
expires: Thu, 14 Mar 2024 21:02:21 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 14 Mar 2024 21:02:21 GMT
GET

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D88%26uid%3D%3Cvsid%3E

msedge.exe

Remote address:

23.44.232.24:443

Request

GET /cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D88%26uid%3D%3Cvsid%3E HTTP/2.0
host: hbx.media.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: Apache
content-length: 154
content-type: text/html
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=88&uid=0000EEA
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
strict-transport-security: max-age=86400 ; includeSubDomains
strict-transport-security: max-age=604800
x-mnet-hl2: E
expires: Thu, 14 Mar 2024 21:02:22 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 14 Mar 2024 21:02:22 GMT
GET

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E

msedge.exe

Remote address:

23.44.232.24:443

Request

GET /cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP/2.0
host: hbx.media.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://public.servenobid.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: Apache
content-length: 154
content-type: text/html
location: https://ads.servenobid.com/sync?pid=353&uid=0000EEA
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
strict-transport-security: max-age=86400 ; includeSubDomains
strict-transport-security: max-age=604800
x-mnet-hl2: E
expires: Thu, 14 Mar 2024 21:02:22 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 14 Mar 2024 21:02:22 GMT
GET

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D88%26uid%3D%3Cvsid%3E

msedge.exe

Remote address:

23.44.232.24:443

Request

GET /cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D88%26uid%3D%3Cvsid%3E HTTP/2.0
host: hbx.media.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: Apache
content-length: 154
content-type: text/html
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=88&uid=0000EEA
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
strict-transport-security: max-age=86400 ; includeSubDomains
strict-transport-security: max-age=604800
x-mnet-hl2: E
expires: Thu, 14 Mar 2024 21:02:54 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 14 Mar 2024 21:02:54 GMT
GET

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D88%26uid%3D%3Cvsid%3E

msedge.exe

Remote address:

23.44.232.24:443

Request

GET /cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D88%26uid%3D%3Cvsid%3E HTTP/2.0
host: hbx.media.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: Apache
content-length: 154
content-type: text/html
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=88&uid=0000EEA
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
strict-transport-security: max-age=86400 ; includeSubDomains
strict-transport-security: max-age=604800
x-mnet-hl2: E
expires: Thu, 14 Mar 2024 21:02:55 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 14 Mar 2024 21:02:55 GMT
GET

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D88%26uid%3D%3Cvsid%3E

msedge.exe

Remote address:

23.44.232.24:443

Request

GET /cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D88%26uid%3D%3Cvsid%3E HTTP/2.0
host: hbx.media.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: Apache
content-length: 154
content-type: text/html
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=88&uid=0000EEA
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
strict-transport-security: max-age=86400 ; includeSubDomains
strict-transport-security: max-age=604800
x-mnet-hl2: E
expires: Thu, 14 Mar 2024 21:02:56 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 14 Mar 2024 21:02:56 GMT
GET

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D88%26uid%3D%3Cvsid%3E

msedge.exe

Remote address:

23.44.232.24:443

Request

GET /cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D88%26uid%3D%3Cvsid%3E HTTP/2.0
host: hbx.media.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: Apache
content-length: 154
content-type: text/html
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=88&uid=0000EEA
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
strict-transport-security: max-age=86400 ; includeSubDomains
strict-transport-security: max-age=604800
x-mnet-hl2: E
expires: Thu, 14 Mar 2024 21:02:59 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 14 Mar 2024 21:02:59 GMT
GET

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D88%26uid%3D%3Cvsid%3E

msedge.exe

Remote address:

23.44.232.24:443

Request

GET /cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D88%26uid%3D%3Cvsid%3E HTTP/2.0
host: hbx.media.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: Apache
content-length: 154
content-type: text/html
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=88&uid=0000EEA
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
strict-transport-security: max-age=86400 ; includeSubDomains
strict-transport-security: max-age=604800
x-mnet-hl2: E
expires: Thu, 14 Mar 2024 21:03:23 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 14 Mar 2024 21:03:23 GMT
GET

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D88%26uid%3D%3Cvsid%3E

msedge.exe

Remote address:

23.44.232.24:443

Request

GET /cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D88%26uid%3D%3Cvsid%3E HTTP/2.0
host: hbx.media.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: Apache
content-length: 154
content-type: text/html
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=88&uid=0000EEA
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
strict-transport-security: max-age=86400 ; includeSubDomains
strict-transport-security: max-age=604800
x-mnet-hl2: E
expires: Thu, 14 Mar 2024 21:03:24 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 14 Mar 2024 21:03:24 GMT
GET

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D88%26uid%3D%3Cvsid%3E

msedge.exe

Remote address:

23.44.232.24:443

Request

GET /cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D88%26uid%3D%3Cvsid%3E HTTP/2.0
host: hbx.media.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: Apache
content-length: 154
content-type: text/html
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=88&uid=0000EEA
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
strict-transport-security: max-age=86400 ; includeSubDomains
strict-transport-security: max-age=604800
x-mnet-hl2: E
expires: Thu, 14 Mar 2024 21:03:24 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 14 Mar 2024 21:03:24 GMT
GET

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D88%26uid%3D%3Cvsid%3E

msedge.exe

Remote address:

23.44.232.24:443

Request

GET /cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D88%26uid%3D%3Cvsid%3E HTTP/2.0
host: hbx.media.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: Apache
content-length: 154
content-type: text/html
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=88&uid=0000EEA
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
strict-transport-security: max-age=86400 ; includeSubDomains
strict-transport-security: max-age=604800
x-mnet-hl2: E
expires: Thu, 14 Mar 2024 21:03:31 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 14 Mar 2024 21:03:31 GMT
GET

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D88%26uid%3D%3Cvsid%3E

msedge.exe

Remote address:

23.44.232.24:443

Request

GET /cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D88%26uid%3D%3Cvsid%3E HTTP/2.0
host: hbx.media.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: Apache
content-length: 154
content-type: text/html
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=88&uid=0000EEA
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
strict-transport-security: max-age=86400 ; includeSubDomains
strict-transport-security: max-age=604800
x-mnet-hl2: E
expires: Thu, 14 Mar 2024 21:03:32 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 14 Mar 2024 21:03:32 GMT
GET

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D88%26uid%3D%3Cvsid%3E

msedge.exe

Remote address:

23.44.232.24:443

Request

GET /cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D88%26uid%3D%3Cvsid%3E HTTP/2.0
host: hbx.media.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: Apache
content-length: 154
content-type: text/html
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=88&uid=0000EEA
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
strict-transport-security: max-age=86400 ; includeSubDomains
strict-transport-security: max-age=604800
x-mnet-hl2: E
expires: Thu, 14 Mar 2024 21:03:56 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 14 Mar 2024 21:03:56 GMT
GET

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D88%26uid%3D%3Cvsid%3E

msedge.exe

Remote address:

23.44.232.24:443

Request

GET /cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D88%26uid%3D%3Cvsid%3E HTTP/2.0
host: hbx.media.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: Apache
content-length: 154
content-type: text/html
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=88&uid=0000EEA
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
strict-transport-security: max-age=86400 ; includeSubDomains
strict-transport-security: max-age=604800
x-mnet-hl2: E
expires: Thu, 14 Mar 2024 21:03:59 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 14 Mar 2024 21:03:59 GMT
GET

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D88%26uid%3D%3Cvsid%3E

msedge.exe

Remote address:

23.44.232.24:443

Request

GET /cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D88%26uid%3D%3Cvsid%3E HTTP/2.0
host: hbx.media.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: Apache
content-length: 154
content-type: text/html
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=88&uid=0000EEA
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
strict-transport-security: max-age=86400 ; includeSubDomains
strict-transport-security: max-age=604800
x-mnet-hl2: E
expires: Thu, 14 Mar 2024 21:04:01 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 14 Mar 2024 21:04:01 GMT
DNS

117.174.228.46.in-addr.arpa

Remote address:

8.8.8.8:53

Request

117.174.228.46.in-addr.arpa

IN PTR

Response
DNS

67.97.40.145.in-addr.arpa

Remote address:

8.8.8.8:53

Request

67.97.40.145.in-addr.arpa

IN PTR

Response
DNS

231.149.71.3.in-addr.arpa

Remote address:

8.8.8.8:53

Request

231.149.71.3.in-addr.arpa

IN PTR

Response

231.149.71.3.in-addr.arpa

IN PTR

ec2-3-71-149-231eu-central-1compute amazonawscom
DNS

199.81.18.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

199.81.18.52.in-addr.arpa

IN PTR

Response

199.81.18.52.in-addr.arpa

IN PTR

ec2-52-18-81-199 eu-west-1compute amazonawscom
DNS

85.234.92.54.in-addr.arpa

Remote address:

8.8.8.8:53

Request

85.234.92.54.in-addr.arpa

IN PTR

Response

85.234.92.54.in-addr.arpa

IN PTR

ec2-54-92-234-85 compute-1 amazonawscom
DNS

71.126.55.45.in-addr.arpa

Remote address:

8.8.8.8:53

Request

71.126.55.45.in-addr.arpa

IN PTR

Response
DNS

67.108.203.18.in-addr.arpa

Remote address:

8.8.8.8:53

Request

67.108.203.18.in-addr.arpa

IN PTR

Response

67.108.203.18.in-addr.arpa

IN PTR

ec2-18-203-108-67 eu-west-1compute amazonawscom
DNS

79.190.64.185.in-addr.arpa

Remote address:

8.8.8.8:53

Request

79.190.64.185.in-addr.arpa

IN PTR

Response
DNS

79.190.64.185.in-addr.arpa

Remote address:

8.8.8.8:53

Request

79.190.64.185.in-addr.arpa

IN PTR

Response
GET

https://prebid-server.rubiconproject.com/getuids

msedge.exe

Remote address:

213.19.162.71:443

Request

GET /getuids HTTP/1.1
Host: prebid-server.rubiconproject.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
Accept: */*
Origin: https://s.0cf.io
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://s.0cf.io/?gdpr=1&gdprConsent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&bidid=321206534-19072067-24490-0&id=191beab17e050a2&uid=
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
access-control-allow-credentials: true
access-control-allow-origin: https://s.0cf.io
Content-Type: application/json;charset=utf-8
content-encoding: gzip
content-length: 28
GET

https://prebid-server.rubiconproject.com/getuids

msedge.exe

Remote address:

213.19.162.71:443

Request

GET /getuids HTTP/1.1
Host: prebid-server.rubiconproject.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
Accept: */*
Origin: https://s.0cf.io
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
access-control-allow-credentials: true
access-control-allow-origin: https://s.0cf.io
Content-Type: application/json;charset=utf-8
content-encoding: gzip
content-length: 28
GET

https://prebid-server.rubiconproject.com/getuids

msedge.exe

Remote address:

213.19.162.71:443

Request

GET /getuids HTTP/1.1
Host: prebid-server.rubiconproject.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
Accept: */*
Origin: https://s.0cf.io
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
access-control-allow-credentials: true
access-control-allow-origin: https://s.0cf.io
Content-Type: application/json;charset=utf-8
content-encoding: gzip
content-length: 28
GET

https://prebid-server.rubiconproject.com/getuids

msedge.exe

Remote address:

213.19.162.71:443

Request

GET /getuids HTTP/1.1
Host: prebid-server.rubiconproject.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
Accept: */*
Origin: https://s.0cf.io
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://s.0cf.io/?gdpr=1&gdprConsent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&bidid=321206534-19072067-24490-0&id=191beab17e050a2&uid=
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
access-control-allow-credentials: true
access-control-allow-origin: https://s.0cf.io
Content-Type: application/json;charset=utf-8
content-encoding: gzip
content-length: 28
GET

https://prebid-server.rubiconproject.com/getuids

msedge.exe

Remote address:

213.19.162.71:443

Request

GET /getuids HTTP/1.1
Host: prebid-server.rubiconproject.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
Accept: */*
Origin: https://s.0cf.io
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
access-control-allow-credentials: true
access-control-allow-origin: https://s.0cf.io
Content-Type: application/json;charset=utf-8
content-encoding: gzip
content-length: 28
GET

https://prebid-server.rubiconproject.com/getuids

msedge.exe

Remote address:

213.19.162.71:443

Request

GET /getuids HTTP/1.1
Host: prebid-server.rubiconproject.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
Accept: */*
Origin: https://s.0cf.io
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
access-control-allow-credentials: true
access-control-allow-origin: https://s.0cf.io
Content-Type: application/json;charset=utf-8
content-encoding: gzip
content-length: 28
GET

https://prebid-server.rubiconproject.com/getuids

msedge.exe

Remote address:

213.19.162.71:443

Request

GET /getuids HTTP/1.1
Host: prebid-server.rubiconproject.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
Accept: */*
Origin: https://s.0cf.io
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
access-control-allow-credentials: true
access-control-allow-origin: https://s.0cf.io
Content-Type: application/json;charset=utf-8
content-encoding: gzip
content-length: 28
GET

https://prebid-server.rubiconproject.com/getuids

msedge.exe

Remote address:

213.19.162.71:443

Request

GET /getuids HTTP/1.1
Host: prebid-server.rubiconproject.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
Accept: */*
Origin: https://s.0cf.io
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
access-control-allow-credentials: true
access-control-allow-origin: https://s.0cf.io
Content-Type: application/json;charset=utf-8
content-encoding: gzip
content-length: 28
GET

https://prebid-server.rubiconproject.com/getuids

msedge.exe

Remote address:

213.19.162.71:443

Request

GET /getuids HTTP/1.1
Host: prebid-server.rubiconproject.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
Accept: */*
Origin: https://s.0cf.io
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
access-control-allow-credentials: true
access-control-allow-origin: https://s.0cf.io
Content-Type: application/json;charset=utf-8
content-encoding: gzip
content-length: 28
GET

https://usersync.gumgum.com/usersync?b=vnt&i=eb79bc10-a9ac-4daf-af96-5ff1796862b7

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=vnt&i=eb79bc10-a9ac-4daf-af96-5ff1796862b7 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:23 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
DNS

24.105.202.67.in-addr.arpa

Remote address:

8.8.8.8:53

Request

24.105.202.67.in-addr.arpa

IN PTR

Response

24.105.202.67.in-addr.arpa

IN PTR

ip24 67-202-105staticsteadfastdnsnet
DNS

24.105.202.67.in-addr.arpa

Remote address:

8.8.8.8:53

Request

24.105.202.67.in-addr.arpa

IN PTR
DNS

24.105.202.67.in-addr.arpa

Remote address:

8.8.8.8:53

Request

24.105.202.67.in-addr.arpa

IN PTR
DNS

183.75.158.18.in-addr.arpa

Remote address:

8.8.8.8:53

Request

183.75.158.18.in-addr.arpa

IN PTR

Response

183.75.158.18.in-addr.arpa

IN PTR

ec2-18-158-75-183eu-central-1compute amazonawscom
DNS

183.75.158.18.in-addr.arpa

Remote address:

8.8.8.8:53

Request

183.75.158.18.in-addr.arpa

IN PTR
DNS

183.75.158.18.in-addr.arpa

Remote address:

8.8.8.8:53

Request

183.75.158.18.in-addr.arpa

IN PTR
DNS

253.232.200.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

253.232.200.216.in-addr.arpa

IN PTR

Response
DNS

253.232.200.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

253.232.200.216.in-addr.arpa

IN PTR
DNS

253.232.200.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

253.232.200.216.in-addr.arpa

IN PTR
DNS

24.232.44.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

24.232.44.23.in-addr.arpa

IN PTR

Response

24.232.44.23.in-addr.arpa

IN PTR

a23-44-232-24deploystaticakamaitechnologiescom
DNS

24.232.44.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

24.232.44.23.in-addr.arpa

IN PTR
DNS

24.232.44.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

24.232.44.23.in-addr.arpa

IN PTR
DNS

71.162.19.213.in-addr.arpa

Remote address:

8.8.8.8:53

Request

71.162.19.213.in-addr.arpa

IN PTR

Response
DNS

71.162.19.213.in-addr.arpa

Remote address:

8.8.8.8:53

Request

71.162.19.213.in-addr.arpa

IN PTR
DNS

71.162.19.213.in-addr.arpa

Remote address:

8.8.8.8:53

Request

71.162.19.213.in-addr.arpa

IN PTR
GET

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

msedge.exe

Remote address:

69.166.1.34:443

Request

GET /us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D HTTP/2.0
host: sync.go.sonobi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:22 GMT
content-type: image/gif
content-length: 49
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache, no-store, private
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
tcn: Choice
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-73
x-xss-protection: 0
set-cookie: HAPLB8G=s8673|ZfNl4; path=/; domain=.go.sonobi.com; SameSite=none; Secure
server: sonobi-go
DNS

dblksync.dblks.net

msedge.exe

Remote address:

8.8.8.8:53

Request

dblksync.dblks.net

IN A

Response

dblksync.dblks.net

IN A

104.21.49.210

dblksync.dblks.net

IN A

172.67.193.140
DNS

dblksync.dblks.net

msedge.exe

Remote address:

8.8.8.8:53

Request

dblksync.dblks.net

IN A
GET

https://dblksync.dblks.net/dblksync/

msedge.exe

Remote address:

104.21.49.210:443

Request

GET /dblksync/ HTTP/2.0
host: dblksync.dblks.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:22 GMT
content-type: text/html
last-modified: Tue, 14 Nov 2023 18:39:41 GMT
vary: Accept-Encoding
access-control-allow-credentials: true
cache-control: max-age=14400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YudEN%2Bh0dkHBBnoNGkOBrEGLbL%2Fhh05tVspFuig0UEPB3Fawx1OJCoYFi0%2BQ8Q6w9NksYwG8aTgATo5FveMoryijZWoTIh0xdgTLYfX0zsVeexgVNnFYIYsAU4%2Fvr3U0DIrkQGA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8647344b6f4324d4-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
DNS

idsync.rlcdn.com

msedge.exe

Remote address:

8.8.8.8:53

Request

idsync.rlcdn.com

IN A

Response

idsync.rlcdn.com

IN A

35.244.174.68
DNS

idsync.rlcdn.com

msedge.exe

Remote address:

8.8.8.8:53

Request

idsync.rlcdn.com

IN A

Response

idsync.rlcdn.com

IN A

35.244.174.68
GET

https://idsync.rlcdn.com/712910.gif?partner_uid=2fe71f95-f992-4311-8df2-794ceaa27aab

msedge.exe

Remote address:

35.244.174.68:443

Request

GET /712910.gif?partner_uid=2fe71f95-f992-4311-8df2-794ceaa27aab HTTP/2.0
host: idsync.rlcdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://cdn.dxkulture.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

210.49.21.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

210.49.21.104.in-addr.arpa

IN PTR

Response
DNS

210.49.21.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

210.49.21.104.in-addr.arpa

IN PTR
DNS

68.174.244.35.in-addr.arpa

Remote address:

8.8.8.8:53

Request

68.174.244.35.in-addr.arpa

IN PTR

Response

68.174.244.35.in-addr.arpa

IN PTR

6817424435bcgoogleusercontentcom
DNS

68.174.244.35.in-addr.arpa

Remote address:

8.8.8.8:53

Request

68.174.244.35.in-addr.arpa

IN PTR
GET

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

msedge.exe

Remote address:

69.166.1.34:443

Request

GET /us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D HTTP/2.0
host: sync.go.sonobi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:52 GMT
content-type: image/gif
content-length: 49
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache, no-store, private
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
tcn: Choice
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-152
x-xss-protection: 0
set-cookie: HAPLB8G=s85152|ZfNl/; path=/; domain=.go.sonobi.com; SameSite=none; Secure
server: sonobi-go
GET

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

msedge.exe

Remote address:

69.166.1.34:443

Request

GET /us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D HTTP/2.0
host: sync.go.sonobi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:52 GMT
content-type: image/gif
content-length: 49
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache, no-store, private
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
tcn: Choice
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-192
x-xss-protection: 0
set-cookie: HAPLB8G=s85192|ZfNl/; path=/; domain=.go.sonobi.com; SameSite=none; Secure
server: sonobi-go
GET

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

msedge.exe

Remote address:

69.166.1.34:443

Request

GET /us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D HTTP/2.0
host: sync.go.sonobi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:53 GMT
content-type: image/gif
content-length: 49
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache, no-store, private
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
tcn: Choice
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-195
x-xss-protection: 0
set-cookie: HAPLB8G=s85195|ZfNmA; path=/; domain=.go.sonobi.com; SameSite=none; Secure
server: sonobi-go
GET

https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

msedge.exe

Remote address:

51.75.86.98:443

Request

GET /usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D HTTP/2.0
host: onetag-sys.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 403

cache-control: no-store
content-length: 0
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
GET

https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

msedge.exe

Remote address:

51.75.86.98:443

Request

GET /usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D HTTP/2.0
host: onetag-sys.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 403

cache-control: no-store
content-length: 0
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
GET

https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

msedge.exe

Remote address:

51.75.86.98:443

Request

GET /usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D HTTP/2.0
host: onetag-sys.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 403

cache-control: no-store
content-length: 0
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
GET

https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

msedge.exe

Remote address:

51.75.86.98:443

Request

GET /usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D HTTP/2.0
host: onetag-sys.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 403

cache-control: no-store
content-length: 0
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
GET

https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

msedge.exe

Remote address:

51.75.86.98:443

Request

GET /usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D HTTP/2.0
host: onetag-sys.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 403

cache-control: no-store
content-length: 0
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
GET

https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

msedge.exe

Remote address:

51.75.86.98:443

Request

GET /usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D HTTP/2.0
host: onetag-sys.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 403

cache-control: no-store
content-length: 0
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
GET

https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

msedge.exe

Remote address:

51.75.86.98:443

Request

GET /usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D HTTP/2.0
host: onetag-sys.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 403

cache-control: no-store
content-length: 0
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
GET

https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

msedge.exe

Remote address:

51.75.86.98:443

Request

GET /usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D HTTP/2.0
host: onetag-sys.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 403

cache-control: no-store
content-length: 0
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
GET

https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

msedge.exe

Remote address:

51.75.86.98:443

Request

GET /usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D HTTP/2.0
host: onetag-sys.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 403

cache-control: no-store
content-length: 0
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
GET

https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

msedge.exe

Remote address:

51.75.86.98:443

Request

GET /usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D HTTP/2.0
host: onetag-sys.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 403

cache-control: no-store
content-length: 0
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
GET

https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

msedge.exe

Remote address:

51.75.86.98:443

Request

GET /usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D HTTP/2.0
host: onetag-sys.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 403

cache-control: no-store
content-length: 0
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
GET

https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

msedge.exe

Remote address:

51.75.86.98:443

Request

GET /usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D HTTP/2.0
host: onetag-sys.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 403

cache-control: no-store
content-length: 0
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
GET

https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

msedge.exe

Remote address:

51.75.86.98:443

Request

GET /usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D HTTP/2.0
host: onetag-sys.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 403

cache-control: no-store
content-length: 0
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
GET

https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

msedge.exe

Remote address:

51.75.86.98:443

Request

GET /usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D HTTP/2.0
host: onetag-sys.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 403

cache-control: no-store
content-length: 0
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
GET

https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

msedge.exe

Remote address:

51.75.86.98:443

Request

GET /usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D HTTP/2.0
host: onetag-sys.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 403

cache-control: no-store
content-length: 0
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
GET

https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

msedge.exe

Remote address:

51.75.86.98:443

Request

GET /usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D HTTP/2.0
host: onetag-sys.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 403

cache-control: no-store
content-length: 0
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
GET

https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

msedge.exe

Remote address:

51.75.86.98:443

Request

GET /usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D HTTP/2.0
host: onetag-sys.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 403

cache-control: no-store
content-length: 0
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
GET

https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

msedge.exe

Remote address:

51.75.86.98:443

Request

GET /usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D HTTP/2.0
host: onetag-sys.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 403

cache-control: no-store
content-length: 0
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
GET

https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

msedge.exe

Remote address:

51.75.86.98:443

Request

GET /usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D HTTP/2.0
host: onetag-sys.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 403

cache-control: no-store
content-length: 0
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
GET

https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

msedge.exe

Remote address:

51.75.86.98:443

Request

GET /usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D HTTP/2.0
host: onetag-sys.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 403

cache-control: no-store
content-length: 0
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
GET

https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

msedge.exe

Remote address:

51.75.86.98:443

Request

GET /usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D HTTP/2.0
host: onetag-sys.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 403

cache-control: no-store
content-length: 0
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
GET

https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

msedge.exe

Remote address:

51.75.86.98:443

Request

GET /usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D HTTP/2.0
host: onetag-sys.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 403

cache-control: no-store
content-length: 0
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
GET

https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

msedge.exe

Remote address:

51.75.86.98:443

Request

GET /usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D HTTP/2.0
host: onetag-sys.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 403

cache-control: no-store
content-length: 0
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
GET

https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

msedge.exe

Remote address:

51.75.86.98:443

Request

GET /usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D HTTP/2.0
host: onetag-sys.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

msedge.exe

Remote address:

67.202.105.24:443

Request

GET /ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X HTTP/2.0
host: ssc-cms.33across.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

x-33x-status: 2800208
server: 33XP019
date: Thu, 14 Mar 2024 21:02:52 GMT
GET

https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

msedge.exe

Remote address:

67.202.105.24:443

Request

GET /ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X HTTP/2.0
host: ssc-cms.33across.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

x-33x-status: 2800208
server: 33XP002
date: Thu, 14 Mar 2024 21:02:52 GMT
GET

https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

msedge.exe

Remote address:

67.202.105.24:443

Request

GET /ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X HTTP/2.0
host: ssc-cms.33across.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

x-33x-status: 2800208
server: 33XP013
date: Thu, 14 Mar 2024 21:02:52 GMT
GET

https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

msedge.exe

Remote address:

67.202.105.24:443

Request

GET /ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X HTTP/2.0
host: ssc-cms.33across.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

x-33x-status: 2800208
server: 33XP003
date: Thu, 14 Mar 2024 21:02:55 GMT
GET

https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

msedge.exe

Remote address:

67.202.105.24:443

Request

GET /ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X HTTP/2.0
host: ssc-cms.33across.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

x-33x-status: 2800208
server: 33XP017
date: Thu, 14 Mar 2024 21:02:55 GMT
GET

https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

msedge.exe

Remote address:

67.202.105.24:443

Request

GET /ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X HTTP/2.0
host: ssc-cms.33across.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

x-33x-status: 2800208
server: 33XP014
date: Thu, 14 Mar 2024 21:02:57 GMT
GET

https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D

msedge.exe

Remote address:

46.228.174.117:443

Request

GET /usersync2/rmphb?gdpr=0&gdpr_consent=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D HTTP/2.0
host: sync.1rx.io
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:02:53 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-9e742972-dafe-4d6e-b836-4c386e9c72f9-003%22%2C%22zdxidn%22%3A%222064%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D%22%7D; path=/; expires=Fri, 14 Mar 2025 21:02:53 GMT; domain=.1rx.io; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D&cb=1710450173735
etag: RX9e742972dafe4d6eb8364c386e9c72f9003
GET

https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D&cb=1710450173735

msedge.exe

Remote address:

46.228.174.117:443

Request

GET /usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D&cb=1710450173735 HTTP/2.0
host: sync.1rx.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:02:53 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=22&uid=OPTOUT
etag: OPTOUT
GET

https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D

msedge.exe

Remote address:

46.228.174.117:443

Request

GET /usersync2/rmphb?gdpr=0&gdpr_consent=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D HTTP/2.0
host: sync.1rx.io
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:02:54 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-f6706c22-345f-44a4-878e-7414eeaf425a-003%22%2C%22zdxidn%22%3A%222064%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D%22%7D; path=/; expires=Fri, 14 Mar 2025 21:02:54 GMT; domain=.1rx.io; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D&cb=1710450174620
etag: RXf6706c22345f44a4878e7414eeaf425a003
GET

https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D

msedge.exe

Remote address:

46.228.174.117:443

Request

GET /usersync2/rmphb?gdpr=0&gdpr_consent=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D HTTP/2.0
host: sync.1rx.io
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:02:55 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-b76f6327-7e53-476e-85c8-1a6e68ab0422-003%22%2C%22zdxidn%22%3A%222064%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D%22%7D; path=/; expires=Fri, 14 Mar 2025 21:02:55 GMT; domain=.1rx.io; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D&cb=1710450175472
etag: RXb76f63277e53476e85c81a6e68ab0422003
GET

https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D&cb=1710450174620

msedge.exe

Remote address:

46.228.174.117:443

Request

GET /usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D&cb=1710450174620 HTTP/2.0
host: sync.1rx.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:02:55 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=22&uid=OPTOUT
etag: OPTOUT
GET

https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D&cb=1710450175472

msedge.exe

Remote address:

46.228.174.117:443

Request

GET /usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D&cb=1710450175472 HTTP/2.0
host: sync.1rx.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:02:56 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=22&uid=OPTOUT
etag: OPTOUT
GET

https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D21%26uid%3D%25%25VGUID%25%25

msedge.exe

Remote address:

208.93.169.131:443

Request

GET /rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D21%26uid%3D%25%25VGUID%25%25 HTTP/2.0
host: bh.contextweb.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-648c8fd498-rp9hr
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=21&uid=NGTdQ3cFIP02&ev=1&pid=561205
server: Jetty(10.0.14)
set-cookie: INGRESSCOOKIE=629d413f0dd75751; path=/; HttpOnly; Secure; SameSite=None
GET

https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D21%26uid%3D%25%25VGUID%25%25

msedge.exe

Remote address:

208.93.169.131:443

Request

GET /rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D21%26uid%3D%25%25VGUID%25%25 HTTP/2.0
host: bh.contextweb.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-648c8fd498-bmvbl
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=21&uid=BspzDj17LvZ1&ev=1&pid=561205
server: Jetty(10.0.14)
set-cookie: INGRESSCOOKIE=48e7372bb079d18b; path=/; HttpOnly; Secure; SameSite=None
GET

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25

msedge.exe

Remote address:

208.93.169.131:443

Request

GET /bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP/2.0
host: bh.contextweb.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-648c8fd498-wjlbl
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://rtb.gumgum.com/usersync?b=pln&i=OH30ljVOIAKw&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
server: Jetty(10.0.14)
set-cookie: INGRESSCOOKIE=8b6356b9018501cd; path=/; HttpOnly; Secure; SameSite=None
GET

https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D21%26uid%3D%25%25VGUID%25%25

msedge.exe

Remote address:

208.93.169.131:443

Request

GET /rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D21%26uid%3D%25%25VGUID%25%25 HTTP/2.0
host: bh.contextweb.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-648c8fd498-kc6cc
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=21&uid=X4mKnDPc87Ig&ev=1&pid=561205
server: Jetty(10.0.14)
set-cookie: INGRESSCOOKIE=42b9ac66e10c2cbf; path=/; HttpOnly; Secure; SameSite=None
GET

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25

msedge.exe

Remote address:

208.93.169.131:443

Request

GET /bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP/2.0
host: bh.contextweb.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-648c8fd498-g47ql
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://rtb.gumgum.com/usersync?b=pln&i=Ufy9yNPYe3PQ&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
server: Jetty(10.0.14)
set-cookie: INGRESSCOOKIE=464b58aa151d3db0; path=/; HttpOnly; Secure; SameSite=None
GET

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25

msedge.exe

Remote address:

208.93.169.131:443

Request

GET /bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP/2.0
host: bh.contextweb.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-648c8fd498-6s74h
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://rtb.gumgum.com/usersync?b=pln&i=ItdmU9063xnj&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
server: Jetty(10.0.14)
set-cookie: INGRESSCOOKIE=3ad18afb6608427a; path=/; HttpOnly; Secure; SameSite=None
GET

https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D21%26uid%3D%25%25VGUID%25%25

msedge.exe

Remote address:

208.93.169.131:443

Request

GET /rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D21%26uid%3D%25%25VGUID%25%25 HTTP/2.0
host: bh.contextweb.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-648c8fd498-m7nz4
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=21&uid=KviNMpP9O0fz&ev=1&pid=561205
server: Jetty(10.0.14)
set-cookie: INGRESSCOOKIE=6b455619cfa533d1; path=/; HttpOnly; Secure; SameSite=None
GET

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25

msedge.exe

Remote address:

208.93.169.131:443

Request

GET /bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP/2.0
host: bh.contextweb.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-648c8fd498-hqggp
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://rtb.gumgum.com/usersync?b=pln&i=L0Bf73rJbi5M&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
server: Jetty(10.0.14)
set-cookie: INGRESSCOOKIE=4211d75f44607a2f; path=/; HttpOnly; Secure; SameSite=None
DNS

122.55.17.81.in-addr.arpa

Remote address:

8.8.8.8:53

Request

122.55.17.81.in-addr.arpa

IN PTR

Response
DNS

122.55.17.81.in-addr.arpa

Remote address:

8.8.8.8:53

Request

122.55.17.81.in-addr.arpa

IN PTR

Response
DNS

ads.pubmatic.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ads.pubmatic.com

IN A

Response

ads.pubmatic.com

IN CNAME

pubmatic.edgekey.net

pubmatic.edgekey.net

IN CNAME

e6603.g.akamaiedge.net

e6603.g.akamaiedge.net

IN A

96.16.109.9
DNS

ads.pubmatic.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ads.pubmatic.com

IN A
DNS

ads.pubmatic.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ads.pubmatic.com

IN A
GET

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_d60c189c-d45a-4e99-8049-15696e9ce271&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__

msedge.exe

Remote address:

50.31.142.95:443

Request

GET /usersync/gumgum/?puid=e_d60c189c-d45a-4e99-8049-15696e9ce271&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP/1.1
Host: b1sync.zemanta.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Content-Type: text/html; charset=utf-8
Content-Length: 102
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Location: https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0
Pragma: no-cache
Date: Thu, 14 Mar 2024 21:02:56 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
GET

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_08e2a7d8-e9ec-49e3-a0d9-bbc73f0a29f4&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__

msedge.exe

Remote address:

50.31.142.95:443

Request

GET /usersync/gumgum/?puid=e_08e2a7d8-e9ec-49e3-a0d9-bbc73f0a29f4&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP/1.1
Host: b1sync.zemanta.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Content-Type: text/html; charset=utf-8
Content-Length: 102
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Location: https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0
Pragma: no-cache
Date: Thu, 14 Mar 2024 21:02:56 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
GET

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_0b60f980-b2dd-40ef-b061-b53e0d41f79e&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__

msedge.exe

Remote address:

50.31.142.95:443

Request

GET /usersync/gumgum/?puid=e_0b60f980-b2dd-40ef-b061-b53e0d41f79e&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP/1.1
Host: b1sync.zemanta.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Content-Type: text/html; charset=utf-8
Content-Length: 102
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Location: https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0
Pragma: no-cache
Date: Thu, 14 Mar 2024 21:02:57 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
GET

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_00e8c282-3417-4f43-a7a4-9c1df91e75da&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__

msedge.exe

Remote address:

50.31.142.95:443

Request

GET /usersync/gumgum/?puid=e_00e8c282-3417-4f43-a7a4-9c1df91e75da&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP/1.1
Host: b1sync.zemanta.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Content-Type: text/html; charset=utf-8
Content-Length: 102
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Location: https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0
Pragma: no-cache
Date: Thu, 14 Mar 2024 21:02:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
GET

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

msedge.exe

Remote address:

69.166.1.34:443

Request

GET /us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D HTTP/2.0
host: sync.go.sonobi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:55 GMT
content-type: image/gif
content-length: 49
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache, no-store, private
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
tcn: Choice
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-153
x-xss-protection: 0
set-cookie: HAPLB8G=s86153|ZfNmA; path=/; domain=.go.sonobi.com; SameSite=none; Secure
server: sonobi-go
GET

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

msedge.exe

Remote address:

69.166.1.34:443

Request

GET /us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D HTTP/2.0
host: sync.go.sonobi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:55 GMT
content-type: image/gif
content-length: 49
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache, no-store, private
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
tcn: Choice
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-70
x-xss-protection: 0
set-cookie: HAPLB8G=s8570|ZfNmA; path=/; domain=.go.sonobi.com; SameSite=none; Secure
server: sonobi-go
GET

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D82%26uid%3D%5Bssb_sync_pid%5D

msedge.exe

Remote address:

81.17.55.122:443

Request

GET /api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D82%26uid%3D%5Bssb_sync_pid%5D HTTP/2.0
host: ssbsync-global.smartadserver.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

content-length: 0
date: Thu, 14 Mar 2024 21:02:55 GMT
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=82&uid=4738301019224125103
set-cookie: pid=4738301019224125103; expires=Mon, 14 Apr 2025 21:01:55 GMT; domain=smartadserver.com; path=/; secure; samesite=none
GET

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D82%26uid%3D%5Bssb_sync_pid%5D

msedge.exe

Remote address:

81.17.55.122:443

Request

GET /api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D82%26uid%3D%5Bssb_sync_pid%5D HTTP/2.0
host: ssbsync-global.smartadserver.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

content-length: 0
date: Thu, 14 Mar 2024 21:02:55 GMT
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=82&uid=1801265269683367646
set-cookie: pid=1801265269683367646; expires=Mon, 14 Apr 2025 21:01:56 GMT; domain=smartadserver.com; path=/; secure; samesite=none
GET

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D82%26uid%3D%5Bssb_sync_pid%5D

msedge.exe

Remote address:

81.17.55.122:443

Request

GET /api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D82%26uid%3D%5Bssb_sync_pid%5D HTTP/2.0
host: ssbsync-global.smartadserver.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

content-length: 0
date: Thu, 14 Mar 2024 21:02:57 GMT
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=82&uid=1126488962173087412
set-cookie: pid=1126488962173087412; expires=Mon, 14 Apr 2025 21:01:58 GMT; domain=smartadserver.com; path=/; secure; samesite=none
GET

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

81.17.55.170:443

Request

GET /api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0 HTTP/2.0
host: ssbsync.smartadserver.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

content-length: 0
date: Thu, 14 Mar 2024 21:02:54 GMT
location: https://usersync.gumgum.com/usersync?b=sad&i=9053718131989130816
set-cookie: pid=9053718131989130816; expires=Mon, 14 Apr 2025 21:01:55 GMT; domain=smartadserver.com; path=/; secure; samesite=none
GET

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

81.17.55.170:443

Request

GET /api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0 HTTP/2.0
host: ssbsync.smartadserver.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

content-length: 0
date: Thu, 14 Mar 2024 21:02:55 GMT
location: https://usersync.gumgum.com/usersync?b=sad&i=6457097766592687760
set-cookie: pid=6457097766592687760; expires=Mon, 14 Apr 2025 21:01:56 GMT; domain=smartadserver.com; path=/; secure; samesite=none
GET

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

81.17.55.170:443

Request

GET /api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0 HTTP/2.0
host: ssbsync.smartadserver.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

content-length: 0
date: Thu, 14 Mar 2024 21:02:57 GMT
location: https://usersync.gumgum.com/usersync?b=sad&i=4982400275696954953
set-cookie: pid=4982400275696954953; expires=Mon, 14 Apr 2025 21:01:57 GMT; domain=smartadserver.com; path=/; secure; samesite=none
GET

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

81.17.55.170:443

Request

GET /api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0 HTTP/2.0
host: ssbsync.smartadserver.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

content-length: 0
date: Thu, 14 Mar 2024 21:02:58 GMT
location: https://usersync.gumgum.com/usersync?b=sad&i=4310997695062453897
set-cookie: pid=4310997695062453897; expires=Mon, 14 Apr 2025 21:01:58 GMT; domain=smartadserver.com; path=/; secure; samesite=none
GET

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

54.145.217.237:443

Request

GET /sync?nid=1&gdpr=0&gdpr_consent=0 HTTP/1.1
Host: sync.srv.stackadapt.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Content-Type: text/html; charset=utf-8
Date: Thu, 14 Mar 2024 21:02:56 GMT
Location: https://usersync.gumgum.com/usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59
Set-Cookie: sa-user-id=s%3A0-7c72b27d-100a-5436-77f4-3c22950a6cff.4oNH0tpHNZeUKiHAXKXF03RzTN7Z8mEmzcC%2FGL8cBjo; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id=s%3A0-7c72b27d-100a-5436-77f4-3c22950a6cff.4oNH0tpHNZeUKiHAXKXF03RzTN7Z8mEmzcC%2FGL8cBjo; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v2=s%3AfHKyfRAKVDZ39DwilQps_1mVFzs.BXalIGJNpQI1gJNcBOImgKbMQV12eayRN58JgMI4Uww; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v2=s%3AfHKyfRAKVDZ39DwilQps_1mVFzs.BXalIGJNpQI1gJNcBOImgKbMQV12eayRN58JgMI4Uww; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v3=s%3AAQAKIMMOVsnI_jD_pKT_cSzy-hgI7oLKJYzUyOvvzIIlC2wBEFsYBCCAzM2vBjABOgSG_qDnQgSWPmIK.lu27YdVTrPjw8yruu92nwZRjyqcq18V0MZB1%2FqF7%2Boo; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v3=s%3AAQAKIMMOVsnI_jD_pKT_cSzy-hgI7oLKJYzUyOvvzIIlC2wBEFsYBCCAzM2vBjABOgSG_qDnQgSWPmIK.lu27YdVTrPjw8yruu92nwZRjyqcq18V0MZB1%2FqF7%2Boo; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length: 126
Connection: keep-alive
GET

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

54.145.217.237:443

Request

GET /sync?nid=1&gdpr=0&gdpr_consent=0 HTTP/1.1
Host: sync.srv.stackadapt.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Content-Type: text/html; charset=utf-8
Date: Thu, 14 Mar 2024 21:02:56 GMT
Location: https://usersync.gumgum.com/usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59
Set-Cookie: sa-user-id=s%3A0-7c72b27d-100a-5436-77f4-3c22950a6cff.4oNH0tpHNZeUKiHAXKXF03RzTN7Z8mEmzcC%2FGL8cBjo; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id=s%3A0-7c72b27d-100a-5436-77f4-3c22950a6cff.4oNH0tpHNZeUKiHAXKXF03RzTN7Z8mEmzcC%2FGL8cBjo; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v2=s%3AfHKyfRAKVDZ39DwilQps_1mVFzs.BXalIGJNpQI1gJNcBOImgKbMQV12eayRN58JgMI4Uww; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v2=s%3AfHKyfRAKVDZ39DwilQps_1mVFzs.BXalIGJNpQI1gJNcBOImgKbMQV12eayRN58JgMI4Uww; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v3=s%3AAQAKIMMOVsnI_jD_pKT_cSzy-hgI7oLKJYzUyOvvzIIlC2wBEFsYBCCAzM2vBjABOgSG_qDnQgSDigDp.%2BCNLaHFcXtugJkUAyn27Aji2iR2L2Bwx%2F9hKUiZZUh4; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v3=s%3AAQAKIMMOVsnI_jD_pKT_cSzy-hgI7oLKJYzUyOvvzIIlC2wBEFsYBCCAzM2vBjABOgSG_qDnQgSDigDp.%2BCNLaHFcXtugJkUAyn27Aji2iR2L2Bwx%2F9hKUiZZUh4; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length: 126
Connection: keep-alive
GET

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

54.145.217.237:443

Request

GET /sync?nid=1&gdpr=0&gdpr_consent=0 HTTP/1.1
Host: sync.srv.stackadapt.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Content-Type: text/html; charset=utf-8
Date: Thu, 14 Mar 2024 21:02:57 GMT
Location: https://usersync.gumgum.com/usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59
Set-Cookie: sa-user-id=s%3A0-7c72b27d-100a-5436-77f4-3c22950a6cff.4oNH0tpHNZeUKiHAXKXF03RzTN7Z8mEmzcC%2FGL8cBjo; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id=s%3A0-7c72b27d-100a-5436-77f4-3c22950a6cff.4oNH0tpHNZeUKiHAXKXF03RzTN7Z8mEmzcC%2FGL8cBjo; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v2=s%3AfHKyfRAKVDZ39DwilQps_1mVFzs.BXalIGJNpQI1gJNcBOImgKbMQV12eayRN58JgMI4Uww; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v2=s%3AfHKyfRAKVDZ39DwilQps_1mVFzs.BXalIGJNpQI1gJNcBOImgKbMQV12eayRN58JgMI4Uww; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v3=s%3AAQAKIMMOVsnI_jD_pKT_cSzy-hgI7oLKJYzUyOvvzIIlC2wBEFsYBCCBzM2vBjABOgSG_qDnQgQXyGv7.J%2BAATFTFlw2ZZmyXRHKcZa82kV%2F8cZ%2F320%2FfBR%2Fo4lc; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v3=s%3AAQAKIMMOVsnI_jD_pKT_cSzy-hgI7oLKJYzUyOvvzIIlC2wBEFsYBCCBzM2vBjABOgSG_qDnQgQXyGv7.J%2BAATFTFlw2ZZmyXRHKcZa82kV%2F8cZ%2F320%2FfBR%2Fo4lc; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length: 126
Connection: keep-alive
GET

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

54.145.217.237:443

Request

GET /sync?nid=1&gdpr=0&gdpr_consent=0 HTTP/1.1
Host: sync.srv.stackadapt.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Content-Type: text/html; charset=utf-8
Date: Thu, 14 Mar 2024 21:02:58 GMT
Location: https://usersync.gumgum.com/usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59
Set-Cookie: sa-user-id=s%3A0-7c72b27d-100a-5436-77f4-3c22950a6cff.4oNH0tpHNZeUKiHAXKXF03RzTN7Z8mEmzcC%2FGL8cBjo; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id=s%3A0-7c72b27d-100a-5436-77f4-3c22950a6cff.4oNH0tpHNZeUKiHAXKXF03RzTN7Z8mEmzcC%2FGL8cBjo; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v2=s%3AfHKyfRAKVDZ39DwilQps_1mVFzs.BXalIGJNpQI1gJNcBOImgKbMQV12eayRN58JgMI4Uww; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v2=s%3AfHKyfRAKVDZ39DwilQps_1mVFzs.BXalIGJNpQI1gJNcBOImgKbMQV12eayRN58JgMI4Uww; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v3=s%3AAQAKIMMOVsnI_jD_pKT_cSzy-hgI7oLKJYzUyOvvzIIlC2wBEFsYBCCCzM2vBjABOgSG_qDnQgSMivau.HXxoHFZfefqXOwQOLcOHwktzYpGL0f%2B1tr2Timlqf08; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v3=s%3AAQAKIMMOVsnI_jD_pKT_cSzy-hgI7oLKJYzUyOvvzIIlC2wBEFsYBCCCzM2vBjABOgSG_qDnQgSMivau.HXxoHFZfefqXOwQOLcOHwktzYpGL0f%2B1tr2Timlqf08; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length: 126
Connection: keep-alive
GET

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D

msedge.exe

Remote address:

52.71.44.145:443

Request

GET /d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP/1.1
Host: sync.ipredictive.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Content-Type: text/html; charset=utf-8
Date: Thu, 14 Mar 2024 21:02:56 GMT
Location: https://usersync.gumgum.com/usersync?b=vnt&i=1bb208a9-71cd-441e-b433-bd2a94f46887
Set-Cookie: cu=1bb208a9-71cd-441e-b433-bd2a94f46887|1710450176844; Path=/; Domain=ipredictive.com; Expires=Fri, 14 Mar 2025 21:02:56 GMT; Max-Age=31536000; SameSite=None; Secure
X-CI-RTID: e0d472cb-6d22-4017-ad99-222a5180564c
Content-Length: 108
Connection: keep-alive
GET

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D

msedge.exe

Remote address:

52.71.44.145:443

Request

GET /d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP/1.1
Host: sync.ipredictive.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Content-Type: text/html; charset=utf-8
Date: Thu, 14 Mar 2024 21:02:56 GMT
Location: https://usersync.gumgum.com/usersync?b=vnt&i=d22982e6-1841-4d86-8590-f97f2deed684
Set-Cookie: cu=d22982e6-1841-4d86-8590-f97f2deed684|1710450176985; Path=/; Domain=ipredictive.com; Expires=Fri, 14 Mar 2025 21:02:56 GMT; Max-Age=31536000; SameSite=None; Secure
X-CI-RTID: f8b19e57-039f-4668-b0d1-1a052e55de67
Content-Length: 108
Connection: keep-alive
GET

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D

msedge.exe

Remote address:

52.71.44.145:443

Request

GET /d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP/1.1
Host: sync.ipredictive.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Content-Type: text/html; charset=utf-8
Date: Thu, 14 Mar 2024 21:02:57 GMT
Location: https://usersync.gumgum.com/usersync?b=vnt&i=e7d38da1-fadb-449b-a2d6-e45d17d4228d
Set-Cookie: cu=e7d38da1-fadb-449b-a2d6-e45d17d4228d|1710450177395; Path=/; Domain=ipredictive.com; Expires=Fri, 14 Mar 2025 21:02:57 GMT; Max-Age=31536000; SameSite=None; Secure
X-CI-RTID: 9a41cf74-149d-47e9-b6ca-e45363e50433
Content-Length: 108
Connection: keep-alive
GET

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D

msedge.exe

Remote address:

52.71.44.145:443

Request

GET /d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP/1.1
Host: sync.ipredictive.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Content-Type: text/html; charset=utf-8
Date: Thu, 14 Mar 2024 21:02:58 GMT
Location: https://usersync.gumgum.com/usersync?b=vnt&i=7a4e0d22-1f4f-48cc-9d70-898b7e03d9f1
Set-Cookie: cu=7a4e0d22-1f4f-48cc-9d70-898b7e03d9f1|1710450178755; Path=/; Domain=ipredictive.com; Expires=Fri, 14 Mar 2025 21:02:58 GMT; Max-Age=31536000; SameSite=None; Secure
X-CI-RTID: 74228450-4cfd-4baa-9ed8-ecd9b9e87bf8
Content-Length: 108
Connection: keep-alive
GET

https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=zem&i=&gdpr=0&gdpr_consent=0 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:56 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:56 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:57 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=vnt&i=d22982e6-1841-4d86-8590-f97f2deed684

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=vnt&i=d22982e6-1841-4d86-8590-f97f2deed684 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:57 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=sus&i=ZfNmAcCo8YsAALcG.zcAAAAA

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=sus&i=ZfNmAcCo8YsAALcG.zcAAAAA HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:57 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:57 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=vnt&i=e7d38da1-fadb-449b-a2d6-e45d17d4228d

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=vnt&i=e7d38da1-fadb-449b-a2d6-e45d17d4228d HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:57 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=zem&i=&gdpr=0&gdpr_consent=0 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:57 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=opx&i=b7809852-e5d8-4d7d-890f-f7a17642baec&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=opx&i=b7809852-e5d8-4d7d-890f-f7a17642baec&gdpr=0&gdpr_consent=0 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:58 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=sad&i=4310997695062453897

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=sad&i=4310997695062453897 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:58 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=vnt&i=7a4e0d22-1f4f-48cc-9d70-898b7e03d9f1

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=vnt&i=7a4e0d22-1f4f-48cc-9d70-898b7e03d9f1 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:58 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=opx&i=83bd776a-d624-446f-94ad-f3204e39e0d0&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=opx&i=83bd776a-d624-446f-94ad-f3204e39e0d0&gdpr=0&gdpr_consent=0 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:58 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D

msedge.exe

Remote address:

169.197.150.8:443

Request

GET /usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D HTTP/2.0
host: match.deepintent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 0
date: Thu, 14 Mar 2024 21:02:56 GMT
server: b
GET

https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D

msedge.exe

Remote address:

169.197.150.8:443

Request

GET /usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D HTTP/2.0
host: match.deepintent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 0
date: Thu, 14 Mar 2024 21:02:55 GMT
server: b
GET

https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D

msedge.exe

Remote address:

169.197.150.8:443

Request

GET /usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D HTTP/2.0
host: match.deepintent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 0
date: Thu, 14 Mar 2024 21:02:56 GMT
server: b
GET

https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D

msedge.exe

Remote address:

169.197.150.8:443

Request

GET /usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D HTTP/2.0
host: match.deepintent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 0
date: Thu, 14 Mar 2024 21:02:57 GMT
server: b
GET

https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D

msedge.exe

Remote address:

169.197.150.8:443

Request

GET /usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D HTTP/2.0
host: match.deepintent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 0
date: Thu, 14 Mar 2024 21:03:22 GMT
server: b
GET

https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D

msedge.exe

Remote address:

169.197.150.8:443

Request

GET /usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D HTTP/2.0
host: match.deepintent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 0
date: Thu, 14 Mar 2024 21:03:25 GMT
server: b
GET

https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D

msedge.exe

Remote address:

169.197.150.8:443

Request

GET /usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D HTTP/2.0
host: match.deepintent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 0
date: Thu, 14 Mar 2024 21:03:25 GMT
server: b
GET

https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D

msedge.exe

Remote address:

169.197.150.8:443

Request

GET /usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D HTTP/2.0
host: match.deepintent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 0
date: Thu, 14 Mar 2024 21:03:28 GMT
server: b
GET

https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D

msedge.exe

Remote address:

169.197.150.8:443

Request

GET /usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D HTTP/2.0
host: match.deepintent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 0
date: Thu, 14 Mar 2024 21:03:31 GMT
server: b
GET

https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D

msedge.exe

Remote address:

169.197.150.8:443

Request

GET /usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D HTTP/2.0
host: match.deepintent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 0
date: Thu, 14 Mar 2024 21:03:54 GMT
server: b
GET

https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D

msedge.exe

Remote address:

169.197.150.8:443

Request

GET /usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D HTTP/2.0
host: match.deepintent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 0
date: Thu, 14 Mar 2024 21:03:57 GMT
server: b
GET

https://usersync.gumgum.com/usersync?b=apn&i=0

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=apn&i=0 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:58 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=zem&i=&gdpr=0&gdpr_consent=0 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:58 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=apn&i=0

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=apn&i=0 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:58 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=sus&i=ZfNmA8Co8YsAALcG..oAAAAA

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=sus&i=ZfNmA8Co8YsAALcG..oAAAAA HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:02:59 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=sad&i=6376218296843874213

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=sad&i=6376218296843874213 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:03:24 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=sus&i=ZfNmHcCo5sEAAFcQrhQAAAAA

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=sus&i=ZfNmHcCo5sEAAFcQrhQAAAAA HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:03:25 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=apn&i=0

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=apn&i=0 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:03:25 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:03:25 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=zem&i=&gdpr=0&gdpr_consent=0 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:03:26 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=vnt&i=d2bf796b-9d2e-4fe1-acb0-8d80710624af

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=vnt&i=d2bf796b-9d2e-4fe1-acb0-8d80710624af HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:03:26 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=zem&i=&gdpr=0&gdpr_consent=0 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:03:26 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=vnt&i=e4f8a2a7-8915-4836-92da-a15e92cb5e3f

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=vnt&i=e4f8a2a7-8915-4836-92da-a15e92cb5e3f HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:03:31 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=opx&i=a4b4a695-1822-4dd5-89ba-edd5aedfec05&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=opx&i=a4b4a695-1822-4dd5-89ba-edd5aedfec05&gdpr=0&gdpr_consent=0 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:03:32 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=zem&i=&gdpr=0&gdpr_consent=0 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:03:24 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=vnt&i=ca6d87e0-e4ea-4d7c-898d-fe74a7f8fc64

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=vnt&i=ca6d87e0-e4ea-4d7c-898d-fe74a7f8fc64 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:03:24 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=apn&i=0

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=apn&i=0 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:03:25 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:03:25 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=apn&i=0

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=apn&i=0 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:03:25 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:03:31 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:03:32 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=sus&i=ZfNmJMCo5sEAAFcQsLEAAAAA

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=sus&i=ZfNmJMCo5sEAAFcQsLEAAAAA HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:03:32 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

msedge.exe

Remote address:

69.166.1.34:443

Request

GET /us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D HTTP/2.0
host: sync.go.sonobi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:02:57 GMT
content-type: image/gif
content-length: 49
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache, no-store, private
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
tcn: Choice
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-134
x-xss-protection: 0
set-cookie: HAPLB8G=s86134|ZfNmB; path=/; domain=.go.sonobi.com; SameSite=none; Secure
server: sonobi-go
GET

https://usersync.gumgum.com/usersync?b=sus&i=ZfNmG8Co5sEAAFcQrYAAAAAA

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=sus&i=ZfNmG8Co5sEAAFcQrYAAAAAA HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:03:24 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:03:24 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=opx&i=07a440bb-02b8-4a8e-b5ca-3d0a91b668de&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=opx&i=07a440bb-02b8-4a8e-b5ca-3d0a91b668de&gdpr=0&gdpr_consent=0 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:03:24 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=opx&i=f73ea143-ace6-4b70-8d9c-d1fca85da750&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=opx&i=f73ea143-ace6-4b70-8d9c-d1fca85da750&gdpr=0&gdpr_consent=0 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:03:25 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=vnt&i=186ac31b-48ee-4396-bbc4-45d116fd0ecd

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=vnt&i=186ac31b-48ee-4396-bbc4-45d116fd0ecd HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:03:26 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=sad&i=6568365070558539633

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=sad&i=6568365070558539633 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:03:26 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=zem&i=&gdpr=0&gdpr_consent=0 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:03:31 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

52.210.15.1:443

Request

GET /usersync?b=zem&i=&gdpr=0&gdpr_consent=0 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:03:32 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
DNS

48.229.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

48.229.111.52.in-addr.arpa

IN PTR

Response
DNS

48.229.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

48.229.111.52.in-addr.arpa

IN PTR

Response
DNS

eb2.3lift.com

msedge.exe

Remote address:

8.8.8.8:53

Request

eb2.3lift.com

IN A

Response

eb2.3lift.com

IN CNAME

eu-eb2.3lift.com

eu-eb2.3lift.com

IN A

13.248.245.213

eu-eb2.3lift.com

IN A

76.223.111.18
DNS

eb2.3lift.com

msedge.exe

Remote address:

8.8.8.8:53

Request

eb2.3lift.com

IN A

Response

eb2.3lift.com

IN CNAME

eu-eb2.3lift.com

eu-eb2.3lift.com

IN A

13.248.245.213

eu-eb2.3lift.com

IN A

76.223.111.18
GET

https://prebid-server.rubiconproject.com/getuids

msedge.exe

Remote address:

213.19.162.71:443

Request

GET /getuids HTTP/1.1
Host: prebid-server.rubiconproject.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
Accept: */*
Origin: https://s.0cf.io
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://s.0cf.io/?gdpr=1&gdprConsent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&bidid=321206534-19072067-24490-0&id=191beab17e050a2&uid=
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
access-control-allow-credentials: true
access-control-allow-origin: https://s.0cf.io
Content-Type: application/json;charset=utf-8
content-encoding: gzip
content-length: 28
GET

https://prebid-server.rubiconproject.com/getuids

msedge.exe

Remote address:

213.19.162.71:443

Request

GET /getuids HTTP/1.1
Host: prebid-server.rubiconproject.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
Accept: */*
Origin: https://s.0cf.io
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
access-control-allow-credentials: true
access-control-allow-origin: https://s.0cf.io
Content-Type: application/json;charset=utf-8
content-encoding: gzip
content-length: 28
GET

https://prebid-server.rubiconproject.com/getuids

msedge.exe

Remote address:

213.19.162.71:443

Request

GET /getuids HTTP/1.1
Host: prebid-server.rubiconproject.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
Accept: */*
Origin: https://s.0cf.io
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
access-control-allow-credentials: true
access-control-allow-origin: https://s.0cf.io
Content-Type: application/json;charset=utf-8
content-encoding: gzip
content-length: 28
GET

https://prebid-server.rubiconproject.com/getuids

msedge.exe

Remote address:

213.19.162.71:443

Request

GET /getuids HTTP/1.1
Host: prebid-server.rubiconproject.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
Accept: */*
Origin: https://s.0cf.io
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
access-control-allow-credentials: true
access-control-allow-origin: https://s.0cf.io
Content-Type: application/json;charset=utf-8
content-encoding: gzip
content-length: 28
GET

https://prebid-server.rubiconproject.com/getuids

msedge.exe

Remote address:

213.19.162.71:443

Request

GET /getuids HTTP/1.1
Host: prebid-server.rubiconproject.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
Accept: */*
Origin: https://s.0cf.io
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
access-control-allow-credentials: true
access-control-allow-origin: https://s.0cf.io
Content-Type: application/json;charset=utf-8
content-encoding: gzip
content-length: 28
GET

https://prebid-server.rubiconproject.com/getuids

msedge.exe

Remote address:

213.19.162.71:443

Request

GET /getuids HTTP/1.1
Host: prebid-server.rubiconproject.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
Accept: */*
Origin: https://s.0cf.io
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
access-control-allow-credentials: true
access-control-allow-origin: https://s.0cf.io
Content-Type: application/json;charset=utf-8
content-encoding: gzip
content-length: 28
GET

https://prebid-server.rubiconproject.com/getuids

msedge.exe

Remote address:

213.19.162.71:443

Request

GET /getuids HTTP/1.1
Host: prebid-server.rubiconproject.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
Accept: */*
Origin: https://s.0cf.io
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
access-control-allow-credentials: true
access-control-allow-origin: https://s.0cf.io
Content-Type: application/json;charset=utf-8
content-encoding: gzip
content-length: 28
GET

https://prebid-server.rubiconproject.com/getuids

msedge.exe

Remote address:

213.19.162.71:443

Request

GET /getuids HTTP/1.1
Host: prebid-server.rubiconproject.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
Accept: */*
Origin: https://s.0cf.io
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
access-control-allow-credentials: true
access-control-allow-origin: https://s.0cf.io
Content-Type: application/json;charset=utf-8
content-encoding: gzip
content-length: 28
GET

https://prebid-server.rubiconproject.com/getuids

msedge.exe

Remote address:

213.19.162.71:443

Request

GET /getuids HTTP/1.1
Host: prebid-server.rubiconproject.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
Accept: */*
Origin: https://s.0cf.io
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
access-control-allow-credentials: true
access-control-allow-origin: https://s.0cf.io
Content-Type: application/json;charset=utf-8
content-encoding: gzip
content-length: 28
GET

https://prebid-server.rubiconproject.com/getuids

msedge.exe

Remote address:

213.19.162.71:443

Request

GET /getuids HTTP/1.1
Host: prebid-server.rubiconproject.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
Accept: */*
Origin: https://s.0cf.io
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
access-control-allow-credentials: true
access-control-allow-origin: https://s.0cf.io
Content-Type: application/json;charset=utf-8
content-encoding: gzip
content-length: 28
DNS

prebid-match.dotomi.com

msedge.exe

Remote address:

8.8.8.8:53

Request

prebid-match.dotomi.com

IN A

Response

prebid-match.dotomi.com

IN CNAME

bfp.global.dual.dotomi.weighted.com.akadns.net

bfp.global.dual.dotomi.weighted.com.akadns.net

IN A

63.215.202.172
DNS

prebid-match.dotomi.com

msedge.exe

Remote address:

8.8.8.8:53

Request

prebid-match.dotomi.com

IN A
DNS

rtb.openx.net

msedge.exe

Remote address:

8.8.8.8:53

Request

rtb.openx.net

IN A

Response

rtb.openx.net

IN A

35.186.253.211

rtb.openx.net

IN A

35.227.252.103
DNS

rtb.openx.net

msedge.exe

Remote address:

8.8.8.8:53

Request

rtb.openx.net

IN A

Response

rtb.openx.net

IN A

35.186.253.211

rtb.openx.net

IN A

35.227.252.103
DNS

ap.lijit.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ap.lijit.com

IN A

Response

ap.lijit.com

IN CNAME

vap.lijit.com

vap.lijit.com

IN CNAME

emeas.vap.lijit.com

emeas.vap.lijit.com

IN CNAME

eu.vap.lijit.com

eu.vap.lijit.com

IN CNAME

blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com

blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com

IN A

34.241.235.21

blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com

IN A

54.76.67.130

blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com

IN A

54.171.115.220

blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com

IN A

52.51.133.117

blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com

IN A

52.49.50.56

blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com

IN A

34.249.26.20

blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com

IN A

52.17.188.161

blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com

IN A

54.76.233.138
DNS

ap.lijit.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ap.lijit.com

IN A

Response

ap.lijit.com

IN CNAME

vap.lijit.com

vap.lijit.com

IN CNAME

emeas.vap.lijit.com

emeas.vap.lijit.com

IN CNAME

eu.vap.lijit.com

eu.vap.lijit.com

IN CNAME

blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com

blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com

IN A

52.30.255.45

blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com

IN A

52.17.165.98

blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com

IN A

52.19.161.39

blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com

IN A

52.19.77.215

blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com

IN A

99.80.209.81

blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com

IN A

54.246.138.33

blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com

IN A

54.76.67.130

blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com

IN A

54.247.62.209
GET

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

msedge.exe

Remote address:

69.166.1.34:443

Request

GET /us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D HTTP/2.0
host: sync.go.sonobi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:22 GMT
content-type: image/gif
content-length: 49
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache, no-store, private
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
tcn: Choice
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-29
x-xss-protection: 0
set-cookie: HAPLB8G=s8629|ZfNmH; path=/; domain=.go.sonobi.com; SameSite=none; Secure
server: sonobi-go
GET

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

msedge.exe

Remote address:

69.166.1.34:443

Request

GET /us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D HTTP/2.0
host: sync.go.sonobi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:22 GMT
content-type: image/gif
content-length: 49
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache, no-store, private
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
tcn: Choice
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-18
x-xss-protection: 0
set-cookie: HAPLB8G=s8618|ZfNmH; path=/; domain=.go.sonobi.com; SameSite=none; Secure
server: sonobi-go
GET

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

msedge.exe

Remote address:

69.166.1.34:443

Request

GET /us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D HTTP/2.0
host: sync.go.sonobi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:23 GMT
content-type: image/gif
content-length: 49
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache, no-store, private
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
tcn: Choice
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-154
x-xss-protection: 0
set-cookie: HAPLB8G=s86154|ZfNmH; path=/; domain=.go.sonobi.com; SameSite=none; Secure
server: sonobi-go
GET

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

msedge.exe

Remote address:

69.166.1.34:443

Request

GET /us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D HTTP/2.0
host: sync.go.sonobi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:23 GMT
content-type: image/gif
content-length: 49
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache, no-store, private
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
tcn: Choice
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-166
x-xss-protection: 0
set-cookie: HAPLB8G=s85166|ZfNmH; path=/; domain=.go.sonobi.com; SameSite=none; Secure
server: sonobi-go
GET

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

msedge.exe

Remote address:

69.166.1.34:443

Request

GET /us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D HTTP/2.0
host: sync.go.sonobi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:24 GMT
content-type: image/gif
content-length: 49
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache, no-store, private
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
tcn: Choice
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-11
x-xss-protection: 0
set-cookie: HAPLB8G=s8511|ZfNmH; path=/; domain=.go.sonobi.com; SameSite=none; Secure
server: sonobi-go
GET

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

msedge.exe

Remote address:

69.166.1.34:443

Request

GET /us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D HTTP/2.0
host: sync.go.sonobi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:24 GMT
content-type: image/gif
content-length: 49
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache, no-store, private
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
tcn: Choice
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-47
x-xss-protection: 0
set-cookie: HAPLB8G=s8547|ZfNmH; path=/; domain=.go.sonobi.com; SameSite=none; Secure
server: sonobi-go
DNS

ups.analytics.yahoo.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ups.analytics.yahoo.com

IN A

Response

ups.analytics.yahoo.com

IN CNAME

prod.ups-ats.aolp-ds-prd.aws.oath.cloud

prod.ups-ats.aolp-ds-prd.aws.oath.cloud

IN CNAME

prod.ups-ats.eu-central-1.aolp-ds-prd.aws.oath.cloud

prod.ups-ats.eu-central-1.aolp-ds-prd.aws.oath.cloud

IN CNAME

ats-eks.eu-central-1.dcs-online-targeting-prd.aws.oath.cloud

ats-eks.eu-central-1.dcs-online-targeting-prd.aws.oath.cloud

IN A

3.71.149.231

ats-eks.eu-central-1.dcs-online-targeting-prd.aws.oath.cloud

IN A

3.75.62.37
DNS

ups.analytics.yahoo.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ups.analytics.yahoo.com

IN A

Response

ups.analytics.yahoo.com

IN CNAME

prod.ups-ats.aolp-ds-prd.aws.oath.cloud

prod.ups-ats.aolp-ds-prd.aws.oath.cloud

IN CNAME

prod.ups-ats.eu-central-1.aolp-ds-prd.aws.oath.cloud

prod.ups-ats.eu-central-1.aolp-ds-prd.aws.oath.cloud

IN CNAME

ats-eks.eu-central-1.dcs-online-targeting-prd.aws.oath.cloud

ats-eks.eu-central-1.dcs-online-targeting-prd.aws.oath.cloud

IN A

3.75.62.37

ats-eks.eu-central-1.dcs-online-targeting-prd.aws.oath.cloud

IN A

3.71.149.231
GET

https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

msedge.exe

Remote address:

67.202.105.24:443

Request

GET /ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X HTTP/2.0
host: ssc-cms.33across.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

x-33x-status: 2800208
server: 33XP018
date: Thu, 14 Mar 2024 21:03:22 GMT
GET

https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

msedge.exe

Remote address:

67.202.105.24:443

Request

GET /ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X HTTP/2.0
host: ssc-cms.33across.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

x-33x-status: 2800208
server: 33XP011
date: Thu, 14 Mar 2024 21:03:22 GMT
GET

https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

msedge.exe

Remote address:

67.202.105.24:443

Request

GET /ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X HTTP/2.0
host: ssc-cms.33across.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

x-33x-status: 2800208
server: 33XP007
date: Thu, 14 Mar 2024 21:03:22 GMT
GET

https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

msedge.exe

Remote address:

67.202.105.24:443

Request

GET /ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X HTTP/2.0
host: ssc-cms.33across.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

x-33x-status: 2800208
server: 33XP015
date: Thu, 14 Mar 2024 21:03:22 GMT
GET

https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

msedge.exe

Remote address:

67.202.105.24:443

Request

GET /ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X HTTP/2.0
host: ssc-cms.33across.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

x-33x-status: 2800208
server: 33XP020
date: Thu, 14 Mar 2024 21:03:23 GMT
GET

https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

msedge.exe

Remote address:

67.202.105.24:443

Request

GET /ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X HTTP/2.0
host: ssc-cms.33across.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

x-33x-status: 2800208
server: 33XP015
date: Thu, 14 Mar 2024 21:03:24 GMT
GET

https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

msedge.exe

Remote address:

67.202.105.24:443

Request

GET /ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X HTTP/2.0
host: ssc-cms.33across.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

x-33x-status: 2800208
server: 33XP015
date: Thu, 14 Mar 2024 21:03:26 GMT
GET

https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

msedge.exe

Remote address:

67.202.105.24:443

Request

GET /ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X HTTP/2.0
host: ssc-cms.33across.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

x-33x-status: 2800208
server: 33XP003
date: Thu, 14 Mar 2024 21:03:27 GMT
GET

https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

msedge.exe

Remote address:

67.202.105.24:443

Request

GET /ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X HTTP/2.0
host: ssc-cms.33across.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

x-33x-status: 2800208
server: 33XP009
date: Thu, 14 Mar 2024 21:03:29 GMT
GET

https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

msedge.exe

Remote address:

67.202.105.24:443

Request

GET /ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X HTTP/2.0
host: ssc-cms.33across.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

x-33x-status: 2800208
server: 33XP016
date: Thu, 14 Mar 2024 21:03:31 GMT
DNS

match.sharethrough.com

msedge.exe

Remote address:

8.8.8.8:53

Request

match.sharethrough.com

IN A

Response

match.sharethrough.com

IN CNAME

match-eu-central-1-ecs.sharethrough.com

match-eu-central-1-ecs.sharethrough.com

IN A

18.197.241.118

match-eu-central-1-ecs.sharethrough.com

IN A

18.153.34.228

match-eu-central-1-ecs.sharethrough.com

IN A

52.29.151.147

match-eu-central-1-ecs.sharethrough.com

IN A

18.158.75.183

match-eu-central-1-ecs.sharethrough.com

IN A

52.59.69.244

match-eu-central-1-ecs.sharethrough.com

IN A

3.122.73.140

match-eu-central-1-ecs.sharethrough.com

IN A

3.122.11.77

match-eu-central-1-ecs.sharethrough.com

IN A

52.28.186.109
DNS

match.sharethrough.com

msedge.exe

Remote address:

8.8.8.8:53

Request

match.sharethrough.com

IN A
DNS

rtb.gumgum.com

msedge.exe

Remote address:

8.8.8.8:53

Request

rtb.gumgum.com

IN A

Response

rtb.gumgum.com

IN A

52.208.188.224

rtb.gumgum.com

IN A

54.220.54.244

rtb.gumgum.com

IN A

52.213.137.156

rtb.gumgum.com

IN A

52.19.81.220

rtb.gumgum.com

IN A

52.211.35.42

rtb.gumgum.com

IN A

79.125.101.2

rtb.gumgum.com

IN A

52.51.111.200

rtb.gumgum.com

IN A

52.215.125.147
DNS

rtb.gumgum.com

msedge.exe

Remote address:

8.8.8.8:53

Request

rtb.gumgum.com

IN A
GET

https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D21%26uid%3D%25%25VGUID%25%25

msedge.exe

Remote address:

208.93.169.131:443

Request

GET /rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D21%26uid%3D%25%25VGUID%25%25 HTTP/2.0
host: bh.contextweb.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-648c8fd498-wjlbl
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=21&uid=5aOpSNAIgcRj&ev=1&pid=561205
server: Jetty(10.0.14)
set-cookie: INGRESSCOOKIE=8b6356b9018501cd; path=/; HttpOnly; Secure; SameSite=None
GET

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25

msedge.exe

Remote address:

208.93.169.131:443

Request

GET /bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP/2.0
host: bh.contextweb.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-648c8fd498-wjlbl
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://rtb.gumgum.com/usersync?b=pln&i=izXJ73XKSLvs&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
server: Jetty(10.0.14)
set-cookie: INGRESSCOOKIE=8b6356b9018501cd; path=/; HttpOnly; Secure; SameSite=None
GET

https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D21%26uid%3D%25%25VGUID%25%25

msedge.exe

Remote address:

208.93.169.131:443

Request

GET /rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D21%26uid%3D%25%25VGUID%25%25 HTTP/2.0
host: bh.contextweb.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-648c8fd498-rp9hr
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=21&uid=5AM4w3blfYyC&ev=1&pid=561205
server: Jetty(10.0.14)
set-cookie: INGRESSCOOKIE=629d413f0dd75751; path=/; HttpOnly; Secure; SameSite=None
GET

https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D21%26uid%3D%25%25VGUID%25%25

msedge.exe

Remote address:

208.93.169.131:443

Request

GET /rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D21%26uid%3D%25%25VGUID%25%25 HTTP/2.0
host: bh.contextweb.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-648c8fd498-w7vtd
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=21&uid=mLolX2k0fyQc&ev=1&pid=561205
server: Jetty(10.0.14)
set-cookie: INGRESSCOOKIE=c2d2e3358e193120; path=/; HttpOnly; Secure; SameSite=None
GET

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25

msedge.exe

Remote address:

208.93.169.131:443

Request

GET /bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP/2.0
host: bh.contextweb.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-648c8fd498-hqggp
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://rtb.gumgum.com/usersync?b=pln&i=SjniNnKYwa1T&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
server: Jetty(10.0.14)
set-cookie: INGRESSCOOKIE=4211d75f44607a2f; path=/; HttpOnly; Secure; SameSite=None
GET

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25

msedge.exe

Remote address:

208.93.169.131:443

Request

GET /bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP/2.0
host: bh.contextweb.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-648c8fd498-gwzkc
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://rtb.gumgum.com/usersync?b=pln&i=ihacTQoybGWj&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
server: Jetty(10.0.14)
set-cookie: INGRESSCOOKIE=9cb7050d841abbc6; path=/; HttpOnly; Secure; SameSite=None
GET

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25

msedge.exe

Remote address:

208.93.169.131:443

Request

GET /bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP/2.0
host: bh.contextweb.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-648c8fd498-wcs9h
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://rtb.gumgum.com/usersync?b=pln&i=tZfjeiZg8Uf2&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
server: Jetty(10.0.14)
set-cookie: INGRESSCOOKIE=969e8841b05c78f7; path=/; HttpOnly; Secure; SameSite=None
GET

https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D21%26uid%3D%25%25VGUID%25%25

msedge.exe

Remote address:

208.93.169.131:443

Request

GET /rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D21%26uid%3D%25%25VGUID%25%25 HTTP/2.0
host: bh.contextweb.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-648c8fd498-kbzds
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=21&uid=RwRjVmxYm6We&ev=1&pid=561205
server: Jetty(10.0.14)
set-cookie: INGRESSCOOKIE=d6b42e6012428fd7; path=/; HttpOnly; Secure; SameSite=None
GET

https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D21%26uid%3D%25%25VGUID%25%25

msedge.exe

Remote address:

208.93.169.131:443

Request

GET /rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D21%26uid%3D%25%25VGUID%25%25 HTTP/2.0
host: bh.contextweb.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-648c8fd498-6fszf
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=21&uid=xDl3FFASWczu&ev=1&pid=561205
server: Jetty(10.0.14)
set-cookie: INGRESSCOOKIE=04d3b19c713cd0c4; path=/; HttpOnly; Secure; SameSite=None
GET

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25

msedge.exe

Remote address:

208.93.169.131:443

Request

GET /bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP/2.0
host: bh.contextweb.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-648c8fd498-hqggp
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://rtb.gumgum.com/usersync?b=pln&i=EWTUH4iT49ui&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
server: Jetty(10.0.14)
set-cookie: INGRESSCOOKIE=4211d75f44607a2f; path=/; HttpOnly; Secure; SameSite=None
DNS

sync.mathtag.com

msedge.exe

Remote address:

8.8.8.8:53

Request

sync.mathtag.com

IN A

Response

sync.mathtag.com

IN CNAME

pixel-origin.mathtag.com

pixel-origin.mathtag.com

IN A

216.200.232.253

pixel-origin.mathtag.com

IN A

216.200.232.249

pixel-origin.mathtag.com

IN A

74.121.140.211
DNS

sync.mathtag.com

msedge.exe

Remote address:

8.8.8.8:53

Request

sync.mathtag.com

IN A

Response

sync.mathtag.com

IN CNAME

pixel-origin.mathtag.com

pixel-origin.mathtag.com

IN A

216.200.232.249

pixel-origin.mathtag.com

IN A

74.121.140.211

pixel-origin.mathtag.com

IN A

216.200.232.253
DNS

hbx.media.net

msedge.exe

Remote address:

8.8.8.8:53

Request

hbx.media.net

IN A

Response

hbx.media.net

IN A

23.44.232.24
DNS

hbx.media.net

msedge.exe

Remote address:

8.8.8.8:53

Request

hbx.media.net

IN A

Response

hbx.media.net

IN A

23.44.232.24
DNS

tg.socdm.com

msedge.exe

Remote address:

8.8.8.8:53

Request

tg.socdm.com

IN A

Response

tg.socdm.com

IN CNAME

tg.dr.socdm.com

tg.dr.socdm.com

IN A

211.120.53.204

tg.dr.socdm.com

IN A

124.146.153.164

tg.dr.socdm.com

IN A

211.120.53.202

tg.dr.socdm.com

IN A

124.146.153.163

tg.dr.socdm.com

IN A

211.120.53.205

tg.dr.socdm.com

IN A

124.146.153.169

tg.dr.socdm.com

IN A

124.146.153.167

tg.dr.socdm.com

IN A

124.146.153.165

tg.dr.socdm.com

IN A

211.120.53.201

tg.dr.socdm.com

IN A

124.146.153.166

tg.dr.socdm.com

IN A

124.146.153.168

tg.dr.socdm.com

IN A

124.146.153.160

tg.dr.socdm.com

IN A

211.120.53.203

tg.dr.socdm.com

IN A

211.120.53.200

tg.dr.socdm.com

IN A

211.120.53.206

tg.dr.socdm.com

IN A

124.146.153.162

tg.dr.socdm.com

IN A

124.146.153.161

tg.dr.socdm.com

IN A

124.146.153.170
DNS

tg.socdm.com

msedge.exe

Remote address:

8.8.8.8:53

Request

tg.socdm.com

IN A

Response

tg.socdm.com

IN CNAME

tg.dr.socdm.com

tg.dr.socdm.com

IN A

211.120.53.202

tg.dr.socdm.com

IN A

124.146.153.162

tg.dr.socdm.com

IN A

124.146.153.164

tg.dr.socdm.com

IN A

124.146.153.169

tg.dr.socdm.com

IN A

211.120.53.201

tg.dr.socdm.com

IN A

124.146.153.170

tg.dr.socdm.com

IN A

211.120.53.204

tg.dr.socdm.com

IN A

124.146.153.167

tg.dr.socdm.com

IN A

211.120.53.206

tg.dr.socdm.com

IN A

124.146.153.160

tg.dr.socdm.com

IN A

211.120.53.200

tg.dr.socdm.com

IN A

124.146.153.161

tg.dr.socdm.com

IN A

124.146.153.165

tg.dr.socdm.com

IN A

211.120.53.205

tg.dr.socdm.com

IN A

124.146.153.163

tg.dr.socdm.com

IN A

211.120.53.203

tg.dr.socdm.com

IN A

124.146.153.166

tg.dr.socdm.com

IN A

124.146.153.168
GET

https://tg.socdm.com/aux/idsync?proto=gumgum

msedge.exe

Remote address:

211.120.53.204:443

Request

GET /aux/idsync?proto=gumgum HTTP/1.1
Host: tg.socdm.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Server: nginx
Date: Thu, 14 Mar 2024 21:03:23 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: private
Location: https://usersync.gumgum.com/usersync?b=sus&i=ZfNmG8Co5sEAAFcQrYAAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time: 2
X-SO-HostName: m-ad1017.dc4p.scaleout.jp
X-SO-LB-Hostname: a-tgng40003.dc2p.scaleout.jp
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZfNmG8Co5sEAAFcQrYAAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad1017"}
X-SO-Key: ZfNmG8Co5sEAAFcQrYAAAAAA
X-SO-IP: 89.149.23.59
X-SO-Cluster-ID: 0
X-SO-Upstream-ID: m-ad1017
GET

https://tg.socdm.com/aux/idsync?proto=gumgum

msedge.exe

Remote address:

211.120.53.204:443

Request

GET /aux/idsync?proto=gumgum HTTP/1.1
Host: tg.socdm.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Server: nginx
Date: Thu, 14 Mar 2024 21:03:25 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: private
Location: https://usersync.gumgum.com/usersync?b=sus&i=ZfNmHcCo5sEAAFcQrhQAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time: 2
X-SO-HostName: a-ad40145.dc2p.scaleout.jp
X-SO-LB-Hostname: a-tgng40003.dc2p.scaleout.jp
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZfNmHcCo5sEAAFcQrhQAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40145"}
X-SO-Key: ZfNmHcCo5sEAAFcQrhQAAAAA
X-SO-IP: 89.149.23.59
X-SO-Cluster-ID: 0
X-SO-Upstream-ID: a-ad40145
GET

https://tg.socdm.com/aux/idsync?proto=gumgum

msedge.exe

Remote address:

211.120.53.204:443

Request

GET /aux/idsync?proto=gumgum HTTP/1.1
Host: tg.socdm.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Server: nginx
Date: Thu, 14 Mar 2024 21:03:25 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: private
Location: https://usersync.gumgum.com/usersync?b=sus&i=ZfNmHcCo5sEAAFcQrjIAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time: 2
X-SO-HostName: a-ad40085.dc2p.scaleout.jp
X-SO-LB-Hostname: a-tgng40003.dc2p.scaleout.jp
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZfNmHcCo5sEAAFcQrjIAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40085"}
X-SO-Key: ZfNmHcCo5sEAAFcQrjIAAAAA
X-SO-IP: 89.149.23.59
X-SO-Cluster-ID: 0
X-SO-Upstream-ID: a-ad40085
GET

https://tg.socdm.com/aux/idsync?proto=gumgum

msedge.exe

Remote address:

211.120.53.204:443

Request

GET /aux/idsync?proto=gumgum HTTP/1.1
Host: tg.socdm.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Server: nginx
Date: Thu, 14 Mar 2024 21:03:29 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: private
Location: https://usersync.gumgum.com/usersync?b=sus&i=ZfNmIcCo5sEAAFcQr6IAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time: 3
X-SO-HostName: m-ad167.dc4p.scaleout.jp
X-SO-LB-Hostname: a-tgng40003.dc2p.scaleout.jp
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZfNmIcCo5sEAAFcQr6IAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad167"}
X-SO-Key: ZfNmIcCo5sEAAFcQr6IAAAAA
X-SO-IP: 89.149.23.59
X-SO-Cluster-ID: 0
X-SO-Upstream-ID: m-ad167
GET

https://tg.socdm.com/aux/idsync?proto=gumgum

msedge.exe

Remote address:

211.120.53.204:443

Request

GET /aux/idsync?proto=gumgum HTTP/1.1
Host: tg.socdm.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Server: nginx
Date: Thu, 14 Mar 2024 21:03:32 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: private
Location: https://usersync.gumgum.com/usersync?b=sus&i=ZfNmJMCo5sEAAFcQsLEAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time: 2
X-SO-HostName: a-ad40264.dc2p.scaleout.jp
X-SO-LB-Hostname: a-tgng40003.dc2p.scaleout.jp
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZfNmJMCo5sEAAFcQsLEAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40264"}
X-SO-Key: ZfNmJMCo5sEAAFcQsLEAAAAA
X-SO-IP: 89.149.23.59
X-SO-Cluster-ID: 0
X-SO-Upstream-ID: a-ad40264
DNS

secure-assets.rubiconproject.com

msedge.exe

Remote address:

8.8.8.8:53

Request

secure-assets.rubiconproject.com

IN A

Response

secure-assets.rubiconproject.com

IN CNAME

digicertwc.rubiconproject.com.edgekey.net

digicertwc.rubiconproject.com.edgekey.net

IN CNAME

e8960.e2.akamaiedge.net

e8960.e2.akamaiedge.net

IN A

23.215.239.190
DNS

secure-assets.rubiconproject.com

msedge.exe

Remote address:

8.8.8.8:53

Request

secure-assets.rubiconproject.com

IN A

Response

secure-assets.rubiconproject.com

IN CNAME

digicertwc.rubiconproject.com.edgekey.net

digicertwc.rubiconproject.com.edgekey.net

IN CNAME

e8960.e2.akamaiedge.net

e8960.e2.akamaiedge.net

IN A

23.215.239.190
DNS

secure.adnxs.com

msedge.exe

Remote address:

8.8.8.8:53

Request

secure.adnxs.com

IN A

Response

secure.adnxs.com

IN CNAME

g.geo.appnexusgslb.net

g.geo.appnexusgslb.net

IN CNAME

ib.anycast.adnxs.com

ib.anycast.adnxs.com

IN A

37.252.171.149

ib.anycast.adnxs.com

IN A

37.252.171.53

ib.anycast.adnxs.com

IN A

37.252.172.123

ib.anycast.adnxs.com

IN A

37.252.171.85

ib.anycast.adnxs.com

IN A

37.252.171.52

ib.anycast.adnxs.com

IN A

37.252.173.215

ib.anycast.adnxs.com

IN A

37.252.171.21
DNS

sync.srv.stackadapt.com

msedge.exe

Remote address:

8.8.8.8:53

Request

sync.srv.stackadapt.com

IN A

Response

sync.srv.stackadapt.com

IN A

54.166.93.240

sync.srv.stackadapt.com

IN A

54.175.28.36

sync.srv.stackadapt.com

IN A

54.160.228.160

sync.srv.stackadapt.com

IN A

54.174.97.40

sync.srv.stackadapt.com

IN A

54.144.120.173

sync.srv.stackadapt.com

IN A

52.73.237.27

sync.srv.stackadapt.com

IN A

54.156.231.188

sync.srv.stackadapt.com

IN A

54.162.77.126
DNS

sync.srv.stackadapt.com

msedge.exe

Remote address:

8.8.8.8:53

Request

sync.srv.stackadapt.com

IN A

Response

sync.srv.stackadapt.com

IN A

54.166.93.240

sync.srv.stackadapt.com

IN A

54.175.28.36

sync.srv.stackadapt.com

IN A

54.160.228.160

sync.srv.stackadapt.com

IN A

54.174.97.40

sync.srv.stackadapt.com

IN A

54.144.120.173

sync.srv.stackadapt.com

IN A

52.73.237.27

sync.srv.stackadapt.com

IN A

54.156.231.188

sync.srv.stackadapt.com

IN A

54.162.77.126
DNS

sync.ipredictive.com

msedge.exe

Remote address:

8.8.8.8:53

Request

sync.ipredictive.com

IN A

Response

sync.ipredictive.com

IN A

52.71.44.145

sync.ipredictive.com

IN A

52.87.49.60

sync.ipredictive.com

IN A

54.144.94.27

sync.ipredictive.com

IN A

52.70.187.13

sync.ipredictive.com

IN A

52.44.255.182

sync.ipredictive.com

IN A

54.166.159.113

sync.ipredictive.com

IN A

54.158.243.155

sync.ipredictive.com

IN A

54.159.66.10
DNS

sync.ipredictive.com

msedge.exe

Remote address:

8.8.8.8:53

Request

sync.ipredictive.com

IN A

Response

sync.ipredictive.com

IN A

54.144.94.27

sync.ipredictive.com

IN A

54.166.159.113

sync.ipredictive.com

IN A

54.158.243.155

sync.ipredictive.com

IN A

52.44.255.182

sync.ipredictive.com

IN A

52.70.187.13

sync.ipredictive.com

IN A

52.44.19.224

sync.ipredictive.com

IN A

54.159.66.10

sync.ipredictive.com

IN A

54.158.64.147
DNS

b1sync.zemanta.com

msedge.exe

Remote address:

8.8.8.8:53

Request

b1sync.zemanta.com

IN A

Response

b1sync.zemanta.com

IN CNAME

b1-use1.zemanta.com

b1-use1.zemanta.com

IN CNAME

zemanta-nychi2.outbrain.org

zemanta-nychi2.outbrain.org

IN CNAME

chidc2.outbrain.org

chidc2.outbrain.org

IN A

64.74.236.95
DNS

b1sync.zemanta.com

msedge.exe

Remote address:

8.8.8.8:53

Request

b1sync.zemanta.com

IN A

Response

b1sync.zemanta.com

IN CNAME

b1-use1.zemanta.com

b1-use1.zemanta.com

IN CNAME

zemanta-nychi2.outbrain.org

zemanta-nychi2.outbrain.org

IN CNAME

nydc1.outbrain.org

nydc1.outbrain.org

IN A

64.202.112.159
DNS

ssbsync.smartadserver.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ssbsync.smartadserver.com

IN A

Response

ssbsync.smartadserver.com

IN CNAME

ssbsync-geo.smartadserver.com

ssbsync-geo.smartadserver.com

IN CNAME

usersync-geo-global.usersync-prod-sas.akadns.net

usersync-geo-global.usersync-prod-sas.akadns.net

IN CNAME

ssbsync-euw1.smartadserver.com

ssbsync-euw1.smartadserver.com

IN A

81.17.55.109

ssbsync-euw1.smartadserver.com

IN A

89.149.192.244

ssbsync-euw1.smartadserver.com

IN A

89.149.192.196

ssbsync-euw1.smartadserver.com

IN A

89.149.192.76

ssbsync-euw1.smartadserver.com

IN A

81.17.55.122

ssbsync-euw1.smartadserver.com

IN A

89.149.192.245

ssbsync-euw1.smartadserver.com

IN A

89.149.192.197

ssbsync-euw1.smartadserver.com

IN A

81.17.55.170

ssbsync-euw1.smartadserver.com

IN A

81.17.55.171

ssbsync-euw1.smartadserver.com

IN A

81.17.55.108

ssbsync-euw1.smartadserver.com

IN A

89.149.192.75

ssbsync-euw1.smartadserver.com

IN A

81.17.55.123
DNS

ssbsync.smartadserver.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ssbsync.smartadserver.com

IN A

Response

ssbsync.smartadserver.com

IN CNAME

ssbsync-geo.smartadserver.com

ssbsync-geo.smartadserver.com

IN CNAME

usersync-geo-global.usersync-prod-sas.akadns.net

usersync-geo-global.usersync-prod-sas.akadns.net

IN CNAME

ssbsync-euw1.smartadserver.com

ssbsync-euw1.smartadserver.com

IN A

81.17.55.109

ssbsync-euw1.smartadserver.com

IN A

89.149.192.244

ssbsync-euw1.smartadserver.com

IN A

89.149.192.196

ssbsync-euw1.smartadserver.com

IN A

89.149.192.76

ssbsync-euw1.smartadserver.com

IN A

81.17.55.122

ssbsync-euw1.smartadserver.com

IN A

89.149.192.245

ssbsync-euw1.smartadserver.com

IN A

89.149.192.197

ssbsync-euw1.smartadserver.com

IN A

81.17.55.170

ssbsync-euw1.smartadserver.com

IN A

81.17.55.171

ssbsync-euw1.smartadserver.com

IN A

81.17.55.108

ssbsync-euw1.smartadserver.com

IN A

89.149.192.75

ssbsync-euw1.smartadserver.com

IN A

81.17.55.123
GET

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

54.166.93.240:443

Request

GET /sync?nid=1&gdpr=0&gdpr_consent=0 HTTP/1.1
Host: sync.srv.stackadapt.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Content-Type: text/html; charset=utf-8
Date: Thu, 14 Mar 2024 21:03:23 GMT
Location: https://usersync.gumgum.com/usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59
Set-Cookie: sa-user-id=s%3A0-7c72b27d-100a-5436-77f4-3c22950a6cff.4oNH0tpHNZeUKiHAXKXF03RzTN7Z8mEmzcC%2FGL8cBjo; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id=s%3A0-7c72b27d-100a-5436-77f4-3c22950a6cff.4oNH0tpHNZeUKiHAXKXF03RzTN7Z8mEmzcC%2FGL8cBjo; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v2=s%3AfHKyfRAKVDZ39DwilQps_1mVFzs.BXalIGJNpQI1gJNcBOImgKbMQV12eayRN58JgMI4Uww; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v2=s%3AfHKyfRAKVDZ39DwilQps_1mVFzs.BXalIGJNpQI1gJNcBOImgKbMQV12eayRN58JgMI4Uww; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v3=s%3AAQAKIMMOVsnI_jD_pKT_cSzy-hgI7oLKJYzUyOvvzIIlC2wBEFsYBCCbzM2vBjABOgSG_qDnQgSXfhN5.1n%2FZEj59Ls1fjCim%2F14t3z3pGEz5CMrkYHSTeDMX3To; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v3=s%3AAQAKIMMOVsnI_jD_pKT_cSzy-hgI7oLKJYzUyOvvzIIlC2wBEFsYBCCbzM2vBjABOgSG_qDnQgSXfhN5.1n%2FZEj59Ls1fjCim%2F14t3z3pGEz5CMrkYHSTeDMX3To; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length: 126
Connection: keep-alive
GET

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

54.166.93.240:443

Request

GET /sync?nid=1&gdpr=0&gdpr_consent=0 HTTP/1.1
Host: sync.srv.stackadapt.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Content-Type: text/html; charset=utf-8
Date: Thu, 14 Mar 2024 21:03:25 GMT
Location: https://usersync.gumgum.com/usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59
Set-Cookie: sa-user-id=s%3A0-7c72b27d-100a-5436-77f4-3c22950a6cff.4oNH0tpHNZeUKiHAXKXF03RzTN7Z8mEmzcC%2FGL8cBjo; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id=s%3A0-7c72b27d-100a-5436-77f4-3c22950a6cff.4oNH0tpHNZeUKiHAXKXF03RzTN7Z8mEmzcC%2FGL8cBjo; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v2=s%3AfHKyfRAKVDZ39DwilQps_1mVFzs.BXalIGJNpQI1gJNcBOImgKbMQV12eayRN58JgMI4Uww; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v2=s%3AfHKyfRAKVDZ39DwilQps_1mVFzs.BXalIGJNpQI1gJNcBOImgKbMQV12eayRN58JgMI4Uww; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v3=s%3AAQAKIMMOVsnI_jD_pKT_cSzy-hgI7oLKJYzUyOvvzIIlC2wBEFsYBCCdzM2vBjABOgSG_qDnQgQzkzI2.oSwcgnPvzc%2BMT0gyg9NzG0e%2B3fs%2Fx18aiSBeKN1IFew; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v3=s%3AAQAKIMMOVsnI_jD_pKT_cSzy-hgI7oLKJYzUyOvvzIIlC2wBEFsYBCCdzM2vBjABOgSG_qDnQgQzkzI2.oSwcgnPvzc%2BMT0gyg9NzG0e%2B3fs%2Fx18aiSBeKN1IFew; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length: 126
Connection: keep-alive
GET

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

54.166.93.240:443

Request

GET /sync?nid=1&gdpr=0&gdpr_consent=0 HTTP/1.1
Host: sync.srv.stackadapt.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Content-Type: text/html; charset=utf-8
Date: Thu, 14 Mar 2024 21:03:25 GMT
Location: https://usersync.gumgum.com/usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59
Set-Cookie: sa-user-id=s%3A0-7c72b27d-100a-5436-77f4-3c22950a6cff.4oNH0tpHNZeUKiHAXKXF03RzTN7Z8mEmzcC%2FGL8cBjo; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id=s%3A0-7c72b27d-100a-5436-77f4-3c22950a6cff.4oNH0tpHNZeUKiHAXKXF03RzTN7Z8mEmzcC%2FGL8cBjo; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v2=s%3AfHKyfRAKVDZ39DwilQps_1mVFzs.BXalIGJNpQI1gJNcBOImgKbMQV12eayRN58JgMI4Uww; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v2=s%3AfHKyfRAKVDZ39DwilQps_1mVFzs.BXalIGJNpQI1gJNcBOImgKbMQV12eayRN58JgMI4Uww; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v3=s%3AAQAKIMMOVsnI_jD_pKT_cSzy-hgI7oLKJYzUyOvvzIIlC2wBEFsYBCCdzM2vBjABOgSG_qDnQgTlbJGa.m%2BAQ%2F6PT6aSkYizAuTVo75MgVcY8vSH0MpbG%2FqbYf0c; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v3=s%3AAQAKIMMOVsnI_jD_pKT_cSzy-hgI7oLKJYzUyOvvzIIlC2wBEFsYBCCdzM2vBjABOgSG_qDnQgTlbJGa.m%2BAQ%2F6PT6aSkYizAuTVo75MgVcY8vSH0MpbG%2FqbYf0c; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length: 126
Connection: keep-alive
GET

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

54.166.93.240:443

Request

GET /sync?nid=1&gdpr=0&gdpr_consent=0 HTTP/1.1
Host: sync.srv.stackadapt.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Content-Type: text/html; charset=utf-8
Date: Thu, 14 Mar 2024 21:03:29 GMT
Location: https://usersync.gumgum.com/usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59
Set-Cookie: sa-user-id=s%3A0-7c72b27d-100a-5436-77f4-3c22950a6cff.4oNH0tpHNZeUKiHAXKXF03RzTN7Z8mEmzcC%2FGL8cBjo; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id=s%3A0-7c72b27d-100a-5436-77f4-3c22950a6cff.4oNH0tpHNZeUKiHAXKXF03RzTN7Z8mEmzcC%2FGL8cBjo; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v2=s%3AfHKyfRAKVDZ39DwilQps_1mVFzs.BXalIGJNpQI1gJNcBOImgKbMQV12eayRN58JgMI4Uww; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v2=s%3AfHKyfRAKVDZ39DwilQps_1mVFzs.BXalIGJNpQI1gJNcBOImgKbMQV12eayRN58JgMI4Uww; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v3=s%3AAQAKIMMOVsnI_jD_pKT_cSzy-hgI7oLKJYzUyOvvzIIlC2wBEFsYBCChzM2vBjABOgSG_qDnQgS6jIpx.kH%2FLiFsb85QKduasJr5W7E%2Fal71ZRek4hONtYjjoOHc; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v3=s%3AAQAKIMMOVsnI_jD_pKT_cSzy-hgI7oLKJYzUyOvvzIIlC2wBEFsYBCChzM2vBjABOgSG_qDnQgS6jIpx.kH%2FLiFsb85QKduasJr5W7E%2Fal71ZRek4hONtYjjoOHc; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length: 126
Connection: keep-alive
GET

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

54.166.93.240:443

Request

GET /sync?nid=1&gdpr=0&gdpr_consent=0 HTTP/1.1
Host: sync.srv.stackadapt.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Content-Type: text/html; charset=utf-8
Date: Thu, 14 Mar 2024 21:03:32 GMT
Location: https://usersync.gumgum.com/usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59
Set-Cookie: sa-user-id=s%3A0-7c72b27d-100a-5436-77f4-3c22950a6cff.4oNH0tpHNZeUKiHAXKXF03RzTN7Z8mEmzcC%2FGL8cBjo; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id=s%3A0-7c72b27d-100a-5436-77f4-3c22950a6cff.4oNH0tpHNZeUKiHAXKXF03RzTN7Z8mEmzcC%2FGL8cBjo; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v2=s%3AfHKyfRAKVDZ39DwilQps_1mVFzs.BXalIGJNpQI1gJNcBOImgKbMQV12eayRN58JgMI4Uww; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v2=s%3AfHKyfRAKVDZ39DwilQps_1mVFzs.BXalIGJNpQI1gJNcBOImgKbMQV12eayRN58JgMI4Uww; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v3=s%3AAQAKIMMOVsnI_jD_pKT_cSzy-hgI7oLKJYzUyOvvzIIlC2wBEFsYBCCkzM2vBjABOgSG_qDnQgRFSIWy.yGVVG2QbBcu4v7Y3wYHf%2Bf0j7pUCQHo59BMZ2Hu4Hb0; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v3=s%3AAQAKIMMOVsnI_jD_pKT_cSzy-hgI7oLKJYzUyOvvzIIlC2wBEFsYBCCkzM2vBjABOgSG_qDnQgRFSIWy.yGVVG2QbBcu4v7Y3wYHf%2Bf0j7pUCQHo59BMZ2Hu4Hb0; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length: 126
Connection: keep-alive
DNS

eus.rubiconproject.com

msedge.exe

Remote address:

8.8.8.8:53

Request

eus.rubiconproject.com

IN A

Response

eus.rubiconproject.com

IN CNAME

eus.rubiconproject.com.edgekey.net

eus.rubiconproject.com.edgekey.net

IN CNAME

e8960.b.akamaiedge.net

e8960.b.akamaiedge.net

IN A

2.17.5.216
DNS

eus.rubiconproject.com

msedge.exe

Remote address:

8.8.8.8:53

Request

eus.rubiconproject.com

IN A
GET

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_2fbce7b6-2b74-4d62-a9b7-729791e5b5db&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__

msedge.exe

Remote address:

64.74.236.95:443

Request

GET /usersync/gumgum/?puid=e_2fbce7b6-2b74-4d62-a9b7-729791e5b5db&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP/1.1
Host: b1sync.zemanta.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Content-Type: text/html; charset=utf-8
Content-Length: 102
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Location: https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0
Pragma: no-cache
Date: Thu, 14 Mar 2024 21:03:23 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
GET

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_a631c396-5fc4-4378-9bc9-b31449734366&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__

msedge.exe

Remote address:

64.74.236.95:443

Request

GET /usersync/gumgum/?puid=e_a631c396-5fc4-4378-9bc9-b31449734366&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP/1.1
Host: b1sync.zemanta.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Content-Type: text/html; charset=utf-8
Content-Length: 102
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Location: https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0
Pragma: no-cache
Date: Thu, 14 Mar 2024 21:03:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
GET

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

81.17.55.109:443

Request

GET /api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0 HTTP/1.1
Host: ssbsync.smartadserver.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

content-length: 0
date: Thu, 14 Mar 2024 21:03:22 GMT
location: https://usersync.gumgum.com/usersync?b=sad&i=6376218296843874213
set-cookie: pid=6376218296843874213; expires=Mon, 14 Apr 2025 21:02:23 GMT; domain=smartadserver.com; path=/; secure; samesite=none
GET

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

81.17.55.109:443

Request

GET /api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0 HTTP/1.1
Host: ssbsync.smartadserver.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

content-length: 0
date: Thu, 14 Mar 2024 21:03:25 GMT
location: https://usersync.gumgum.com/usersync?b=sad&i=6822015247670947740
set-cookie: pid=6822015247670947740; expires=Mon, 14 Apr 2025 21:02:25 GMT; domain=smartadserver.com; path=/; secure; samesite=none
GET

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

81.17.55.109:443

Request

GET /api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0 HTTP/1.1
Host: ssbsync.smartadserver.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

content-length: 0
date: Thu, 14 Mar 2024 21:03:26 GMT
location: https://usersync.gumgum.com/usersync?b=sad&i=6568365070558539633
set-cookie: pid=6568365070558539633; expires=Mon, 14 Apr 2025 21:02:26 GMT; domain=smartadserver.com; path=/; secure; samesite=none
GET

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

81.17.55.109:443

Request

GET /api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0 HTTP/1.1
Host: ssbsync.smartadserver.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

content-length: 0
date: Thu, 14 Mar 2024 21:03:28 GMT
location: https://usersync.gumgum.com/usersync?b=sad&i=4408395789420310522
set-cookie: pid=4408395789420310522; expires=Mon, 14 Apr 2025 21:02:29 GMT; domain=smartadserver.com; path=/; secure; samesite=none
GET

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

81.17.55.109:443

Request

GET /api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0 HTTP/1.1
Host: ssbsync.smartadserver.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

content-length: 0
date: Thu, 14 Mar 2024 21:03:31 GMT
location: https://usersync.gumgum.com/usersync?b=sad&i=8431864793752252163
set-cookie: pid=8431864793752252163; expires=Mon, 14 Apr 2025 21:02:32 GMT; domain=smartadserver.com; path=/; secure; samesite=none
DNS

109.55.17.81.in-addr.arpa

Remote address:

8.8.8.8:53

Request

109.55.17.81.in-addr.arpa

IN PTR

Response
DNS

109.55.17.81.in-addr.arpa

Remote address:

8.8.8.8:53

Request

109.55.17.81.in-addr.arpa

IN PTR
DNS

149.171.252.37.in-addr.arpa

Remote address:

8.8.8.8:53

Request

149.171.252.37.in-addr.arpa

IN PTR

Response

149.171.252.37.in-addr.arpa

IN PTR

984bm-nginx-loadbalancermgmtfra1adnexusnet
GET

https://tg.socdm.com/aux/idsync?proto=gumgum

msedge.exe

Remote address:

211.120.53.204:443

Request

GET /aux/idsync?proto=gumgum HTTP/1.1
Host: tg.socdm.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Server: nginx
Date: Thu, 14 Mar 2024 21:03:55 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: private
Location: https://usersync.gumgum.com/usersync?b=sus&i=ZfNmO8Co5sMAAJYh6woAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time: 2
X-SO-HostName: a-ad40179.dc2p.scaleout.jp
X-SO-LB-Hostname: a-tgng40005.dc2p.scaleout.jp
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZfNmO8Co5sMAAJYh6woAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40179"}
X-SO-Key: ZfNmO8Co5sMAAJYh6woAAAAA
X-SO-IP: 89.149.23.59
X-SO-Cluster-ID: 0
X-SO-Upstream-ID: a-ad40179
GET

https://tg.socdm.com/aux/idsync?proto=gumgum

msedge.exe

Remote address:

211.120.53.204:443

Request

GET /aux/idsync?proto=gumgum HTTP/1.1
Host: tg.socdm.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Server: nginx
Date: Thu, 14 Mar 2024 21:03:58 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: private
Location: https://usersync.gumgum.com/usersync?b=sus&i=ZfNmPsCo5sMAAJYh6ysAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time: 1
X-SO-HostName: m-ad360.dc4p.scaleout.jp
X-SO-LB-Hostname: a-tgng40005.dc2p.scaleout.jp
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZfNmPsCo5sMAAJYh6ysAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad360"}
X-SO-Key: ZfNmPsCo5sMAAJYh6ysAAAAA
X-SO-IP: 89.149.23.59
X-SO-Cluster-ID: 0
X-SO-Upstream-ID: m-ad360
GET

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D

msedge.exe

Remote address:

52.71.44.145:443

Request

GET /d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP/1.1
Host: sync.ipredictive.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Content-Type: text/html; charset=utf-8
Date: Thu, 14 Mar 2024 21:03:23 GMT
Location: https://usersync.gumgum.com/usersync?b=vnt&i=ca6d87e0-e4ea-4d7c-898d-fe74a7f8fc64
Set-Cookie: cu=ca6d87e0-e4ea-4d7c-898d-fe74a7f8fc64|1710450203810; Path=/; Domain=ipredictive.com; Expires=Fri, 14 Mar 2025 21:03:23 GMT; Max-Age=31536000; SameSite=None; Secure
X-CI-RTID: 56e9270c-f541-4acc-b5bf-1de7f8248f2a
Content-Length: 108
Connection: keep-alive
GET

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D

msedge.exe

Remote address:

52.71.44.145:443

Request

GET /d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP/1.1
Host: sync.ipredictive.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Content-Type: text/html; charset=utf-8
Date: Thu, 14 Mar 2024 21:03:26 GMT
Location: https://usersync.gumgum.com/usersync?b=vnt&i=186ac31b-48ee-4396-bbc4-45d116fd0ecd
Set-Cookie: cu=186ac31b-48ee-4396-bbc4-45d116fd0ecd|1710450206221; Path=/; Domain=ipredictive.com; Expires=Fri, 14 Mar 2025 21:03:26 GMT; Max-Age=31536000; SameSite=None; Secure
X-CI-RTID: cf2194b1-d874-4bf9-93df-ee99765d0832
Content-Length: 108
Connection: keep-alive
GET

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D

msedge.exe

Remote address:

52.71.44.145:443

Request

GET /d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP/1.1
Host: sync.ipredictive.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Content-Type: text/html; charset=utf-8
Date: Thu, 14 Mar 2024 21:03:26 GMT
Location: https://usersync.gumgum.com/usersync?b=vnt&i=d2bf796b-9d2e-4fe1-acb0-8d80710624af
Set-Cookie: cu=d2bf796b-9d2e-4fe1-acb0-8d80710624af|1710450206351; Path=/; Domain=ipredictive.com; Expires=Fri, 14 Mar 2025 21:03:26 GMT; Max-Age=31536000; SameSite=None; Secure
X-CI-RTID: 2c508215-b658-45dd-b9d0-2f4af3facac6
Content-Length: 108
Connection: keep-alive
GET

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D

msedge.exe

Remote address:

52.71.44.145:443

Request

GET /d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP/1.1
Host: sync.ipredictive.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Content-Type: text/html; charset=utf-8
Date: Thu, 14 Mar 2024 21:03:29 GMT
Location: https://usersync.gumgum.com/usersync?b=vnt&i=e4f8a2a7-8915-4836-92da-a15e92cb5e3f
Set-Cookie: cu=e4f8a2a7-8915-4836-92da-a15e92cb5e3f|1710450209216; Path=/; Domain=ipredictive.com; Expires=Fri, 14 Mar 2025 21:03:29 GMT; Max-Age=31536000; SameSite=None; Secure
X-CI-RTID: eddcb6aa-34e1-45ce-9c19-f700a78371b7
Content-Length: 108
Connection: keep-alive
GET

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D

msedge.exe

Remote address:

52.71.44.145:443

Request

GET /d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP/1.1
Host: sync.ipredictive.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Content-Type: text/html; charset=utf-8
Date: Thu, 14 Mar 2024 21:03:32 GMT
Location: https://usersync.gumgum.com/usersync?b=vnt&i=cb278e13-91dc-4b26-92f1-69cb0333291c
Set-Cookie: cu=cb278e13-91dc-4b26-92f1-69cb0333291c|1710450212089; Path=/; Domain=ipredictive.com; Expires=Fri, 14 Mar 2025 21:03:32 GMT; Max-Age=31536000; SameSite=None; Secure
X-CI-RTID: 76cbb318-5896-4f31-96f1-3c06715c1256
Content-Length: 108
Connection: keep-alive
GET

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID

msedge.exe

Remote address:

37.252.171.149:443

Request

GET /getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP/2.0
host: secure.adnxs.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 307

server: nginx/1.23.4
date: Thu, 14 Mar 2024 21:03:23 GMT
content-type: text/html; charset=utf-8
content-length: 0
cache-control: no-store, no-cache, private
pragma: no-cache
expires: Sat, 15 Nov 2008 16:00:00 GMT
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-xss-protection: 0
access-control-allow-credentials: true
access-control-allow-origin: *
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
location: https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID
an-x-request-uuid: bc57d554-b13f-4a5a-94f0-177719ef7201
set-cookie: XANDR_PANID=4FS0cCTBHSv2jftC--acS0EpbTnYzfOh6V0fhy_H4YCDryNaMQeHasxRCzT7_tbLrTO1KvTwoBkIGZDYvmRPqwr0mzSgkXQfkfMJf_OGkaA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 12-Jun-2024 21:03:23 GMT; Domain=.adnxs.com; Secure; Partitioned
set-cookie: receive-cookie-deprecation=1; SameSite=None; Path=/; Max-Age=314496000; Expires=Thu, 02-Mar-2034 21:03:23 GMT; Domain=.adnxs.com; Secure; HttpOnly; Partitioned
set-cookie: uuid2=4498513392826603085; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 12-Jun-2024 21:03:23 GMT; Domain=.adnxs.com; Secure; HttpOnly
x-proxy-origin: 89.149.23.59; 89.149.23.59; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
GET

https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID

msedge.exe

Remote address:

37.252.171.149:443

Request

GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID HTTP/2.0
host: secure.adnxs.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: nginx/1.23.4
date: Thu, 14 Mar 2024 21:03:24 GMT
content-type: text/html; charset=utf-8
content-length: 0
cache-control: no-store, no-cache, private
pragma: no-cache
expires: Sat, 15 Nov 2008 16:00:00 GMT
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-xss-protection: 0
access-control-allow-credentials: true
access-control-allow-origin: *
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
location: https://usersync.gumgum.com/usersync?b=apn&i=0
an-x-request-uuid: 1b0a6950-9f02-4e57-a1d5-f151cebf8c37
set-cookie: receive-cookie-deprecation=1; SameSite=None; Path=/; Max-Age=314496000; Expires=Thu, 02-Mar-2034 21:03:24 GMT; Domain=.adnxs.com; Secure; HttpOnly; Partitioned
x-proxy-origin: 89.149.23.59; 89.149.23.59; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
GET

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID

msedge.exe

Remote address:

37.252.171.149:443

Request

GET /getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP/2.0
host: secure.adnxs.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 307

server: nginx/1.23.4
date: Thu, 14 Mar 2024 21:03:25 GMT
content-type: text/html; charset=utf-8
content-length: 0
cache-control: no-store, no-cache, private
pragma: no-cache
expires: Sat, 15 Nov 2008 16:00:00 GMT
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-xss-protection: 0
access-control-allow-credentials: true
access-control-allow-origin: *
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
location: https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID
an-x-request-uuid: 2942550a-2939-44ba-ba48-8b0f7d929fb6
set-cookie: XANDR_PANID=6kHc6O8DfzPzc72uiGyo0t82WRWlazNZhYZ7IOGGC6VGBW6AAtX8mrZagru3Htby9ZwrsoDO4vz4lGY05LFWBdpBKCaR9iDPm6KlaZHx2GA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 12-Jun-2024 21:03:25 GMT; Domain=.adnxs.com; Secure; Partitioned
set-cookie: receive-cookie-deprecation=1; SameSite=None; Path=/; Max-Age=314496000; Expires=Thu, 02-Mar-2034 21:03:25 GMT; Domain=.adnxs.com; Secure; HttpOnly; Partitioned
set-cookie: uuid2=8008309721505739492; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 12-Jun-2024 21:03:25 GMT; Domain=.adnxs.com; Secure; HttpOnly
x-proxy-origin: 89.149.23.59; 89.149.23.59; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
GET

https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID

msedge.exe

Remote address:

37.252.171.149:443

Request

GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID HTTP/2.0
host: secure.adnxs.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 307

server: nginx/1.23.4
date: Thu, 14 Mar 2024 21:03:25 GMT
content-type: text/html; charset=utf-8
content-length: 0
cache-control: no-store, no-cache, private
pragma: no-cache
expires: Sat, 15 Nov 2008 16:00:00 GMT
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-xss-protection: 0
access-control-allow-credentials: true
access-control-allow-origin: *
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
location: https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID
an-x-request-uuid: 7cb55cfa-d4aa-45f0-b0f6-36e31337cc11
set-cookie: XANDR_PANID=z6XrkxIDgbwNsIcegOHnH16XJGAZFXUblNdbv0Ey92u3wLDNeRaO_waarYcZrOhH_WLhjGH56wD1cUWb8AScq0Qeuhj8DMvDetDj18HA5fM.; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 12-Jun-2024 21:03:25 GMT; Domain=.adnxs.com; Secure; Partitioned
set-cookie: receive-cookie-deprecation=1; SameSite=None; Path=/; Max-Age=314496000; Expires=Thu, 02-Mar-2034 21:03:25 GMT; Domain=.adnxs.com; Secure; HttpOnly; Partitioned
set-cookie: uuid2=8001622559496382805; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 12-Jun-2024 21:03:25 GMT; Domain=.adnxs.com; Secure; HttpOnly
x-proxy-origin: 89.149.23.59; 89.149.23.59; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
GET

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID

msedge.exe

Remote address:

37.252.171.149:443

Request

GET /getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP/2.0
host: secure.adnxs.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: nginx/1.23.4
date: Thu, 14 Mar 2024 21:03:25 GMT
content-type: text/html; charset=utf-8
content-length: 0
cache-control: no-store, no-cache, private
pragma: no-cache
expires: Sat, 15 Nov 2008 16:00:00 GMT
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-xss-protection: 0
access-control-allow-credentials: true
access-control-allow-origin: *
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
location: https://usersync.gumgum.com/usersync?b=apn&i=0
an-x-request-uuid: 3959f21e-8fe5-4e56-8412-9aedb8aa16d1
set-cookie: receive-cookie-deprecation=1; SameSite=None; Path=/; Max-Age=314496000; Expires=Thu, 02-Mar-2034 21:03:25 GMT; Domain=.adnxs.com; Secure; HttpOnly; Partitioned
x-proxy-origin: 89.149.23.59; 89.149.23.59; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
GET

https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID

msedge.exe

Remote address:

37.252.171.149:443

Request

GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID HTTP/2.0
host: secure.adnxs.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: nginx/1.23.4
date: Thu, 14 Mar 2024 21:03:25 GMT
content-type: text/html; charset=utf-8
content-length: 0
cache-control: no-store, no-cache, private
pragma: no-cache
expires: Sat, 15 Nov 2008 16:00:00 GMT
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-xss-protection: 0
access-control-allow-credentials: true
access-control-allow-origin: *
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
location: https://usersync.gumgum.com/usersync?b=apn&i=0
an-x-request-uuid: c8c6cdfc-6974-4b02-93c3-9acc5b72d950
set-cookie: receive-cookie-deprecation=1; SameSite=None; Path=/; Max-Age=314496000; Expires=Thu, 02-Mar-2034 21:03:25 GMT; Domain=.adnxs.com; Secure; HttpOnly; Partitioned
x-proxy-origin: 89.149.23.59; 89.149.23.59; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
GET

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID

msedge.exe

Remote address:

37.252.171.149:443

Request

GET /getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP/2.0
host: secure.adnxs.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 307

server: nginx/1.23.4
date: Thu, 14 Mar 2024 21:03:29 GMT
content-type: text/html; charset=utf-8
content-length: 0
cache-control: no-store, no-cache, private
pragma: no-cache
expires: Sat, 15 Nov 2008 16:00:00 GMT
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-xss-protection: 0
access-control-allow-credentials: true
access-control-allow-origin: *
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
location: https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID
an-x-request-uuid: fb113490-c677-4d2d-a040-e797c669a58c
set-cookie: XANDR_PANID=GGi3v_lngF2LSxlK-Pwc_AcIJl8cwIx2XzbQJo0XWOtEQYC-N_K2KP-5DIVf_IW2odLzDOwNSKiKSuLvBIAxwBr-oDBKIByGhnbmOSxEqJc.; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 12-Jun-2024 21:03:29 GMT; Domain=.adnxs.com; Secure; Partitioned
set-cookie: receive-cookie-deprecation=1; SameSite=None; Path=/; Max-Age=314496000; Expires=Thu, 02-Mar-2034 21:03:29 GMT; Domain=.adnxs.com; Secure; HttpOnly; Partitioned
set-cookie: uuid2=2404099193709013351; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 12-Jun-2024 21:03:29 GMT; Domain=.adnxs.com; Secure; HttpOnly
x-proxy-origin: 89.149.23.59; 89.149.23.59; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
GET

https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID

msedge.exe

Remote address:

37.252.171.149:443

Request

GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID HTTP/2.0
host: secure.adnxs.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: nginx/1.23.4
date: Thu, 14 Mar 2024 21:03:31 GMT
content-type: text/html; charset=utf-8
content-length: 0
cache-control: no-store, no-cache, private
pragma: no-cache
expires: Sat, 15 Nov 2008 16:00:00 GMT
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-xss-protection: 0
access-control-allow-credentials: true
access-control-allow-origin: *
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
location: https://usersync.gumgum.com/usersync?b=apn&i=0
an-x-request-uuid: 10e26a79-db89-4c2d-aa78-43145b99d125
set-cookie: receive-cookie-deprecation=1; SameSite=None; Path=/; Max-Age=314496000; Expires=Thu, 02-Mar-2034 21:03:31 GMT; Domain=.adnxs.com; Secure; HttpOnly; Partitioned
x-proxy-origin: 89.149.23.59; 89.149.23.59; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
GET

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID

msedge.exe

Remote address:

37.252.171.149:443

Request

GET /getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP/2.0
host: secure.adnxs.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 307

server: nginx/1.23.4
date: Thu, 14 Mar 2024 21:03:32 GMT
content-type: text/html; charset=utf-8
content-length: 0
cache-control: no-store, no-cache, private
pragma: no-cache
expires: Sat, 15 Nov 2008 16:00:00 GMT
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-xss-protection: 0
access-control-allow-credentials: true
access-control-allow-origin: *
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
location: https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID
an-x-request-uuid: fe6b714e-8087-4f5e-8554-18cc9ee76155
set-cookie: XANDR_PANID=Vm5EmXQjxtGiLtSw9DyG4gbC2jbmJohQO3LaLJrOQrg2yEOX4dhTEJsdsePXtIpm5Sq4gQJFKcLHz2qX9RtykWtjEtsVmCEPeof92Jklmcg.; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 12-Jun-2024 21:03:32 GMT; Domain=.adnxs.com; Secure; Partitioned
set-cookie: receive-cookie-deprecation=1; SameSite=None; Path=/; Max-Age=314496000; Expires=Thu, 02-Mar-2034 21:03:32 GMT; Domain=.adnxs.com; Secure; HttpOnly; Partitioned
set-cookie: uuid2=2131741646967231158; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 12-Jun-2024 21:03:32 GMT; Domain=.adnxs.com; Secure; HttpOnly
x-proxy-origin: 89.149.23.59; 89.149.23.59; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
GET

https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID

msedge.exe

Remote address:

37.252.171.149:443

Request

GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID HTTP/2.0
host: secure.adnxs.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: nginx/1.23.4
date: Thu, 14 Mar 2024 21:03:32 GMT
content-type: text/html; charset=utf-8
content-length: 0
cache-control: no-store, no-cache, private
pragma: no-cache
expires: Sat, 15 Nov 2008 16:00:00 GMT
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-xss-protection: 0
access-control-allow-credentials: true
access-control-allow-origin: *
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
location: https://usersync.gumgum.com/usersync?b=apn&i=0
an-x-request-uuid: 1a907f68-d02b-45ba-9f46-b0b0650a7f0b
set-cookie: receive-cookie-deprecation=1; SameSite=None; Path=/; Max-Age=314496000; Expires=Thu, 02-Mar-2034 21:03:32 GMT; Domain=.adnxs.com; Secure; HttpOnly; Partitioned
x-proxy-origin: 89.149.23.59; 89.149.23.59; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
GET

https://usersync.gumgum.com/usersync?b=apn&i=0

msedge.exe

Remote address:

34.247.233.198:443

Request

GET /usersync?b=apn&i=0 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:03:31 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=sad&i=8431864793752252163

msedge.exe

Remote address:

34.247.233.198:443

Request

GET /usersync?b=sad&i=8431864793752252163 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:03:32 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=apn&i=0

msedge.exe

Remote address:

34.247.233.198:443

Request

GET /usersync?b=apn&i=0 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:03:37 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=opx&i=7b5d8a99-c504-47c6-94f3-b26b296267bb&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

34.247.233.198:443

Request

GET /usersync?b=opx&i=7b5d8a99-c504-47c6-94f3-b26b296267bb&gdpr=0&gdpr_consent=0 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:03:31 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=vnt&i=cb278e13-91dc-4b26-92f1-69cb0333291c

msedge.exe

Remote address:

34.247.233.198:443

Request

GET /usersync?b=vnt&i=cb278e13-91dc-4b26-92f1-69cb0333291c HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:03:32 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=sus&i=ZfNmHcCo5sEAAFcQrjIAAAAA

msedge.exe

Remote address:

34.247.233.198:443

Request

GET /usersync?b=sus&i=ZfNmHcCo5sEAAFcQrjIAAAAA HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:03:25 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=sad&i=6822015247670947740

msedge.exe

Remote address:

34.247.233.198:443

Request

GET /usersync?b=sad&i=6822015247670947740 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:03:25 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=opx&i=9c44422c-1b7a-4311-a07b-f6946153f683&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

34.247.233.198:443

Request

GET /usersync?b=opx&i=9c44422c-1b7a-4311-a07b-f6946153f683&gdpr=0&gdpr_consent=0 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:03:26 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=sus&i=ZfNmIcCo5sEAAFcQr6IAAAAA

msedge.exe

Remote address:

34.247.233.198:443

Request

GET /usersync?b=sus&i=ZfNmIcCo5sEAAFcQr6IAAAAA HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:03:29 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=sad&i=4408395789420310522

msedge.exe

Remote address:

34.247.233.198:443

Request

GET /usersync?b=sad&i=4408395789420310522 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:03:31 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D

msedge.exe

Remote address:

46.228.174.117:443

Request

GET /usersync2/rmphb?gdpr=0&gdpr_consent=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D HTTP/2.0
host: sync.1rx.io
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:24 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-c01c91df-448e-456a-9a95-595981162cb4-003%22%2C%22zdxidn%22%3A%222064%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D%22%7D; path=/; expires=Fri, 14 Mar 2025 21:03:24 GMT; domain=.1rx.io; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D&cb=1710450204355
etag: RXc01c91df448e456a9a95595981162cb4003
GET

https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D&cb=1710450204355

msedge.exe

Remote address:

46.228.174.117:443

Request

GET /usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D&cb=1710450204355 HTTP/2.0
host: sync.1rx.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:24 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=22&uid=OPTOUT
etag: OPTOUT
DNS

240.93.166.54.in-addr.arpa

Remote address:

8.8.8.8:53

Request

240.93.166.54.in-addr.arpa

IN PTR

Response

240.93.166.54.in-addr.arpa

IN PTR

ec2-54-166-93-240 compute-1 amazonawscom
DNS

204.53.120.211.in-addr.arpa

Remote address:

8.8.8.8:53

Request

204.53.120.211.in-addr.arpa

IN PTR

Response
DNS

95.236.74.64.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.236.74.64.in-addr.arpa

IN PTR

Response

95.236.74.64.in-addr.arpa

IN PTR

chioutbraincom
DNS

198.233.247.34.in-addr.arpa

Remote address:

8.8.8.8:53

Request

198.233.247.34.in-addr.arpa

IN PTR

Response

198.233.247.34.in-addr.arpa

IN PTR

ec2-34-247-233-198 eu-west-1compute amazonawscom
GET

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_d64428ec-54ce-4a48-8237-110549aba0a4&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__

msedge.exe

Remote address:

64.74.236.95:443

Request

GET /usersync/gumgum/?puid=e_d64428ec-54ce-4a48-8237-110549aba0a4&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP/1.1
Host: b1sync.zemanta.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Content-Type: text/html; charset=utf-8
Content-Length: 102
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Location: https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0
Pragma: no-cache
Date: Thu, 14 Mar 2024 21:03:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
GET

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_560adcd9-e34a-45f1-8e0d-6ad0ce04a047&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__

msedge.exe

Remote address:

64.74.236.95:443

Request

GET /usersync/gumgum/?puid=e_560adcd9-e34a-45f1-8e0d-6ad0ce04a047&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP/1.1
Host: b1sync.zemanta.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Content-Type: text/html; charset=utf-8
Content-Length: 102
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Location: https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0
Pragma: no-cache
Date: Thu, 14 Mar 2024 21:03:29 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
GET

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_238c96d0-080b-464b-9819-02649520a263&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__

msedge.exe

Remote address:

64.74.236.95:443

Request

GET /usersync/gumgum/?puid=e_238c96d0-080b-464b-9819-02649520a263&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP/1.1
Host: b1sync.zemanta.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Content-Type: text/html; charset=utf-8
Content-Length: 102
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Location: https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0
Pragma: no-cache
Date: Thu, 14 Mar 2024 21:03:32 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
GET

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

msedge.exe

Remote address:

69.166.1.34:443

Request

GET /us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D HTTP/2.0
host: sync.go.sonobi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:29 GMT
content-type: image/gif
content-length: 49
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache, no-store, private
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
tcn: Choice
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-58
x-xss-protection: 0
set-cookie: HAPLB8G=s8558|ZfNmJ; path=/; domain=.go.sonobi.com; SameSite=none; Secure
server: sonobi-go
GET

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

msedge.exe

Remote address:

69.166.1.34:443

Request

GET /us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D HTTP/2.0
host: sync.go.sonobi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:27 GMT
content-type: image/gif
content-length: 49
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache, no-store, private
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
tcn: Choice
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-45
x-xss-protection: 0
set-cookie: HAPLB8G=s8545|ZfNmI; path=/; domain=.go.sonobi.com; SameSite=none; Secure
server: sonobi-go
GET

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

msedge.exe

Remote address:

69.166.1.34:443

Request

GET /us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D HTTP/2.0
host: sync.go.sonobi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:27 GMT
content-type: image/gif
content-length: 49
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache, no-store, private
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
tcn: Choice
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-38
x-xss-protection: 0
set-cookie: HAPLB8G=s8538|ZfNmI; path=/; domain=.go.sonobi.com; SameSite=none; Secure
server: sonobi-go
GET

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D82%26uid%3D%5Bssb_sync_pid%5D

msedge.exe

Remote address:

81.17.55.122:443

Request

GET /api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D82%26uid%3D%5Bssb_sync_pid%5D HTTP/2.0
host: ssbsync-global.smartadserver.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

content-length: 0
date: Thu, 14 Mar 2024 21:03:27 GMT
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=82&uid=8757233511594307483
set-cookie: pid=8757233511594307483; expires=Mon, 14 Apr 2025 21:02:27 GMT; domain=smartadserver.com; path=/; secure; samesite=none
GET

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D82%26uid%3D%5Bssb_sync_pid%5D

msedge.exe

Remote address:

81.17.55.122:443

Request

GET /api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D82%26uid%3D%5Bssb_sync_pid%5D HTTP/2.0
host: ssbsync-global.smartadserver.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

content-length: 0
date: Thu, 14 Mar 2024 21:03:30 GMT
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=82&uid=8180630273750839162
set-cookie: pid=8180630273750839162; expires=Mon, 14 Apr 2025 21:02:30 GMT; domain=smartadserver.com; path=/; secure; samesite=none
GET

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D82%26uid%3D%5Bssb_sync_pid%5D

msedge.exe

Remote address:

81.17.55.122:443

Request

GET /api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D82%26uid%3D%5Bssb_sync_pid%5D HTTP/2.0
host: ssbsync-global.smartadserver.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

content-length: 0
date: Thu, 14 Mar 2024 21:03:31 GMT
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=82&uid=2503105802508283733
set-cookie: pid=2503105802508283733; expires=Mon, 14 Apr 2025 21:02:31 GMT; domain=smartadserver.com; path=/; secure; samesite=none
GET

https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D

msedge.exe

Remote address:

46.228.174.117:443

Request

GET /usersync2/rmphb?gdpr=0&gdpr_consent=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D HTTP/2.0
host: sync.1rx.io
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:29 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-74e5bdec-5cc7-4e8b-99fa-19b65833f184-003%22%2C%22zdxidn%22%3A%222064%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D%22%7D; path=/; expires=Fri, 14 Mar 2025 21:03:29 GMT; domain=.1rx.io; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D&cb=1710450209745
etag: RX74e5bdec5cc74e8b99fa19b65833f184003
GET

https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D&cb=1710450209745

msedge.exe

Remote address:

46.228.174.117:443

Request

GET /usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D&cb=1710450209745 HTTP/2.0
host: sync.1rx.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:29 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=22&uid=OPTOUT
etag: OPTOUT
GET

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

msedge.exe

Remote address:

69.166.1.34:443

Request

GET /us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D HTTP/2.0
host: sync.go.sonobi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:31 GMT
content-type: image/gif
content-length: 49
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache, no-store, private
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
tcn: Choice
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-136
x-xss-protection: 0
set-cookie: HAPLB8G=s86136|ZfNmJ; path=/; domain=.go.sonobi.com; SameSite=none; Secure
server: sonobi-go
DNS

api.ipify.org

UnbanMe.exe

Remote address:

8.8.8.8:53

Request

api.ipify.org

IN A

Response

api.ipify.org

IN A

172.67.74.152

api.ipify.org

IN A

104.26.12.205

api.ipify.org

IN A

104.26.13.205
DNS

api.ipify.org

UnbanMe.exe

Remote address:

8.8.8.8:53

Request

api.ipify.org

IN A

Response

api.ipify.org

IN A

172.67.74.152

api.ipify.org

IN A

104.26.13.205

api.ipify.org

IN A

104.26.12.205
GET

http://api.ipify.org/

UnbanMe.exe

Remote address:

172.67.74.152:80

Request

GET / HTTP/1.1
Host: api.ipify.org

Response

HTTP/1.1 200 OK

Date: Thu, 14 Mar 2024 21:03:34 GMT
Content-Type: text/plain
Content-Length: 12
Connection: keep-alive
Vary: Origin
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 864736103f05b752-AMS
DNS

152.74.67.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

152.74.67.172.in-addr.arpa

IN PTR

Response
DNS

152.74.67.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

152.74.67.172.in-addr.arpa

IN PTR
GET

http://api.ipify.org/

UnbanMe.exe

Remote address:

172.67.74.152:80

Request

GET / HTTP/1.1
Host: api.ipify.org

Response

HTTP/1.1 200 OK

Date: Thu, 14 Mar 2024 21:03:39 GMT
Content-Type: text/plain
Content-Length: 12
Connection: keep-alive
Vary: Origin
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 864736307c447792-LHR
GET

http://api.ipify.org/

UnbanMe.exe

Remote address:

172.67.74.152:80

Request

GET / HTTP/1.1
Host: api.ipify.org

Response

HTTP/1.1 200 OK

Date: Thu, 14 Mar 2024 21:03:51 GMT
Content-Type: text/plain
Content-Length: 12
Connection: keep-alive
Vary: Origin
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 864736786badb782-AMS
GET

https://prebid-server.rubiconproject.com/getuids

msedge.exe

Remote address:

213.19.162.71:443

Request

GET /getuids HTTP/1.1
Host: prebid-server.rubiconproject.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
Accept: */*
Origin: https://s.0cf.io
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://s.0cf.io/?gdpr=1&gdprConsent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&bidid=321206534-19072067-24490-0&id=191beab17e050a2&uid=
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
access-control-allow-credentials: true
access-control-allow-origin: https://s.0cf.io
Content-Type: application/json;charset=utf-8
content-encoding: gzip
content-length: 28
GET

https://prebid-server.rubiconproject.com/getuids

msedge.exe

Remote address:

213.19.162.71:443

Request

GET /getuids HTTP/1.1
Host: prebid-server.rubiconproject.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
Accept: */*
Origin: https://s.0cf.io
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
access-control-allow-credentials: true
access-control-allow-origin: https://s.0cf.io
Content-Type: application/json;charset=utf-8
content-encoding: gzip
content-length: 28
GET

https://prebid-server.rubiconproject.com/getuids

msedge.exe

Remote address:

213.19.162.71:443

Request

GET /getuids HTTP/1.1
Host: prebid-server.rubiconproject.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
Accept: */*
Origin: https://s.0cf.io
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
access-control-allow-credentials: true
access-control-allow-origin: https://s.0cf.io
Content-Type: application/json;charset=utf-8
content-encoding: gzip
content-length: 28
GET

https://prebid-server.rubiconproject.com/getuids

msedge.exe

Remote address:

213.19.162.71:443

Request

GET /getuids HTTP/1.1
Host: prebid-server.rubiconproject.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
Accept: */*
Origin: https://s.0cf.io
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
access-control-allow-credentials: true
access-control-allow-origin: https://s.0cf.io
Content-Type: application/json;charset=utf-8
content-encoding: gzip
content-length: 28
GET

https://prebid-server.rubiconproject.com/getuids

msedge.exe

Remote address:

213.19.162.71:443

Request

GET /getuids HTTP/1.1
Host: prebid-server.rubiconproject.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
Accept: */*
Origin: https://s.0cf.io
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
access-control-allow-credentials: true
access-control-allow-origin: https://s.0cf.io
Content-Type: application/json;charset=utf-8
content-encoding: gzip
content-length: 28
GET

https://prebid-server.rubiconproject.com/getuids

msedge.exe

Remote address:

213.19.162.71:443

Request

GET /getuids HTTP/1.1
Host: prebid-server.rubiconproject.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
Accept: */*
Origin: https://s.0cf.io
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
access-control-allow-credentials: true
access-control-allow-origin: https://s.0cf.io
Content-Type: application/json;charset=utf-8
content-encoding: gzip
content-length: 28
GET

https://prebid-server.rubiconproject.com/getuids

msedge.exe

Remote address:

213.19.162.71:443

Request

GET /getuids HTTP/1.1
Host: prebid-server.rubiconproject.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
Accept: */*
Origin: https://s.0cf.io
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
access-control-allow-credentials: true
access-control-allow-origin: https://s.0cf.io
Content-Type: application/json;charset=utf-8
content-encoding: gzip
content-length: 28
GET

https://prebid-server.rubiconproject.com/getuids

msedge.exe

Remote address:

213.19.162.71:443

Request

GET /getuids HTTP/1.1
Host: prebid-server.rubiconproject.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
Accept: */*
Origin: https://s.0cf.io
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
access-control-allow-credentials: true
access-control-allow-origin: https://s.0cf.io
Content-Type: application/json;charset=utf-8
content-encoding: gzip
content-length: 28
GET

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

msedge.exe

Remote address:

69.166.1.34:443

Request

GET /us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D HTTP/2.0
host: sync.go.sonobi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:52 GMT
content-type: image/gif
content-length: 49
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache, no-store, private
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
tcn: Choice
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-74
x-xss-protection: 0
set-cookie: HAPLB8G=s8574|ZfNmO; path=/; domain=.go.sonobi.com; SameSite=none; Secure
server: sonobi-go
GET

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

msedge.exe

Remote address:

69.166.1.34:443

Request

GET /us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D HTTP/2.0
host: sync.go.sonobi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:53 GMT
content-type: image/gif
content-length: 49
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache, no-store, private
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
tcn: Choice
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-78
x-xss-protection: 0
set-cookie: HAPLB8G=s8578|ZfNmP; path=/; domain=.go.sonobi.com; SameSite=none; Secure
server: sonobi-go
GET

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

msedge.exe

Remote address:

69.166.1.34:443

Request

GET /us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D HTTP/2.0
host: sync.go.sonobi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

msedge.exe

Remote address:

67.202.105.24:443

Request

GET /ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X HTTP/2.0
host: ssc-cms.33across.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

x-33x-status: 2800208
server: 33XP008
date: Thu, 14 Mar 2024 21:03:52 GMT
GET

https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

msedge.exe

Remote address:

67.202.105.24:443

Request

GET /ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X HTTP/2.0
host: ssc-cms.33across.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

x-33x-status: 2800208
server: 33XP003
date: Thu, 14 Mar 2024 21:03:53 GMT
GET

https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

msedge.exe

Remote address:

67.202.105.24:443

Request

GET /ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X HTTP/2.0
host: ssc-cms.33across.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

x-33x-status: 2800208
server: 33XP020
date: Thu, 14 Mar 2024 21:03:54 GMT
GET

https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

msedge.exe

Remote address:

67.202.105.24:443

Request

GET /ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X HTTP/2.0
host: ssc-cms.33across.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

x-33x-status: 2800208
server: 33XP005
date: Thu, 14 Mar 2024 21:03:56 GMT
GET

https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

msedge.exe

Remote address:

67.202.105.24:443

Request

GET /ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X HTTP/2.0
host: ssc-cms.33across.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

x-33x-status: 2800208
server: 33XP008
date: Thu, 14 Mar 2024 21:03:57 GMT
GET

https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

msedge.exe

Remote address:

67.202.105.24:443

Request

GET /ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X HTTP/2.0
host: ssc-cms.33across.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

x-33x-status: 2800208
server: 33XP002
date: Thu, 14 Mar 2024 21:03:59 GMT
GET

https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

msedge.exe

Remote address:

67.202.105.24:443

Request

GET /ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X HTTP/2.0
host: ssc-cms.33across.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

x-33x-status: 2800208
server: 33XP016
date: Thu, 14 Mar 2024 21:04:01 GMT
GET

https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

msedge.exe

Remote address:

67.202.105.24:443

Request

GET /ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X HTTP/2.0
host: ssc-cms.33across.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

msedge.exe

Remote address:

69.166.1.34:443

Request

GET /us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D HTTP/2.0
host: sync.go.sonobi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:55 GMT
content-type: image/gif
content-length: 49
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache, no-store, private
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
tcn: Choice
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-206
x-xss-protection: 0
set-cookie: HAPLB8G=s86206|ZfNmP; path=/; domain=.go.sonobi.com; SameSite=none; Secure
server: sonobi-go
GET

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

msedge.exe

Remote address:

69.166.1.34:443

Request

GET /us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D HTTP/2.0
host: sync.go.sonobi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:56 GMT
content-type: image/gif
content-length: 49
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache, no-store, private
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
tcn: Choice
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-71
x-xss-protection: 0
set-cookie: HAPLB8G=s8671|ZfNmP; path=/; domain=.go.sonobi.com; SameSite=none; Secure
server: sonobi-go
GET

https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D

msedge.exe

Remote address:

46.228.174.117:443

Request

GET /usersync2/rmphb?gdpr=0&gdpr_consent=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D HTTP/2.0
host: sync.1rx.io
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:54 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-1de24078-aa85-41ea-b533-9232a2202089-003%22%2C%22zdxidn%22%3A%222064%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D%22%7D; path=/; expires=Fri, 14 Mar 2025 21:03:54 GMT; domain=.1rx.io; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D&cb=1710450234418
etag: RX1de24078aa8541eab5339232a2202089003
GET

https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D&cb=1710450234418

msedge.exe

Remote address:

46.228.174.117:443

Request

GET /usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D&cb=1710450234418 HTTP/2.0
host: sync.1rx.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:03:54 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=22&uid=OPTOUT
etag: OPTOUT
GET

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID

msedge.exe

Remote address:

37.252.171.149:443

Request

GET /getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP/2.0
host: secure.adnxs.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 307

server: nginx/1.23.4
date: Thu, 14 Mar 2024 21:03:55 GMT
content-type: text/html; charset=utf-8
content-length: 0
cache-control: no-store, no-cache, private
pragma: no-cache
expires: Sat, 15 Nov 2008 16:00:00 GMT
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-xss-protection: 0
access-control-allow-credentials: true
access-control-allow-origin: *
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
location: https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID
an-x-request-uuid: 972db76c-9329-4c42-b75b-f2b1ace551f9
set-cookie: XANDR_PANID=hOPixswFw05W_PzzxW-YPbPIbcnIPr3ohT7_81vOORkRtNPjptlzLDxqIscI_uV1aeyAV3u9A44sEj0-Oitipxzrim2RDaCtq5u-DDX7Nv0.; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 12-Jun-2024 21:03:55 GMT; Domain=.adnxs.com; Secure; Partitioned
set-cookie: receive-cookie-deprecation=1; SameSite=None; Path=/; Max-Age=314496000; Expires=Thu, 02-Mar-2034 21:03:55 GMT; Domain=.adnxs.com; Secure; HttpOnly; Partitioned
set-cookie: uuid2=7726201533464079943; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 12-Jun-2024 21:03:55 GMT; Domain=.adnxs.com; Secure; HttpOnly
x-proxy-origin: 89.149.23.59; 89.149.23.59; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
GET

https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID

msedge.exe

Remote address:

37.252.171.149:443

Request

GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID HTTP/2.0
host: secure.adnxs.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: nginx/1.23.4
date: Thu, 14 Mar 2024 21:03:55 GMT
content-type: text/html; charset=utf-8
content-length: 0
cache-control: no-store, no-cache, private
pragma: no-cache
expires: Sat, 15 Nov 2008 16:00:00 GMT
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-xss-protection: 0
access-control-allow-credentials: true
access-control-allow-origin: *
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
location: https://usersync.gumgum.com/usersync?b=apn&i=0
an-x-request-uuid: bd4f8376-bef6-4974-88d2-a8ee5788414b
set-cookie: receive-cookie-deprecation=1; SameSite=None; Path=/; Max-Age=314496000; Expires=Thu, 02-Mar-2034 21:03:55 GMT; Domain=.adnxs.com; Secure; HttpOnly; Partitioned
x-proxy-origin: 89.149.23.59; 89.149.23.59; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
GET

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID

msedge.exe

Remote address:

37.252.171.149:443

Request

GET /getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP/2.0
host: secure.adnxs.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 307

server: nginx/1.23.4
date: Thu, 14 Mar 2024 21:03:58 GMT
content-type: text/html; charset=utf-8
content-length: 0
cache-control: no-store, no-cache, private
pragma: no-cache
expires: Sat, 15 Nov 2008 16:00:00 GMT
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-xss-protection: 0
access-control-allow-credentials: true
access-control-allow-origin: *
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
location: https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID
an-x-request-uuid: ecd73911-b9e9-4a08-8e9e-291d91ba896f
set-cookie: XANDR_PANID=1Om0ATOJD9pe99vSlGYHRd3TznjkB_rQG1dbZuOuaMTVQcVrzv6hLIaf2sfgyjiP_nt0GPw9ZacyyLKqujIvrn8EgC3qZ05NAqmbYzN0DUc.; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 12-Jun-2024 21:03:58 GMT; Domain=.adnxs.com; Secure; Partitioned
set-cookie: receive-cookie-deprecation=1; SameSite=None; Path=/; Max-Age=314496000; Expires=Thu, 02-Mar-2034 21:03:58 GMT; Domain=.adnxs.com; Secure; HttpOnly; Partitioned
set-cookie: uuid2=8336995254753362525; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 12-Jun-2024 21:03:58 GMT; Domain=.adnxs.com; Secure; HttpOnly
x-proxy-origin: 89.149.23.59; 89.149.23.59; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
GET

https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID

msedge.exe

Remote address:

37.252.171.149:443

Request

GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID HTTP/2.0
host: secure.adnxs.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: nginx/1.23.4
date: Thu, 14 Mar 2024 21:03:58 GMT
content-type: text/html; charset=utf-8
content-length: 0
cache-control: no-store, no-cache, private
pragma: no-cache
expires: Sat, 15 Nov 2008 16:00:00 GMT
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-xss-protection: 0
access-control-allow-credentials: true
access-control-allow-origin: *
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
location: https://usersync.gumgum.com/usersync?b=apn&i=0
an-x-request-uuid: e39bd587-d192-40b4-8ea3-fe8f4a10b7df
set-cookie: receive-cookie-deprecation=1; SameSite=None; Path=/; Max-Age=314496000; Expires=Thu, 02-Mar-2034 21:03:58 GMT; Domain=.adnxs.com; Secure; HttpOnly; Partitioned
x-proxy-origin: 89.149.23.59; 89.149.23.59; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
GET

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_113e3891-95fe-483c-bcf7-92df15b25d19&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__

msedge.exe

Remote address:

64.74.236.95:443

Request

GET /usersync/gumgum/?puid=e_113e3891-95fe-483c-bcf7-92df15b25d19&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP/1.1
Host: b1sync.zemanta.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Content-Type: text/html; charset=utf-8
Content-Length: 102
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Location: https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0
Pragma: no-cache
Date: Thu, 14 Mar 2024 21:03:56 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
GET

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_79532521-4522-4ff1-9348-e8c7e721f1ba&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__

msedge.exe

Remote address:

64.74.236.95:443

Request

GET /usersync/gumgum/?puid=e_79532521-4522-4ff1-9348-e8c7e721f1ba&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP/1.1
Host: b1sync.zemanta.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Content-Type: text/html; charset=utf-8
Content-Length: 102
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Location: https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0
Pragma: no-cache
Date: Thu, 14 Mar 2024 21:03:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
GET

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D

msedge.exe

Remote address:

52.71.44.145:443

Request

GET /d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP/1.1
Host: sync.ipredictive.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Content-Type: text/html; charset=utf-8
Date: Thu, 14 Mar 2024 21:03:55 GMT
Location: https://usersync.gumgum.com/usersync?b=vnt&i=b8e73281-9e5d-44f1-9dd1-d21f13c3037c
Set-Cookie: cu=b8e73281-9e5d-44f1-9dd1-d21f13c3037c|1710450235859; Path=/; Domain=ipredictive.com; Expires=Fri, 14 Mar 2025 21:03:55 GMT; Max-Age=31536000; SameSite=None; Secure
X-CI-RTID: fe8eb266-2343-4e59-b084-170895b05aa3
Content-Length: 108
Connection: keep-alive
GET

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D

msedge.exe

Remote address:

52.71.44.145:443

Request

GET /d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP/1.1
Host: sync.ipredictive.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Content-Type: text/html; charset=utf-8
Date: Thu, 14 Mar 2024 21:03:58 GMT
Location: https://usersync.gumgum.com/usersync?b=vnt&i=57712d8d-2263-447c-b696-16133d4c1133
Set-Cookie: cu=57712d8d-2263-447c-b696-16133d4c1133|1710450238740; Path=/; Domain=ipredictive.com; Expires=Fri, 14 Mar 2025 21:03:58 GMT; Max-Age=31536000; SameSite=None; Secure
X-CI-RTID: 279ac877-4ecc-4cba-905e-1d545cec90ef
Content-Length: 108
Connection: keep-alive
GET

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25

msedge.exe

Remote address:

208.93.169.131:443

Request

GET /bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP/2.0
host: bh.contextweb.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-648c8fd498-g47ql
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://rtb.gumgum.com/usersync?b=pln&i=WUVYysfaqzTQ&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
server: Jetty(10.0.14)
set-cookie: INGRESSCOOKIE=464b58aa151d3db0; path=/; HttpOnly; Secure; SameSite=None
GET

https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D21%26uid%3D%25%25VGUID%25%25

msedge.exe

Remote address:

208.93.169.131:443

Request

GET /rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D21%26uid%3D%25%25VGUID%25%25 HTTP/2.0
host: bh.contextweb.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-stage-0
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=21&uid=HWCEw8NYccae&ev=1&pid=561205
server: Jetty(10.0.14)
set-cookie: INGRESSCOOKIE=4a93779477312ee3; path=/; HttpOnly; Secure; SameSite=None
GET

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25

msedge.exe

Remote address:

208.93.169.131:443

Request

GET /bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP/2.0
host: bh.contextweb.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-stage-0
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://rtb.gumgum.com/usersync?b=pln&i=2ZNkXBZZ5nIv&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
server: Jetty(10.0.14)
set-cookie: INGRESSCOOKIE=4a93779477312ee3; path=/; HttpOnly; Secure; SameSite=None
GET

https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D21%26uid%3D%25%25VGUID%25%25

msedge.exe

Remote address:

208.93.169.131:443

Request

GET /rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D21%26uid%3D%25%25VGUID%25%25 HTTP/2.0
host: bh.contextweb.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-648c8fd498-6fszf
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=21&uid=ixFNq5KR7qg3&ev=1&pid=561205
server: Jetty(10.0.14)
set-cookie: INGRESSCOOKIE=04d3b19c713cd0c4; path=/; HttpOnly; Secure; SameSite=None
GET

https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D21%26uid%3D%25%25VGUID%25%25

msedge.exe

Remote address:

208.93.169.131:443

Request

GET /rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D21%26uid%3D%25%25VGUID%25%25 HTTP/2.0
host: bh.contextweb.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-648c8fd498-bmvbl
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=21&uid=SrY4RnekaYzP&ev=1&pid=561205
server: Jetty(10.0.14)
set-cookie: INGRESSCOOKIE=48e7372bb079d18b; path=/; HttpOnly; Secure; SameSite=None
GET

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

81.17.55.109:443

Request

GET /api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0 HTTP/2.0
host: ssbsync.smartadserver.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

content-length: 0
date: Thu, 14 Mar 2024 21:03:55 GMT
location: https://usersync.gumgum.com/usersync?b=sad&i=1546519162945908492
set-cookie: pid=1546519162945908492; expires=Mon, 14 Apr 2025 21:02:55 GMT; domain=smartadserver.com; path=/; secure; samesite=none
GET

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D82%26uid%3D%5Bssb_sync_pid%5D

msedge.exe

Remote address:

81.17.55.109:443

Request

GET /api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D82%26uid%3D%5Bssb_sync_pid%5D HTTP/2.0
host: ssbsync-global.smartadserver.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

content-length: 0
date: Thu, 14 Mar 2024 21:03:55 GMT
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=82&uid=3833997334383538164
set-cookie: pid=3833997334383538164; expires=Mon, 14 Apr 2025 21:02:55 GMT; domain=smartadserver.com; path=/; secure; samesite=none
GET

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D82%26uid%3D%5Bssb_sync_pid%5D

msedge.exe

Remote address:

81.17.55.109:443

Request

GET /api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D82%26uid%3D%5Bssb_sync_pid%5D HTTP/2.0
host: ssbsync-global.smartadserver.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

content-length: 0
date: Thu, 14 Mar 2024 21:03:57 GMT
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=82&uid=778071478430707499
set-cookie: pid=778071478430707499; expires=Mon, 14 Apr 2025 21:02:57 GMT; domain=smartadserver.com; path=/; secure; samesite=none
GET

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

81.17.55.109:443

Request

GET /api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0 HTTP/2.0
host: ssbsync.smartadserver.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

content-length: 0
date: Thu, 14 Mar 2024 21:03:57 GMT
location: https://usersync.gumgum.com/usersync?b=sad&i=2945505064837033728
set-cookie: pid=2945505064837033728; expires=Mon, 14 Apr 2025 21:02:58 GMT; domain=smartadserver.com; path=/; secure; samesite=none
GET

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D82%26uid%3D%5Bssb_sync_pid%5D

msedge.exe

Remote address:

81.17.55.109:443

Request

GET /api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D82%26uid%3D%5Bssb_sync_pid%5D HTTP/2.0
host: ssbsync-global.smartadserver.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

content-length: 0
date: Thu, 14 Mar 2024 21:03:58 GMT
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=82&uid=8418604498837680011
set-cookie: pid=8418604498837680011; expires=Mon, 14 Apr 2025 21:02:58 GMT; domain=smartadserver.com; path=/; secure; samesite=none
GET

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D82%26uid%3D%5Bssb_sync_pid%5D

msedge.exe

Remote address:

81.17.55.109:443

Request

GET /api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D82%26uid%3D%5Bssb_sync_pid%5D HTTP/2.0
host: ssbsync-global.smartadserver.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

content-length: 0
date: Thu, 14 Mar 2024 21:04:00 GMT
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=82&uid=87782462011846900
set-cookie: pid=87782462011846900; expires=Mon, 14 Apr 2025 21:03:01 GMT; domain=smartadserver.com; path=/; secure; samesite=none
GET

https://usersync.gumgum.com/usersync?b=sus&i=ZfNmO8Co5sMAAJYh6woAAAAA

msedge.exe

Remote address:

34.247.233.198:443

Request

GET /usersync?b=sus&i=ZfNmO8Co5sMAAJYh6woAAAAA HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:03:55 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=sad&i=1546519162945908492

msedge.exe

Remote address:

34.247.233.198:443

Request

GET /usersync?b=sad&i=1546519162945908492 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:03:55 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=apn&i=0

msedge.exe

Remote address:

34.247.233.198:443

Request

GET /usersync?b=apn&i=0 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:03:55 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=opx&i=3db707c6-58d1-42a6-b587-6216f1d70504&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

34.247.233.198:443

Request

GET /usersync?b=opx&i=3db707c6-58d1-42a6-b587-6216f1d70504&gdpr=0&gdpr_consent=0 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:03:55 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=vnt&i=b8e73281-9e5d-44f1-9dd1-d21f13c3037c

msedge.exe

Remote address:

34.247.233.198:443

Request

GET /usersync?b=vnt&i=b8e73281-9e5d-44f1-9dd1-d21f13c3037c HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:03:56 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

34.247.233.198:443

Request

GET /usersync?b=zem&i=&gdpr=0&gdpr_consent=0 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:03:57 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=sus&i=ZfNmPsCo5sMAAJYh6ysAAAAA

msedge.exe

Remote address:

34.247.233.198:443

Request

GET /usersync?b=sus&i=ZfNmPsCo5sMAAJYh6ysAAAAA HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:03:58 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

54.166.93.240:443

Request

GET /sync?nid=1&gdpr=0&gdpr_consent=0 HTTP/1.1
Host: sync.srv.stackadapt.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Content-Type: text/html; charset=utf-8
Date: Thu, 14 Mar 2024 21:03:56 GMT
Location: https://usersync.gumgum.com/usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59
Set-Cookie: sa-user-id=s%3A0-7c72b27d-100a-5436-77f4-3c22950a6cff.4oNH0tpHNZeUKiHAXKXF03RzTN7Z8mEmzcC%2FGL8cBjo; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id=s%3A0-7c72b27d-100a-5436-77f4-3c22950a6cff.4oNH0tpHNZeUKiHAXKXF03RzTN7Z8mEmzcC%2FGL8cBjo; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v2=s%3AfHKyfRAKVDZ39DwilQps_1mVFzs.BXalIGJNpQI1gJNcBOImgKbMQV12eayRN58JgMI4Uww; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v2=s%3AfHKyfRAKVDZ39DwilQps_1mVFzs.BXalIGJNpQI1gJNcBOImgKbMQV12eayRN58JgMI4Uww; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v3=s%3AAQAKIMMOVsnI_jD_pKT_cSzy-hgI7oLKJYzUyOvvzIIlC2wBEFsYBCC8zM2vBjABOgSG_qDnQgTw6BV5.wslakwn0%2Bm%2BwTaG1iv%2BoOEliapYfvO9bXOJKj7MneEo; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v3=s%3AAQAKIMMOVsnI_jD_pKT_cSzy-hgI7oLKJYzUyOvvzIIlC2wBEFsYBCC8zM2vBjABOgSG_qDnQgTw6BV5.wslakwn0%2Bm%2BwTaG1iv%2BoOEliapYfvO9bXOJKj7MneEo; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length: 126
Connection: keep-alive
GET

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

54.166.93.240:443

Request

GET /sync?nid=1&gdpr=0&gdpr_consent=0 HTTP/1.1
Host: sync.srv.stackadapt.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Content-Type: text/html; charset=utf-8
Date: Thu, 14 Mar 2024 21:03:58 GMT
Location: https://usersync.gumgum.com/usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59
Set-Cookie: sa-user-id=s%3A0-7c72b27d-100a-5436-77f4-3c22950a6cff.4oNH0tpHNZeUKiHAXKXF03RzTN7Z8mEmzcC%2FGL8cBjo; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id=s%3A0-7c72b27d-100a-5436-77f4-3c22950a6cff.4oNH0tpHNZeUKiHAXKXF03RzTN7Z8mEmzcC%2FGL8cBjo; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v2=s%3AfHKyfRAKVDZ39DwilQps_1mVFzs.BXalIGJNpQI1gJNcBOImgKbMQV12eayRN58JgMI4Uww; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v2=s%3AfHKyfRAKVDZ39DwilQps_1mVFzs.BXalIGJNpQI1gJNcBOImgKbMQV12eayRN58JgMI4Uww; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v3=s%3AAQAKIMMOVsnI_jD_pKT_cSzy-hgI7oLKJYzUyOvvzIIlC2wBEFsYBCC-zM2vBjABOgSG_qDnQgThbZ-z.7kF4Pihq4JQLcTi6%2FN%2FLsGe2i%2BX18deL93sxsTzUZVo; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: sa-user-id-v3=s%3AAQAKIMMOVsnI_jD_pKT_cSzy-hgI7oLKJYzUyOvvzIIlC2wBEFsYBCC-zM2vBjABOgSG_qDnQgThbZ-z.7kF4Pihq4JQLcTi6%2FN%2FLsGe2i%2BX18deL93sxsTzUZVo; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length: 126
Connection: keep-alive
GET

https://usersync.gumgum.com/usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59

msedge.exe

Remote address:

34.247.233.198:443

Request

GET /usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:03:57 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=sad&i=2945505064837033728

msedge.exe

Remote address:

34.247.233.198:443

Request

GET /usersync?b=sad&i=2945505064837033728 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:03:58 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=apn&i=0

msedge.exe

Remote address:

34.247.233.198:443

Request

GET /usersync?b=apn&i=0 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:03:58 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

34.247.233.198:443

Request

GET /usersync?b=zem&i=&gdpr=0&gdpr_consent=0 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:03:58 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=opx&i=4aebdae4-a064-4a9c-b1fe-ba84311e8bfa&gdpr=0&gdpr_consent=0

msedge.exe

Remote address:

34.247.233.198:443

Request

GET /usersync?b=opx&i=4aebdae4-a064-4a9c-b1fe-ba84311e8bfa&gdpr=0&gdpr_consent=0 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:03:58 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://usersync.gumgum.com/usersync?b=vnt&i=57712d8d-2263-447c-b696-16133d4c1133

msedge.exe

Remote address:

34.247.233.198:443

Request

GET /usersync?b=vnt&i=57712d8d-2263-447c-b696-16133d4c1133 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:03:58 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
DNS

27.73.42.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

27.73.42.20.in-addr.arpa

IN PTR

Response
DNS

27.73.42.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

27.73.42.20.in-addr.arpa

IN PTR

Response
DNS

ads.pubmatic.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ads.pubmatic.com

IN A

Response

ads.pubmatic.com

IN CNAME

pubmatic.edgekey.net

pubmatic.edgekey.net

IN CNAME

e6603.g.akamaiedge.net

e6603.g.akamaiedge.net

IN A

96.16.109.9
DNS

ads.pubmatic.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ads.pubmatic.com

IN A

Response

ads.pubmatic.com

IN CNAME

pubmatic.edgekey.net

pubmatic.edgekey.net

IN CNAME

e6603.g.akamaiedge.net

e6603.g.akamaiedge.net

IN A

96.16.109.9
GET

https://usersync.gumgum.com/usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59

msedge.exe

Remote address:

34.247.233.198:443

Request

GET /usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59 HTTP/1.1
Host: usersync.gumgum.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200

Date: Thu, 14 Mar 2024 21:03:58 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
GET

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

msedge.exe

Remote address:

69.166.1.34:443

Request

GET /us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D HTTP/2.0
host: sync.go.sonobi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:03:58 GMT
content-type: image/gif
content-length: 49
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache, no-store, private
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
tcn: Choice
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-181
x-xss-protection: 0
set-cookie: HAPLB8G=s85181|ZfNmQ; path=/; domain=.go.sonobi.com; SameSite=none; Secure
server: sonobi-go
GET

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

msedge.exe

Remote address:

69.166.1.34:443

Request

GET /us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D HTTP/2.0
host: sync.go.sonobi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

msedge.exe

Remote address:

69.166.1.34:443

Request

GET /us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D HTTP/2.0
host: sync.go.sonobi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:04:00 GMT
content-type: image/gif
content-length: 49
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache, no-store, private
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
tcn: Choice
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-132
x-xss-protection: 0
set-cookie: HAPLB8G=s85132|ZfNmQ; path=/; domain=.go.sonobi.com; SameSite=none; Secure
server: sonobi-go
GET

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

msedge.exe

Remote address:

69.166.1.34:443

Request

GET /us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D HTTP/2.0
host: sync.go.sonobi.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 14 Mar 2024 21:04:00 GMT
content-type: image/gif
content-length: 49
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache, no-store, private
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
tcn: Choice
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-193
x-xss-protection: 0
set-cookie: HAPLB8G=s86193|ZfNmQ; path=/; domain=.go.sonobi.com; SameSite=none; Secure
server: sonobi-go
GET

https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D

msedge.exe

Remote address:

46.228.174.117:443

Request

GET /usersync2/rmphb?gdpr=0&gdpr_consent=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D HTTP/2.0
host: sync.1rx.io
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:04:01 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-243e8d37-5951-4db3-9f69-a49407153b33-003%22%2C%22zdxidn%22%3A%222064%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D%22%7D; path=/; expires=Fri, 14 Mar 2025 21:04:01 GMT; domain=.1rx.io; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D&cb=1710450241072
etag: RX243e8d3759514db39f69a49407153b33003
GET

https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D&cb=1710450241072

msedge.exe

Remote address:

46.228.174.117:443

Request

GET /usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D&cb=1710450241072 HTTP/2.0
host: sync.1rx.io
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 14 Mar 2024 21:04:01 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
location: https://s.0cf.io/#ps=true&dbid=191beab17e050a2&id=22&uid=OPTOUT
etag: OPTOUT

104.26.12.251:443

https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877&act=down&actionhash=1710450126-b124aabd4f2bbabe77b6f39fcf4c1889906ff6fc

tls, http2

msedge.exe

112.3kB
2.8MB
1517
2329

HTTP Request

GET https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877

HTTP Response

200

HTTP Request

GET https://www.unknowncheats.me/forum/clientscript/vbulletin_css/style-01a2078a-00033.css

HTTP Request

GET https://www.unknowncheats.me/forum/clientscript/vbulletin_important.css?v=387

HTTP Request

GET https://www.unknowncheats.me/forum/clientscript/yui/yahoo-dom-event/yahoo-dom-event.js?v=387

HTTP Request

GET https://www.unknowncheats.me/forum/clientscript/yui/connection/connection-min.js?v=387

HTTP Request

GET https://www.unknowncheats.me/forum/clientscript/vbulletin_global.js?v=387

HTTP Request

GET https://www.unknowncheats.me/forum/clientscript/prettify/prettify.css?v=2

HTTP Request

GET https://www.unknowncheats.me/forum/clientscript/usertitles.css?v=5

HTTP Request

GET https://www.unknowncheats.me/forum/clientscript/vbulletin_menu.js?v=387

HTTP Request

GET https://www.unknowncheats.me/forum/clientscript/prettify/run_prettify.js

HTTP Request

GET https://www.unknowncheats.me/forum/clientscript/uc_imageresizer.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.unknowncheats.me/forum/clientscript/vbulletin_md5.js

HTTP Request

GET https://www.unknowncheats.me/forum/clientscript/prettify/prettify.css

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.unknowncheats.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

HTTP Response

200

HTTP Request

GET https://www.unknowncheats.me/forum/ambience/misc/ucdownloads.png

HTTP Response

200

HTTP Request

GET https://www.unknowncheats.me/forum/ambience/misc/forum_banner_x.png

HTTP Response

200

HTTP Request

GET https://www.unknowncheats.me/forum/ambience/misc/ambience_nav_home.png

HTTP Response

200

HTTP Request

GET https://www.unknowncheats.me/forum/ambience/misc/ambience_nav_forum.png

HTTP Response

200

HTTP Request

GET https://www.unknowncheats.me/forum/ambience/misc/ambience_nav_ucwiki.png

HTTP Response

200

HTTP Request

GET https://www.unknowncheats.me/forum/ambience/misc/ambience_nav_downloads.png

HTTP Response

200

HTTP Request

GET https://www.unknowncheats.me/forum/ambience/misc/ambience_nav_faq.png

HTTP Response

200

HTTP Request

GET https://www.unknowncheats.me/forum/ambience/misc/ambience_nav_reg.png

HTTP Response

200

HTTP Request

GET https://www.unknowncheats.me/forum/ambience/misc/navbits_start.gif

HTTP Request

GET https://www.unknowncheats.me/forum/ambience/misc/navbits_finallink.gif

HTTP Response

200

HTTP Request

GET https://www.unknowncheats.me/forum/clientscript/vbulletin_editor.css?v=387

HTTP Response

200

HTTP Request

GET https://www.unknowncheats.me/forum/images/ez/mw3-hack-release.gif

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.unknowncheats.me/forum/images/ez/proxy-seller/offer.gif

HTTP Request

GET https://www.unknowncheats.me/forum/ambience/buttons/download_file.gif

HTTP Request

GET https://www.unknowncheats.me/forum/images/ez/cs2-hack.gif

HTTP Request

GET https://www.unknowncheats.me/forum/ambience/misc/close.gif

HTTP Request

GET https://www.unknowncheats.me/forum/ambience/misc/back2.png

HTTP Request

GET https://www.unknowncheats.me/forum/ambience/misc/ambience_nav_x.png

HTTP Request

GET https://www.unknowncheats.me/forum/ambience/misc/strip_back.png

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.unknowncheats.me/cdn-cgi/challenge-platform/scripts/jsd/main.js

HTTP Response

302

HTTP Request

GET https://www.unknowncheats.me/cdn-cgi/challenge-platform/h/b/scripts/jsd/ace796eb5511/main.js

HTTP Response

200

HTTP Request

POST https://www.unknowncheats.me/cdn-cgi/challenge-platform/h/b/jsd/r/86473324c916b7a8

HTTP Response

200

HTTP Request

GET https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877&act=down&actionhash=guest

HTTP Response

403

HTTP Request

GET https://www.unknowncheats.me/forum/clientscript/vbulletin_md5.js?v=387

HTTP Response

200

HTTP Request

GET https://www.unknowncheats.me/forum/ambience/misc/cat_back.png

HTTP Response

200

HTTP Request

GET https://www.unknowncheats.me/favicon.ico

HTTP Response

200

HTTP Request

POST https://www.unknowncheats.me/forum/login.php?do=login

HTTP Response

403

HTTP Request

GET https://www.unknowncheats.me/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=864733ab5c93b7a8

HTTP Response

200

HTTP Request

POST https://www.unknowncheats.me/cdn-cgi/challenge-platform/h/b/flow/ov1/759878661:1710447130:7dfE57-zyV_WVyzXWRxS5FryW-7AHdUWxdkX3qiH340/864733ab5c93b7a8/73ef8c59f4a6074

HTTP Response

200

HTTP Request

POST https://www.unknowncheats.me/cdn-cgi/challenge-platform/h/b/flow/ov1/759878661:1710447130:7dfE57-zyV_WVyzXWRxS5FryW-7AHdUWxdkX3qiH340/864733ab5c93b7a8/73ef8c59f4a6074

HTTP Response

200

HTTP Request

POST https://www.unknowncheats.me/forum/login.php?do=login

HTTP Response

200

HTTP Request

GET https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877&act=down&actionhash=guest

HTTP Response

302

HTTP Request

GET https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877

HTTP Response

200

HTTP Request

GET https://www.unknowncheats.me/forum/ambience/misc/ambience_nav_discord.png

HTTP Request

GET https://www.unknowncheats.me/forum/ambience/misc/ambience_nav_cp.png

HTTP Request

GET https://www.unknowncheats.me/forum/ambience/misc/q_links.gif

HTTP Request

GET https://www.unknowncheats.me/forum/ambience/misc/ambience_nav_search.gif

HTTP Request

GET https://www.unknowncheats.me/forum/ambience/misc/menu_open.gif

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877&act=down&actionhash=1710450126-b124aabd4f2bbabe77b6f39fcf4c1889906ff6fc

HTTP Response

200
188.114.96.2:443

https://cdn.adligature.com/ucheats/prod/prebid-8.40.0.js

tls, http2

msedge.exe

7.4kB
178.6kB
111
149

HTTP Request

GET https://cdn.adligature.com/ucheats/prod/rules.js

HTTP Response

200

HTTP Request

GET https://cdn.adligature.com/ucheats/prod/prebid-8.40.0.js

HTTP Response

200
96.17.179.205:80

http://apps.identrust.com/roots/dstrootcax3.p7c

http

msedge.exe

468 B
1.7kB
7
6

HTTP Request

GET http://apps.identrust.com/roots/dstrootcax3.p7c

HTTP Response

200
142.250.187.202:443

ajax.googleapis.com

tls, http2

msedge.exe

1.4kB
1.7kB
12
9
172.217.169.34:443

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403130101/pubads_impl.js

tls, http2

msedge.exe

6.9kB
185.2kB
116
145

HTTP Request

GET https://securepubads.g.doubleclick.net/tag/js/gpt.js

HTTP Request

GET https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403130101/pubads_impl.js
13.224.223.9:443

https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js

tls, http2

msedge.exe

7.4kB
90.6kB
76
78

HTTP Request

GET https://c.amazon-adsystem.com/aax2/apstag.js

HTTP Response

200

HTTP Request

GET https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.unknowncheats.me&pubid=7e29cf92-dbd2-479a-865a-9cb3658a40f8

HTTP Request

GET https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js

HTTP Response

200

HTTP Response

200
188.114.96.2:443

https://cdn.adligature.com/

tls, http2

msedge.exe

3.1kB
6.6kB
19
17

HTTP Request

HEAD https://cdn.adligature.com/

HTTP Response

200

HTTP Request

HEAD https://cdn.adligature.com/

HTTP Response

200

HTTP Request

HEAD https://cdn.adligature.com/

HTTP Response

200

HTTP Request

HEAD https://cdn.adligature.com/

HTTP Response

200
142.250.187.202:443

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

tls, http2

msedge.exe

3.0kB
41.0kB
40
38

HTTP Request

GET https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
208.95.112.2:443

https://pro.ip-api.com/json/?key=ZxSSLwZtxrKxQbv&fields=status,countryCode,region,timezone,mobile,continentCode

tls, http

msedge.exe

2.7kB
5.5kB
10
9

HTTP Request

GET https://pro.ip-api.com/json/?key=ZxSSLwZtxrKxQbv&fields=status,countryCode,region,timezone,mobile,continentCode

HTTP Response

200
62.149.0.74:443

idrs.adtelligent.com

tls

msedge.exe

2.3kB
816 B
12
10
178.250.1.11:443

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.unknowncheats.me%2F&domain=www.unknowncheats.me&cw=1&lsw=1

tls, http2

msedge.exe

2.3kB
5.8kB
18
15

HTTP Request

OPTIONS https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.unknowncheats.me%2F&domain=www.unknowncheats.me&cw=1&lsw=1

HTTP Response

200

HTTP Request

GET https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.unknowncheats.me%2F&domain=www.unknowncheats.me&cw=1&lsw=1

HTTP Response

200

HTTP Request

GET https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.unknowncheats.me%2F&domain=www.unknowncheats.me&cw=1&lsw=1

HTTP Response

200
162.19.138.83:443

https://id5-sync.com/g/v2/1102.json

tls, http2

msedge.exe

3.3kB
4.9kB
19
18

HTTP Request

POST https://id5-sync.com/api/config/prebid

HTTP Response

200

HTTP Request

POST https://id5-sync.com/g/v2/1102.json

HTTP Response

200
216.239.36.54:443

https://us-central1-wrapper-analytics-prod.cloudfunctions.net/send_pageviews

tls, http2

msedge.exe

3.2kB
14.6kB
21
21

HTTP Request

OPTIONS https://us-central1-wrapper-analytics-prod.cloudfunctions.net/send_pageviews
79.127.227.46:443

https://id.a-mx.com/sync/?tagId=&ref=https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877&u=https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877&act=down&actionhash=guest&tl=https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877&act=down&actionhash=guest&nf=0&rt=true&v=8.40.0&av=2.0&vg=advpbjs&us_privacy=null&am=null&gdpr=0&gdpr_consent=

tls, http

msedge.exe

7.3kB
7.5kB
16
14

HTTP Request

GET https://id.a-mx.com/sync/?tagId=&ref=https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877&u=https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877&act=down&actionhash=guest&tl=https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877&act=down&actionhash=guest&nf=0&rt=true&v=8.40.0&av=2.0&vg=advpbjs&us_privacy=null&am=null&gdpr=0&gdpr_consent=

HTTP Response

200
216.137.44.72:443

https://tagan.adlightning.com/advally-mcm/bl-258c125-fcf6aea2.js

tls, http2

msedge.exe

8.3kB
79.9kB
46
70

HTTP Request

GET https://tagan.adlightning.com/advally-mcm/op.js

HTTP Response

200

HTTP Request

GET https://tagan.adlightning.com/advally-mcm/b-904ac2d-12d92d49.js

HTTP Request

GET https://tagan.adlightning.com/advally-mcm/bl-258c125-fcf6aea2.js

HTTP Response

200

HTTP Response

200
52.84.90.40:443

https://config.aps.amazon-adsystem.com/configs/7e29cf92-dbd2-479a-865a-9cb3658a40f8

tls, http2

msedge.exe

2.8kB
7.8kB
15
16

HTTP Request

GET https://config.aps.amazon-adsystem.com/configs/7e29cf92-dbd2-479a-865a-9cb3658a40f8

HTTP Response

200
18.155.122.233:443

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%3Fdo%3Dfile%26id%3D43877&pr=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Flogin.php%3Fdo%3Dlogin&pid=HNCnugxhSzCC4&cb=0&ws=1280x609&v=24.305.1002&t=1500&slots=%5B%7B%22sd%22%3A%22Footer_Downloads_Page_2%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&sg=%7B%22ortb2%22%3A%7B%22site%22%3A%7B%22name%22%3A%22UnknownCheats%22%2C%22domain%22%3A%22unknowncheats.me%22%2C%22cattax%22%3A7%2C%22cat%22%3A%5B%5D%2C%22sectioncat%22%3A%5B%5D%2C%22pagecat%22%3A%5B%5D%2C%22page%22%3A%22https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%22%7D%7D%7D&schain=1.0%2C1!advally.com%2CP33S16%2C1%2C%2C%2C&pubid=7e29cf92-dbd2-479a-865a-9cb3658a40f8&gdpre=1&gdprc=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

tls, http2

msedge.exe

5.2kB
8.5kB
20
21

HTTP Request

GET https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%3Fdo%3Dfile%26id%3D43877&pid=HLKMWNq2cgL7a&cb=0&ws=1280x609&v=24.305.1002&t=1500&slots=%5B%7B%22sd%22%3A%22advally-adhesion-slot%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22Top_Leaderboard_2%22%2C%22s%22%3A%5B%22468x60%22%2C%22320x100%22%5D%7D%2C%7B%22sd%22%3A%22Skyscraper_Downloads_Page_1%22%2C%22s%22%3A%5B%22160x600%22%5D%7D%2C%7B%22sd%22%3A%22Footer_Downloads_Page_2%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&sg=%7B%22ortb2%22%3A%7B%22site%22%3A%7B%22name%22%3A%22UnknownCheats%22%2C%22domain%22%3A%22unknowncheats.me%22%2C%22cattax%22%3A7%2C%22cat%22%3A%5B%5D%2C%22sectioncat%22%3A%5B%5D%2C%22pagecat%22%3A%5B%5D%2C%22page%22%3A%22https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%22%7D%7D%7D&schain=1.0%2C1!advally.com%2CP33S16%2C1%2C%2C%2C&pubid=7e29cf92-dbd2-479a-865a-9cb3658a40f8&gdprl=%7B%22status%22%3A%22no-cmp%22%2C%22cmpTimeout%22%3A2000%7D

HTTP Response

200

HTTP Request

GET https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%3Fdo%3Dfile%26id%3D43877%26act%3Ddown%26actionhash%3Dguest&pr=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%3Fdo%3Dfile%26id%3D43877&pid=Q0XBdy9BK3paU&cb=0&ws=1280x609&v=24.305.1002&t=1500&slots=%5B%7B%22sd%22%3A%22advally-adhesion-slot%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22Top_Leaderboard_2%22%2C%22s%22%3A%5B%22468x60%22%2C%22320x100%22%5D%7D%5D&sg=%7B%22ortb2%22%3A%7B%22site%22%3A%7B%22name%22%3A%22UnknownCheats%22%2C%22domain%22%3A%22unknowncheats.me%22%2C%22cattax%22%3A7%2C%22cat%22%3A%5B%5D%2C%22sectioncat%22%3A%5B%5D%2C%22pagecat%22%3A%5B%5D%2C%22page%22%3A%22https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%22%7D%7D%7D&schain=1.0%2C1!advally.com%2CP33S16%2C1%2C%2C%2C&pubid=7e29cf92-dbd2-479a-865a-9cb3658a40f8&gdprl=%7B%22status%22%3A%22no-cmp%22%2C%22cmpTimeout%22%3A2000%7D

HTTP Response

200

HTTP Request

GET https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%3Fdo%3Dfile%26id%3D43877&pr=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Flogin.php%3Fdo%3Dlogin&pid=HNCnugxhSzCC4&cb=0&ws=1280x609&v=24.305.1002&t=1500&slots=%5B%7B%22sd%22%3A%22Footer_Downloads_Page_2%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&sg=%7B%22ortb2%22%3A%7B%22site%22%3A%7B%22name%22%3A%22UnknownCheats%22%2C%22domain%22%3A%22unknowncheats.me%22%2C%22cattax%22%3A7%2C%22cat%22%3A%5B%5D%2C%22sectioncat%22%3A%5B%5D%2C%22pagecat%22%3A%5B%5D%2C%22page%22%3A%22https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%22%7D%7D%7D&schain=1.0%2C1!advally.com%2CP33S16%2C1%2C%2C%2C&pubid=7e29cf92-dbd2-479a-865a-9cb3658a40f8&gdpre=1&gdprc=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

HTTP Response

200
62.149.0.74:443

https://idrs.adtelligent.com/get?gdpr=1&gdprConsent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA

tls, http

msedge.exe

4.6kB
5.9kB
23
18

HTTP Request

OPTIONS https://idrs.adtelligent.com/get?gdpr=0&gdprConsent=

HTTP Response

200

HTTP Request

OPTIONS https://idrs.adtelligent.com/get?gdpr=1&gdprConsent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA

HTTP Response

200
18.245.143.83:443

tags.crwdcntrl.net

tls, http2

msedge.exe

1.1kB
826 B
11
9
104.22.52.86:443

cdn.id5-sync.com

tls, http2

msedge.exe

1.1kB
988 B
10
6
104.22.52.173:443

cdn.hadronid.net

tls, http2

msedge.exe

1.1kB
988 B
10
6
162.19.138.117:443

https://lb.eu-1-id5-sync.com/lb/v1

tls, http2

msedge.exe

1.7kB
4.3kB
13
13

HTTP Request

GET https://lb.eu-1-id5-sync.com/lb/v1

HTTP Response

200
18.245.143.83:443

https://tags.crwdcntrl.net/lt/c/16576/sync.min.js

tls, http2

msedge.exe

2.0kB
19.3kB
21
24

HTTP Request

GET https://tags.crwdcntrl.net/lt/c/16576/sync.min.js

HTTP Response

200
104.22.52.173:443

https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%3Fdo%3Dfile%26id%3D43877&ref=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Flogin.php%3Fdo%3Dlogin&_it=amazon&partner_id=549

tls, http2

msedge.exe

4.6kB
48.5kB
59
73

HTTP Request

GET https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%3Fdo%3Dfile%26id%3D43877&ref=&_it=amazon&partner_id=549

HTTP Response

200

HTTP Request

GET https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%3Fdo%3Dfile%26id%3D43877%26act%3Ddown%26actionhash%3Dguest&ref=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%3Fdo%3Dfile%26id%3D43877&_it=amazon&partner_id=549

HTTP Response

200

HTTP Request

GET https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Flogin.php%3Fdo%3Dlogin&ref=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Flogin.php%3Fdo%3Dlogin%26__cf_chl_tk%3Doys2UE5fdUVVeBheJtCWONjMeFxu0iK76eQUmIAz.Iw-1710450116-0.0.1.1-1642&_it=amazon&partner_id=549

HTTP Response

200

HTTP Request

GET https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%3Fdo%3Dfile%26id%3D43877&ref=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Flogin.php%3Fdo%3Dlogin&_it=amazon&partner_id=549

HTTP Response

200
104.22.52.86:443

https://cdn.id5-sync.com/api/1.0/id5-api.js

tls, http2

msedge.exe

2.8kB
31.9kB
38
39

HTTP Request

GET https://cdn.id5-sync.com/api/1.0/id5-api.js

HTTP Response

200
54.155.211.205:443

https://bcp.crwdcntrl.net/6/map

tls, http2

msedge.exe

3.2kB
7.9kB
25
22

HTTP Request

POST https://bcp.crwdcntrl.net/6/map

HTTP Response

200

HTTP Request

POST https://bcp.crwdcntrl.net/6/map

HTTP Response

200

HTTP Request

POST https://bcp.crwdcntrl.net/6/map

HTTP Response

200
104.22.4.69:443

id.hadron.ad.gt

tls, http2

msedge.exe

2.3kB
1.0kB
11
7
62.149.0.74:443

https://idrs.adtelligent.com/get?gdpr=1&gdprConsent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA

tls, http

msedge.exe

4.7kB
6.2kB
20
18

HTTP Request

GET https://idrs.adtelligent.com/get?gdpr=0&gdprConsent=

HTTP Response

200

HTTP Request

GET https://idrs.adtelligent.com/get?gdpr=1&gdprConsent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA

HTTP Response

200
35.190.80.1:443

https://a.nel.cloudflare.com/report/v4?s=XiiIGgmlLsnoDdWopKpF%2BzxbiVaNWjgZHLZYADxx21R3oJP7j0Yq6UGEZHC7MMYfKr8zAlSFEmXhLWe5txVQ4yXhN2ChpJhd9PpLZg720KX018%2FiC6xVZnOehqZChf6RZR1Kf%2BwC

tls, http2

msedge.exe

2.9kB
4.9kB
20
19

HTTP Request

OPTIONS https://a.nel.cloudflare.com/report/v4?s=CHA9wk4H%2FFiTM4yr77nS0V6Y0NsgBPntmqgwB6fZ64PYjB%2FFxBxBV1qzyc%2FbN5CMvAF3IKUNtR1m4itbVCjvb%2FJmNJ%2B6SmQf4RPRn6GqbIrPapLWKPgJ%2Bdl2kE28BopWqKai33Oz

HTTP Request

OPTIONS https://a.nel.cloudflare.com/report/v4?s=XiiIGgmlLsnoDdWopKpF%2BzxbiVaNWjgZHLZYADxx21R3oJP7j0Yq6UGEZHC7MMYfKr8zAlSFEmXhLWe5txVQ4yXhN2ChpJhd9PpLZg720KX018%2FiC6xVZnOehqZChf6RZR1Kf%2BwC
104.22.4.69:443

https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=549&sync=0&domain=www.unknowncheats.me&url=https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877

tls, http2

msedge.exe

6.1kB
7.0kB
28
33

HTTP Request

OPTIONS https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=549&sync=0&domain=www.unknowncheats.me&url=https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877

HTTP Request

OPTIONS https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=549&sync=0&domain=www.unknowncheats.me&url=https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877&act=down&actionhash=guest

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=549&sync=0&domain=www.unknowncheats.me&url=https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877&act=down&actionhash=guest

HTTP Response

200

HTTP Request

OPTIONS https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=549&sync=0&domain=www.unknowncheats.me&url=https://www.unknowncheats.me/forum/login.php?do=login

HTTP Response

200

HTTP Request

GET https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=549&sync=0&domain=www.unknowncheats.me&url=https://www.unknowncheats.me/forum/login.php?do=login

HTTP Response

200

HTTP Request

OPTIONS https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=549&sync=0&domain=www.unknowncheats.me&url=https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877

HTTP Response

200

HTTP Request

GET https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=549&sync=0&domain=www.unknowncheats.me&url=https://www.unknowncheats.me/forum/downloads.php?do=file&id=43877

HTTP Response

200
208.95.112.2:443

pro.ip-api.com

tls

msedge.exe

1.7kB
873 B
10
9
104.22.5.69:443

https://a.ad.gt/api/v1/u/matches/549?_it=amazon

tls, http2

msedge.exe

2.9kB
9.9kB
19
21

HTTP Request

GET https://a.ad.gt/api/v1/u/matches/549?_it=amazon

HTTP Response

200
216.58.204.65:443

48e143e2b4cf63ba0296ab04ca42ed77.safeframe.googlesyndication.com

tls, http2

msedge.exe

1.4kB
1.8kB
11
8
216.58.204.65:443

https://b6351696394dffd7514614659b5d9454.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

tls, http2

msedge.exe

2.6kB
13.1kB
24
26

HTTP Request

GET https://48e143e2b4cf63ba0296ab04ca42ed77.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

HTTP Request

GET https://b6351696394dffd7514614659b5d9454.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
216.58.212.193:443

https://tpc.googlesyndication.com/sodar/sodar2.js

tls, http2

msedge.exe

1.9kB
13.6kB
18
19

HTTP Request

GET https://tpc.googlesyndication.com/sodar/sodar2.js
18.245.218.56:443

https://assets.revcontent.com/master/rtbWidget.ceec523f.delivery.js

tls, http2

msedge.exe

3.3kB
64.0kB
37
57

HTTP Request

GET https://assets.revcontent.com/master/delivery.js

HTTP Response

200

HTTP Request

GET https://assets.revcontent.com/master/rtbWidget.ceec523f.delivery.js

HTTP Response

200
96.16.109.9:443

ads.pubmatic.com

tls

msedge.exe

936 B
555 B
8
8
96.16.109.9:443

https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=0

tls, http2

msedge.exe

5.5kB
102.2kB
65
91

HTTP Request

GET https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js

HTTP Response

200

HTTP Request

GET https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162797&gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA

HTTP Response

200

HTTP Request

GET https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID

HTTP Response

200

HTTP Request

GET https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=

HTTP Response

200

HTTP Request

GET https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=0

HTTP Response

200
52.31.85.16:443

https://yeet.revcontent.com/yeet/events/vcpm-event

tls, http2

msedge.exe

11.4kB
14.7kB
49
41

HTTP Request

GET https://trends.revcontent.com/api/demand/?w=272881

HTTP Request

OPTIONS https://yeet.revcontent.com/yeet/events/api-errors

HTTP Response

200

HTTP Request

GET https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=272881&width=728&rev_allow_cookies=0&site_url=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%3Fdo%3Dfile%26id%3D43877%26act%3Ddown%26actionhash%3Dguest&icr_url=&va=0&user_uuid=undefined&time=1710450109963&banner_size=728x90&up=pc&bn=chrome&bv=92&widget_width=0&style_id=0&an=false&mr=false

HTTP Response

200

HTTP Request

POST https://yeet.revcontent.com/yeet/events/api-errors

HTTP Response

204

HTTP Response

200

HTTP Request

POST https://trends.revcontent.com/event/impression

HTTP Request

POST https://trends.revcontent.com/event/view

HTTP Response

204

HTTP Response

204

HTTP Request

OPTIONS https://yeet.revcontent.com/yeet/events/page-view

HTTP Request

OPTIONS https://yeet.revcontent.com/yeet/events/widget-loaded

HTTP Response

200

HTTP Response

200

HTTP Request

POST https://yeet.revcontent.com/yeet/events/page-view

HTTP Request

POST https://yeet.revcontent.com/yeet/events/widget-loaded

HTTP Response

204

HTTP Response

204

HTTP Request

OPTIONS https://yeet.revcontent.com/yeet/events/vcpm-event

HTTP Request

OPTIONS https://yeet.revcontent.com/yeet/events/vcpm-event

HTTP Request

OPTIONS https://yeet.revcontent.com/yeet/events/vcpm-event

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

POST https://yeet.revcontent.com/yeet/events/vcpm-event

HTTP Request

POST https://yeet.revcontent.com/yeet/events/vcpm-event

HTTP Request

POST https://yeet.revcontent.com/yeet/events/vcpm-event

HTTP Response

204

HTTP Response

204

HTTP Response

204
52.31.85.16:443

trends.revcontent.com

tls, http2

msedge.exe

995 B
786 B
9
8
143.204.176.129:443

https://images.revcontent.com/revcontent/image/fetch/f_webp,q_auto:eco,h_90,w_180,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/fbe6a23c385baa86e7e8c4eb80fef9d7.jpeg

tls, http2

msedge.exe

1.9kB
9.5kB
15
16

HTTP Request

GET https://images.revcontent.com/revcontent/image/fetch/f_webp,q_auto:eco,h_90,w_180,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/fbe6a23c385baa86e7e8c4eb80fef9d7.jpeg

HTTP Response

200
104.17.3.184:443

https://challenges.cloudflare.com/turnstile/v0/b/ace796eb5511/api.js?onload=BrnBEe5&render=explicit

tls, http2

msedge.exe

2.0kB
18.6kB
19
24

HTTP Request

GET https://challenges.cloudflare.com/turnstile/v0/b/ace796eb5511/api.js?onload=BrnBEe5&render=explicit

HTTP Response

200
104.17.3.184:443

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/474850368:1710447254:UqJo09sxm7LB7PDl5YJvehj4Ba6iBC2fxmN1DrZ0Z5I/864733b2bd8048ce/8b8ff972ea467eb

tls, http2

msedge.exe

49.5kB
295.4kB
217
248

HTTP Request

GET https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ufdit/0x4AAAAAAADnPIDROrmt1Wwj/light/normal

HTTP Response

200

HTTP Request

GET https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/cgqGdwECWZ0l%2BqhlK11yd%2Bx5hS12pvhB1sHMXO%2F%2F%2F3U%3D

HTTP Request

GET https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=864733b2bd8048ce

HTTP Response

200

HTTP Response

200

HTTP Request

POST https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/474850368:1710447254:UqJo09sxm7LB7PDl5YJvehj4Ba6iBC2fxmN1DrZ0Z5I/864733b2bd8048ce/8b8ff972ea467eb

HTTP Response

200

HTTP Request

GET https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/864733b2bd8048ce/1710450118578/2d3628da099cdcfa128736c0cc86f59f65da038c9a8dee2b89a3519633ce9053/ggreRUfHPEYIwkR

HTTP Response

401

HTTP Request

GET https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/864733b2bd8048ce/1710450118585/qY8O56Eiv5kV89w

HTTP Response

200

HTTP Request

POST https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/474850368:1710447254:UqJo09sxm7LB7PDl5YJvehj4Ba6iBC2fxmN1DrZ0Z5I/864733b2bd8048ce/8b8ff972ea467eb

HTTP Response

200
178.250.1.11:443

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.unknowncheats.me%2F&domain=www.unknowncheats.me&cw=1&lsw=1&gdprString=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1

tls, http2

msedge.exe

3.2kB
2.5kB
14
12

HTTP Request

OPTIONS https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.unknowncheats.me%2F&domain=www.unknowncheats.me&cw=1&lsw=1&gdprString=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1

HTTP Response

200

HTTP Request

GET https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.unknowncheats.me%2F&domain=www.unknowncheats.me&cw=1&lsw=1&gdprString=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1

HTTP Response

200

HTTP Request

OPTIONS https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.unknowncheats.me%2F&domain=www.unknowncheats.me&cw=1&lsw=1&gdprString=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1

HTTP Response

200

HTTP Request

GET https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.unknowncheats.me%2F&domain=www.unknowncheats.me&cw=1&lsw=1&gdprString=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1

HTTP Response

200
79.127.227.46:443

https://id.a-mx.com/sync/?tagId=&ref=https://www.unknowncheats.me/forum/login.php?do=login&__cf_chl_tk=oys2UE5fdUVVeBheJtCWONjMeFxu0iK76eQUmIAz.Iw-1710450116-0.0.1.1-1642&u=https://www.unknowncheats.me/forum/login.php?do=login&tl=https://www.unknowncheats.me/forum/login.php?do=login&nf=0&rt=true&v=8.40.0&av=2.0&vg=advpbjs&us_privacy=null&am=null&gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA

tls, http

msedge.exe

3.4kB
1.2kB
11
8

HTTP Request

GET https://id.a-mx.com/sync/?tagId=&ref=https://www.unknowncheats.me/forum/login.php?do=login&__cf_chl_tk=oys2UE5fdUVVeBheJtCWONjMeFxu0iK76eQUmIAz.Iw-1710450116-0.0.1.1-1642&u=https://www.unknowncheats.me/forum/login.php?do=login&tl=https://www.unknowncheats.me/forum/login.php?do=login&nf=0&rt=true&v=8.40.0&av=2.0&vg=advpbjs&us_privacy=null&am=null&gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA

HTTP Response

200
13.224.223.9:443

c.amazon-adsystem.com

tls, http2

msedge.exe

2.3kB
6.7kB
15
11
35.244.252.209:443

https://rtid.tapad.com/acc/MX7zwKYH0e/ids?gdpr=true&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA

tls, http2

msedge.exe

3.5kB
7.0kB
21
19

HTTP Request

OPTIONS https://rtid.tapad.com/acc/MX7zwKYH0e/ids?gdpr=true&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA

HTTP Request

GET https://rtid.tapad.com/acc/MX7zwKYH0e/ids?gdpr=true&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA
185.64.190.77:443

https://hbopenbid.pubmatic.com/translator?source=prebid-client

tls, http2

msedge.exe

12.5kB
5.5kB
27
17

HTTP Request

POST https://hbopenbid.pubmatic.com/translator?source=prebid-client

HTTP Response

204
37.252.171.21:443

https://ib.adnxs-simple.com/ut/v3/prebid

tls, http2

msedge.exe

5.3kB
4.6kB
16
15

HTTP Request

POST https://ib.adnxs-simple.com/ut/v3/prebid

HTTP Response

200
199.212.255.178:443

https://prebid.dblks.net/openrtb/?sid=2726059

tls, http2

msedge.exe

9.1kB
5.4kB
21
17

HTTP Request

POST https://prebid.dblks.net/openrtb/?sid=2726059

HTTP Response

200
77.245.57.72:443

https://cpm.qortex.ai/hb?zone=209763&v=1.6

tls, http

msedge.exe

4.1kB
5.5kB
14
12

HTTP Request

POST https://cpm.qortex.ai/hb?zone=209763&v=1.6

HTTP Response

204
63.215.202.146:443

https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25

tls, http2

msedge.exe

4.9kB
5.1kB
16
15

HTTP Request

POST https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25

HTTP Response

204
54.246.136.8:443

https://ads.servenobid.com/adreq?cb=8573

tls, http2

msedge.exe

4.8kB
7.5kB
19
21

HTTP Request

POST https://ads.servenobid.com/adreq?cb=8573

HTTP Response

200
34.120.63.153:443

https://prebid.media.net/rtb/prebid?cid=8CU658616

tls, http2

msedge.exe

9.4kB
7.1kB
20
16

HTTP Request

POST https://prebid.media.net/rtb/prebid?cid=8CU658616
188.42.189.197:443

https://ads.betweendigital.com/sspmatch-iframe?crf=1&rts=-381177966890668688

tls, http2

msedge.exe

3.5kB
7.4kB
18
14

HTTP Request

POST https://ads.betweendigital.com/adjson?t=prebid

HTTP Response

200

HTTP Request

GET https://ads.betweendigital.com/sspmatch-iframe

HTTP Response

302

HTTP Request

GET https://ads.betweendigital.com/sspmatch-iframe?crf=1&rts=-381177966890668688

HTTP Response

200
69.166.1.8:443

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22870c3a7186680b%22%3A%2285c026675607aed667b1%7C728x90%7Cgpid%3D%2F22812648954%2Funknowncheats.me%2FFooter_lb2_Downloads%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%3Fdo%3Dfile%26id%3D43877&s=13e734f1-9f28-47d4-8ff5-7d3a2c2a4b16&pv=0bf1d184-ed13-4f1d-871a-1d380485851f&vp=desktop&lib_name=prebid&lib_v=8.40.0&us=5&iqid=%7B%22pcid%22%3A%221e874c0b-6307-488f-8a58-c248090dc017%22%2C%22pcidDate%22%3A1710450131124%7D&fpd=%7B%22source%22%3A%7B%22tid%22%3A%22c2bff51b-e6df-493f-bf2b-365f326c4b64%22%7D%2C%22site%22%3A%7B%22domain%22%3A%22unknowncheats.me%22%2C%22keywords%22%3A%22cheats%2Chacks%2Cgamehack%2Cgamecheat%2Cgamehacking%2Cgamecheating%2Cgamehacker%2Chacktool%2Ccheattool%2Chackdownload%2Ccheatdownload%2Cgamehacktutorial%2Cgamecheattutorial%2Cgamecheattool%2Cgamehacktool%2Cgamecheatdownload%2Chackdownload%2Cgamehacktutorial%2Cgamecheattutorial%2Cgamehackingwiki%2Cgamecheatingwiki%2Chackinjector%2Ccheatinjector%2Cfreegamehacks%2Cfreegamecheats%2Cundetectedhack%2Cundetectedcheat%2Chackcoding%2Ccheatcoding%2Caimbot%2Cesp%2Cwallhack%2Cchams%2Csourcecode%2Cbypass%2Cdirect3d%2Cbypass%2Canticheatbypass%22%2C%22publisher%22%3A%7B%22domain%22%3A%22unknowncheats.me%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%3Fdo%3Dfile%26id%3D43877%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Flogin.php%3Fdo%3Dlogin%22%2C%22cat%22%3A%5B%5D%2C%22sectioncat%22%3A%5B%5D%2C%22pagecat%22%3A%5B%5D%2C%22content%22%3A%7B%22data%22%3A%5B%7B%22ext%22%3A%7B%22segtax%22%3A7%7D%2C%22segment%22%3A%5B%5D%7D%5D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1280%2C%22h%22%3A609%2C%22dnt%22%3A1%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F92.0.4515.131%20Safari%2F537.36%20Edg%2F92.0.902.67%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%5B%2292%22%5D%7D%2C%7B%22brand%22%3A%22%20Not%20A%3BBrand%22%2C%22version%22%3A%5B%2299%22%5D%7D%2C%7B%22brand%22%3A%22Microsoft%20Edge%22%2C%22version%22%3A%5B%2292%22%5D%7D%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&gdpr=true&consent_string=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22advally.com%22%2C%22sid%22%3A%22P33S16%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22adtelligent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%227zHQ7jeVj9jjZ-C5BNWs-8whLHNGyMrti2y7yDYkq1qbeJM4fJi91RMm%22%2C%22atype%22%3A3%7D%5D%7D%2C%7B%22source%22%3A%22amxdt.net%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22amx*r*8ecfb281-e68c-43a9-aa77-cf301426b0c9%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%2C%22pba%22%3A%221j5f%2BSXyi5GodUdkxlOnLw%3D%3D%22%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22cedc501d-871a-4e4d-85de-d6e12f4b1f0f%22%2C%22atype%22%3A1%7D%5D%7D%5D&kw=cheats%2Chacks%2Cgamehack%2Cgamecheat%2Cgamehacking%2Cgamecheating%2Cgamehacker%2Chacktool%2Ccheattool%2Chackdownload%2Ccheatdownload%2Cgamehacktutorial%2Cgamecheattutorial%2Cgamecheattool%2Cgamehacktool%2Cgamecheatdownload%2Cgamehackingwiki%2Cgamecheatingwiki%2Chackinjector%2Ccheatinjector%2Cfreegamehacks%2Cfreegamecheats%2Cundetectedhack%2Cundetectedcheat%2Chackcoding%2Ccheatcoding%2Caimbot%2Cesp%2Cwallhack%2Cchams%2Csourcecode%2Cbypass%2Cdirect3d%2Canticheatbypass&coppa=0

tls, http2

msedge.exe

5.0kB
9.1kB
19
18

HTTP Request

GET https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22870c3a7186680b%22%3A%2285c026675607aed667b1%7C728x90%7Cgpid%3D%2F22812648954%2Funknowncheats.me%2FFooter_lb2_Downloads%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%3Fdo%3Dfile%26id%3D43877&s=13e734f1-9f28-47d4-8ff5-7d3a2c2a4b16&pv=0bf1d184-ed13-4f1d-871a-1d380485851f&vp=desktop&lib_name=prebid&lib_v=8.40.0&us=5&iqid=%7B%22pcid%22%3A%221e874c0b-6307-488f-8a58-c248090dc017%22%2C%22pcidDate%22%3A1710450131124%7D&fpd=%7B%22source%22%3A%7B%22tid%22%3A%22c2bff51b-e6df-493f-bf2b-365f326c4b64%22%7D%2C%22site%22%3A%7B%22domain%22%3A%22unknowncheats.me%22%2C%22keywords%22%3A%22cheats%2Chacks%2Cgamehack%2Cgamecheat%2Cgamehacking%2Cgamecheating%2Cgamehacker%2Chacktool%2Ccheattool%2Chackdownload%2Ccheatdownload%2Cgamehacktutorial%2Cgamecheattutorial%2Cgamecheattool%2Cgamehacktool%2Cgamecheatdownload%2Chackdownload%2Cgamehacktutorial%2Cgamecheattutorial%2Cgamehackingwiki%2Cgamecheatingwiki%2Chackinjector%2Ccheatinjector%2Cfreegamehacks%2Cfreegamecheats%2Cundetectedhack%2Cundetectedcheat%2Chackcoding%2Ccheatcoding%2Caimbot%2Cesp%2Cwallhack%2Cchams%2Csourcecode%2Cbypass%2Cdirect3d%2Cbypass%2Canticheatbypass%22%2C%22publisher%22%3A%7B%22domain%22%3A%22unknowncheats.me%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%3Fdo%3Dfile%26id%3D43877%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Flogin.php%3Fdo%3Dlogin%22%2C%22cat%22%3A%5B%5D%2C%22sectioncat%22%3A%5B%5D%2C%22pagecat%22%3A%5B%5D%2C%22content%22%3A%7B%22data%22%3A%5B%7B%22ext%22%3A%7B%22segtax%22%3A7%7D%2C%22segment%22%3A%5B%5D%7D%5D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1280%2C%22h%22%3A609%2C%22dnt%22%3A1%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F92.0.4515.131%20Safari%2F537.36%20Edg%2F92.0.902.67%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%5B%2292%22%5D%7D%2C%7B%22brand%22%3A%22%20Not%20A%3BBrand%22%2C%22version%22%3A%5B%2299%22%5D%7D%2C%7B%22brand%22%3A%22Microsoft%20Edge%22%2C%22version%22%3A%5B%2292%22%5D%7D%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&gdpr=true&consent_string=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22advally.com%22%2C%22sid%22%3A%22P33S16%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22adtelligent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%227zHQ7jeVj9jjZ-C5BNWs-8whLHNGyMrti2y7yDYkq1qbeJM4fJi91RMm%22%2C%22atype%22%3A3%7D%5D%7D%2C%7B%22source%22%3A%22amxdt.net%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22amx*r*8ecfb281-e68c-43a9-aa77-cf301426b0c9%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%2C%22pba%22%3A%221j5f%2BSXyi5GodUdkxlOnLw%3D%3D%22%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22cedc501d-871a-4e4d-85de-d6e12f4b1f0f%22%2C%22atype%22%3A1%7D%5D%7D%5D&kw=cheats%2Chacks%2Cgamehack%2Cgamecheat%2Cgamehacking%2Cgamecheating%2Cgamehacker%2Chacktool%2Ccheattool%2Chackdownload%2Ccheatdownload%2Cgamehacktutorial%2Cgamecheattutorial%2Cgamecheattool%2Cgamehacktool%2Cgamecheatdownload%2Cgamehackingwiki%2Cgamecheatingwiki%2Chackinjector%2Ccheatinjector%2Cfreegamehacks%2Cfreegamecheats%2Cundetectedhack%2Cundetectedcheat%2Chackcoding%2Ccheatcoding%2Caimbot%2Cesp%2Cwallhack%2Cchams%2Csourcecode%2Cbypass%2Cdirect3d%2Canticheatbypass&coppa=0

HTTP Response

200
213.19.162.21:443

https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18852&site_id=208940&zone_id=1028022&size_id=2&gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&rp_schain=1.0,1!advally.com,P33S16,1,,,&eid_adtelligent.com=7zHQ7jeVj9jjZ-C5BNWs-8whLHNGyMrti2y7yDYkq1qbeJM4fJi91RMm%5E3&eid_amxdt.net=amx*r*8ecfb281-e68c-43a9-aa77-cf301426b0c9%5E1&eid_id5-sync.com=0%5E1%5E&eid_pubcid.org=cedc501d-871a-4e4d-85de-d6e12f4b1f0f%5E1&rf=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%3Fdo%3Dfile%26id%3D43877&kw=cheats%2Chacks%2Cgamehack%2Cgamecheat%2Cgamehacking%2Cgamecheating%2Cgamehacker%2Chacktool%2Ccheattool%2Chackdownload%2Ccheatdownload%2Cgamehacktutorial%2Cgamecheattutorial%2Cgamecheattool%2Cgamehacktool%2Cgamecheatdownload%2Chackdownload%2Cgamehacktutorial%2Cgamecheattutorial%2Cgamehackingwiki%2Cgamecheatingwiki%2Chackinjector%2Ccheatinjector%2Cfreegamehacks%2Cfreegamecheats%2Cundetectedhack%2Cundetectedcheat%2Chackcoding%2Ccheatcoding%2Caimbot%2Cesp%2Cwallhack%2Cchams%2Csourcecode%2Cbypass%2Cdirect3d%2Cbypass%2Canticheatbypass&tg_i.domain=unknowncheats.me&tg_i.page=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%3Fdo%3Dfile%26id%3D43877&tg_i.ref=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Flogin.php%3Fdo%3Dlogin&tg_i.pbadslot=%2F22812648954%2Funknowncheats.me%2FFooter_lb2_Downloads&tk_flint=pbjs_lite_v8.40.0&x_source.tid=c2bff51b-e6df-493f-bf2b-365f326c4b64&l_pb_bid_id=67b85310ec263d&p_screen_res=1280x720&rp_secure=1&x_imp.ext.tid=194c324b-8dbe-4e23-a404-71647d8a7cbe&rp_maxbids=1&p_gpid=%2F22812648954%2Funknowncheats.me%2FFooter_lb2_Downloads&m_ch_ua=%22Chromium%22%7Cv%3D%2292%22%2C%22%20Not%20A%3BBrand%22%7Cv%3D%2299%22%2C%22Microsoft%20Edge%22%7Cv%3D%2292%22&m_ch_full_ver=%22Chromium%22%7Cv%3D%2292%22%2C%22%20Not%20A%3BBrand%22%7Cv%3D%2299%22%2C%22Microsoft%20Edge%22%7Cv%3D%2292%22&m_ch_mobile=%3F0&slots=1&rand=0.8980015469693352

tls, http2

msedge.exe

4.2kB
8.1kB
23
29

HTTP Request

GET https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18852&site_id=208940&zone_id=1028022&size_id=2&gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&rp_schain=1.0,1!advally.com,P33S16,1,,,&eid_adtelligent.com=7zHQ7jeVj9jjZ-C5BNWs-8whLHNGyMrti2y7yDYkq1qbeJM4fJi91RMm%5E3&eid_amxdt.net=amx*r*8ecfb281-e68c-43a9-aa77-cf301426b0c9%5E1&eid_id5-sync.com=0%5E1%5E&eid_pubcid.org=cedc501d-871a-4e4d-85de-d6e12f4b1f0f%5E1&rf=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%3Fdo%3Dfile%26id%3D43877&kw=cheats%2Chacks%2Cgamehack%2Cgamecheat%2Cgamehacking%2Cgamecheating%2Cgamehacker%2Chacktool%2Ccheattool%2Chackdownload%2Ccheatdownload%2Cgamehacktutorial%2Cgamecheattutorial%2Cgamecheattool%2Cgamehacktool%2Cgamecheatdownload%2Chackdownload%2Cgamehacktutorial%2Cgamecheattutorial%2Cgamehackingwiki%2Cgamecheatingwiki%2Chackinjector%2Ccheatinjector%2Cfreegamehacks%2Cfreegamecheats%2Cundetectedhack%2Cundetectedcheat%2Chackcoding%2Ccheatcoding%2Caimbot%2Cesp%2Cwallhack%2Cchams%2Csourcecode%2Cbypass%2Cdirect3d%2Cbypass%2Canticheatbypass&tg_i.domain=unknowncheats.me&tg_i.page=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%3Fdo%3Dfile%26id%3D43877&tg_i.ref=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Flogin.php%3Fdo%3Dlogin&tg_i.pbadslot=%2F22812648954%2Funknowncheats.me%2FFooter_lb2_Downloads&tk_flint=pbjs_lite_v8.40.0&x_source.tid=c2bff51b-e6df-493f-bf2b-365f326c4b64&l_pb_bid_id=67b85310ec263d&p_screen_res=1280x720&rp_secure=1&x_imp.ext.tid=194c324b-8dbe-4e23-a404-71647d8a7cbe&rp_maxbids=1&p_gpid=%2F22812648954%2Funknowncheats.me%2FFooter_lb2_Downloads&m_ch_ua=%22Chromium%22%7Cv%3D%2292%22%2C%22%20Not%20A%3BBrand%22%7Cv%3D%2299%22%2C%22Microsoft%20Edge%22%7Cv%3D%2292%22&m_ch_full_ver=%22Chromium%22%7Cv%3D%2292%22%2C%22%20Not%20A%3BBrand%22%7Cv%3D%2299%22%2C%22Microsoft%20Edge%22%7Cv%3D%2292%22&m_ch_mobile=%3F0&slots=1&rand=0.8980015469693352

HTTP Response

200
18.155.122.233:443

aax.amazon-adsystem.com

tls, http2

msedge.exe

2.1kB
6.9kB
11
13
142.250.180.1:443

cdn.ampproject.org

tls

msedge.exe

2.1kB
11.8kB
14
12
142.250.180.1:443

https://cdn.ampproject.org/rtv/012402262017000/v0/amp-form-0.1.js

tls, http2

msedge.exe

8.2kB
140.4kB
118
108

HTTP Request

GET https://cdn.ampproject.org/rtv/012402262017000/amp4ads-v0.js

HTTP Request

GET https://cdn.ampproject.org/rtv/012402262017000/v0/amp-ad-exit-0.1.js

HTTP Request

GET https://cdn.ampproject.org/rtv/012402262017000/v0/amp-analytics-0.1.js

HTTP Request

GET https://cdn.ampproject.org/rtv/012402262017000/v0/amp-fit-text-0.1.js

HTTP Request

GET https://cdn.ampproject.org/rtv/012402262017000/v0/amp-form-0.1.js
142.250.180.1:443

cdn.ampproject.org

tls

msedge.exe

3.6kB
11.8kB
16
12
142.250.180.1:443

cdn.ampproject.org

tls

msedge.exe

3.6kB
11.8kB
16
12
142.250.180.1:443

cdn.ampproject.org

tls

msedge.exe

1.8kB
2.0kB
7
5
2.17.4.21:443

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU658616&prvid=2034%2C2033%2C2055%2C2030%2C3020%2C251%2C233%2C2027%2C2026%2C236%2C237%2C459%2C97%2C55%2C77%2C2022%2C3012%2C3011%2C182%2C262%2C461%2C201%2C246%2C4%2C126%2C203%2C10000%2C108%2C9&itype=PREBID&purpose1=0&gdprconsent=0&gdpr=1&gdprstring=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&coppa=0&usp_status=0&usp_consent=1&ckdel=1

tls, http2

msedge.exe

2.4kB
14.1kB
17
21

HTTP Request

GET https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU658616&prvid=2034%2C2033%2C2055%2C2030%2C3020%2C251%2C233%2C2027%2C2026%2C236%2C237%2C459%2C97%2C55%2C77%2C2022%2C3012%2C3011%2C182%2C262%2C461%2C201%2C246%2C4%2C126%2C203%2C10000%2C108%2C9&itype=PREBID&purpose1=0&gdprconsent=0&gdpr=1&gdprstring=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&coppa=0&usp_status=0&usp_consent=1&ckdel=1

HTTP Response

200
2.17.5.216:443

https://eus.rubiconproject.com/usync.html?p=gumgum

tls, http

msedge.exe

4.8kB
20.7kB
21
22

HTTP Request

GET https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA

HTTP Response

200

HTTP Request

GET https://eus.rubiconproject.com/usync.js

HTTP Response

200

HTTP Request

GET https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

HTTP Response

200

HTTP Request

GET https://eus.rubiconproject.com/usync.html?p=gumgum

HTTP Response

200
172.64.143.21:443

https://s.0cf.io/

tls, http2

msedge.exe

12.2kB
56.1kB
132
110

HTTP Request

GET https://s.0cf.io/?gdpr=1&gdprConsent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&bidid=321206534-19072067-24490-0&id=191beab17e050a2&uid=

HTTP Response

200

HTTP Request

GET https://s.0cf.io/

HTTP Response

200

HTTP Request

GET https://s.0cf.io/

HTTP Response

304

HTTP Request

GET https://s.0cf.io/

HTTP Request

GET https://s.0cf.io/sw.js?id=191beab17e050a2

HTTP Response

304

HTTP Response

200

HTTP Request

GET https://s.0cf.io/

HTTP Response

304

HTTP Request

GET https://s.0cf.io/

HTTP Request

GET https://s.0cf.io/ps/?dbid=191beab17e050a2

HTTP Response

304

HTTP Request

GET https://s.0cf.io/

HTTP Response

304

HTTP Request

GET https://s.0cf.io/

HTTP Response

200

HTTP Response

304

HTTP Request

GET https://s.0cf.io/

HTTP Response

304

HTTP Request

GET https://s.0cf.io/

HTTP Response

304

HTTP Request

GET https://s.0cf.io/

HTTP Response

304

HTTP Request

GET https://s.0cf.io/

HTTP Response

304

HTTP Request

GET https://s.0cf.io/

HTTP Response

304

HTTP Request

GET https://s.0cf.io/

HTTP Response

304

HTTP Request

GET https://s.0cf.io/

HTTP Response

304

HTTP Request

GET https://s.0cf.io/

HTTP Response

304

HTTP Request

GET https://s.0cf.io/

HTTP Response

304

HTTP Request

GET https://s.0cf.io/sw.js?id=191beab17e050a2

HTTP Response

304

HTTP Request

GET https://s.0cf.io/

HTTP Response

304

HTTP Request

GET https://s.0cf.io/

HTTP Response

304

HTTP Request

GET https://s.0cf.io/

HTTP Response

304

HTTP Request

GET https://s.0cf.io/

HTTP Response

304

HTTP Request

GET https://s.0cf.io/

HTTP Response

304

HTTP Request

GET https://s.0cf.io/

HTTP Response

304

HTTP Request

GET https://s.0cf.io/

HTTP Response

304

HTTP Request

GET https://s.0cf.io/

HTTP Response

304

HTTP Request

GET https://s.0cf.io/

HTTP Response

304

HTTP Request

GET https://s.0cf.io/

HTTP Response

304

HTTP Request

GET https://s.0cf.io/

HTTP Response

304

HTTP Request

GET https://s.0cf.io/sw.js?id=191beab17e050a2

HTTP Response

304

HTTP Request

GET https://s.0cf.io/

HTTP Response

304

HTTP Request

GET https://s.0cf.io/

HTTP Response

304

HTTP Request

GET https://s.0cf.io/

HTTP Response

304

HTTP Request

GET https://s.0cf.io/

HTTP Response

304

HTTP Request

GET https://s.0cf.io/

HTTP Response

304

HTTP Request

GET https://s.0cf.io/

HTTP Response

304

HTTP Request

GET https://s.0cf.io/

HTTP Response

304

HTTP Request

GET https://s.0cf.io/

HTTP Response

304

HTTP Request

GET https://s.0cf.io/

HTTP Response

304

HTTP Request

GET https://s.0cf.io/

HTTP Response

304

HTTP Request

GET https://s.0cf.io/

HTTP Request

GET https://s.0cf.io/sw.js?id=191beab17e050a2

HTTP Response

304

HTTP Response

304

HTTP Request

GET https://s.0cf.io/

HTTP Response

304

HTTP Request

GET https://s.0cf.io/

HTTP Response

304

HTTP Request

GET https://s.0cf.io/sw.js?id=191beab17e050a2

HTTP Response

304

HTTP Request

GET https://s.0cf.io/sw.js?id=191beab17e050a2

HTTP Response

304

HTTP Request

GET https://s.0cf.io/

HTTP Response

304

HTTP Request

GET https://s.0cf.io/

HTTP Response

304

HTTP Request

GET https://s.0cf.io/

HTTP Response

304

HTTP Request

GET https://s.0cf.io/

HTTP Response

304

HTTP Request

GET https://s.0cf.io/

HTTP Response

304

HTTP Request

GET https://s.0cf.io/

HTTP Response

304

HTTP Request

GET https://s.0cf.io/

HTTP Response

304

HTTP Request

GET https://s.0cf.io/

HTTP Response

304

HTTP Request

GET https://s.0cf.io/

HTTP Response

304
108.156.39.59:443

https://public.servenobid.com/sync.html?gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA

tls, http2

msedge.exe

2.1kB
11.2kB
15
18

HTTP Request

GET https://public.servenobid.com/sync.html?gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA

HTTP Response

200
52.223.40.198:443

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0

tls, http2

msedge.exe

7.8kB
9.8kB
55
46

HTTP Request

GET https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=b39556179e&gdpr=0&gdpr_consent=

HTTP Response

200

HTTP Request

GET https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=

HTTP Response

200

HTTP Request

GET https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json

HTTP Response

200

HTTP Request

GET https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0

HTTP Response

200
54.145.217.237:443

sync.srv.stackadapt.com

tls

msedge.exe

1.2kB
5.8kB
12
10
193.0.160.131:443

https://p.rfihub.com/cm?pub=44007&in=1

tls, http

msedge.exe

3.6kB
8.2kB
14
14

HTTP Request

GET https://p.rfihub.com/cm?pub=35683&in=1

HTTP Response

302

HTTP Request

GET https://p.rfihub.com/cm?pub=44007&in=1

HTTP Response

302
35.214.149.91:443

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_79532521-4522-4ff1-9348-e8c7e721f1ba&gdpr=0&gdpr_consent=0&us_privacy=

tls, http

msedge.exe

21.3kB
17.3kB
54
38

HTTP Request

GET https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=

HTTP Response

302

HTTP Request

GET https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent=

HTTP Response

200

HTTP Request

GET https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_bafd225f-69ab-4af2-b288-ccd95597959c&gdpr=0&gdpr_consent=&us_privacy=1---

HTTP Response

200

HTTP Request

GET https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_42b4f343-c748-4a1c-af2d-c580b1cb3a8b&gdpr=0&gdpr_consent=0&us_privacy=

HTTP Response

200

HTTP Request

GET https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_9325befe-7c61-44f2-a2c3-d8e0df605064&gdpr=0&gdpr_consent=0&us_privacy=

HTTP Response

200

HTTP Request

GET https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_b14c2044-9b0e-47c5-a311-93f487bb056b&gdpr=0&gdpr_consent=0&us_privacy=

HTTP Response

302

HTTP Request

GET https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_b14c2044-9b0e-47c5-a311-93f487bb056b&gdpr=0&gdpr_consent=0&us_privacy=

HTTP Response

200

HTTP Request

GET https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_d60c189c-d45a-4e99-8049-15696e9ce271&gdpr=0&gdpr_consent=0&us_privacy=

HTTP Response

302

HTTP Request

GET https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_d60c189c-d45a-4e99-8049-15696e9ce271&gdpr=0&gdpr_consent=0&us_privacy=

HTTP Response

200

HTTP Request

GET https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_08e2a7d8-e9ec-49e3-a0d9-bbc73f0a29f4&gdpr=0&gdpr_consent=0&us_privacy=

HTTP Response

200

HTTP Request

GET https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_0b60f980-b2dd-40ef-b061-b53e0d41f79e&gdpr=0&gdpr_consent=0&us_privacy=

HTTP Response

200

HTTP Request

GET https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_00e8c282-3417-4f43-a7a4-9c1df91e75da&gdpr=0&gdpr_consent=0&us_privacy=

HTTP Response

200

HTTP Request

GET https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_2fbce7b6-2b74-4d62-a9b7-729791e5b5db&gdpr=0&gdpr_consent=0&us_privacy=

HTTP Response

302

HTTP Request

GET https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_2fbce7b6-2b74-4d62-a9b7-729791e5b5db&gdpr=0&gdpr_consent=0&us_privacy=

HTTP Response

200

HTTP Request

GET https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_a631c396-5fc4-4378-9bc9-b31449734366&gdpr=0&gdpr_consent=0&us_privacy=

HTTP Response

200

HTTP Request

GET https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_d64428ec-54ce-4a48-8237-110549aba0a4&gdpr=0&gdpr_consent=0&us_privacy=

HTTP Response

200

HTTP Request

GET https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_560adcd9-e34a-45f1-8e0d-6ad0ce04a047&gdpr=0&gdpr_consent=0&us_privacy=

HTTP Response

302

HTTP Request

GET https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_560adcd9-e34a-45f1-8e0d-6ad0ce04a047&gdpr=0&gdpr_consent=0&us_privacy=

HTTP Response

200

HTTP Request

GET https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_238c96d0-080b-464b-9819-02649520a263&gdpr=0&gdpr_consent=0&us_privacy=

HTTP Response

200

HTTP Request

GET https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_113e3891-95fe-483c-bcf7-92df15b25d19&gdpr=0&gdpr_consent=0&us_privacy=

HTTP Response

302

HTTP Request

GET https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_113e3891-95fe-483c-bcf7-92df15b25d19&gdpr=0&gdpr_consent=0&us_privacy=

HTTP Response

200

HTTP Request

GET https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_79532521-4522-4ff1-9348-e8c7e721f1ba&gdpr=0&gdpr_consent=0&us_privacy=

HTTP Response

200
34.36.216.150:443

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=140&gdpr=0&gdpr_consent=

tls, http2

msedge.exe

4.3kB
5.2kB
18
12

HTTP Request

GET https://pixel-sync.sitescout.com/dmp/pixelSync?nid=140&gdpr=0&gdpr_consent=
23.215.239.190:443

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum

tls, http2

msedge.exe

2.2kB
5.4kB
17
17

HTTP Request

GET https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east

HTTP Response

301

HTTP Request

GET https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum

HTTP Response

301
18.172.153.47:443

https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D

tls, http2

msedge.exe

2.1kB
7.2kB
14
16

HTTP Request

GET https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D

HTTP Response

204
77.245.57.72:443

https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&us_privacy=1YN-&

tls, http

msedge.exe

3.2kB
4.1kB
12
10

HTTP Request

GET https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&us_privacy=1YN-&

HTTP Response

200
51.75.86.98:443

https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

tls, http2

msedge.exe

2.7kB
4.4kB
18
15

HTTP Request

GET https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

HTTP Response

204

HTTP Request

GET https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

HTTP Response

403

HTTP Request

GET https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

HTTP Response

403

HTTP Request

GET https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

HTTP Response

403
104.18.36.155:443

https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

tls, http2

msedge.exe

16.6kB
38.2kB
127
97

HTTP Request

GET https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D

HTTP Response

302

HTTP Request

GET https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

HTTP Response

200

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

HTTP Response

302

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

HTTP Response

302

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

HTTP Response

302

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

HTTP Response

302

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

HTTP Response

302

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

HTTP Response

302

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

HTTP Response

302

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

HTTP Response

302

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

HTTP Response

302

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

HTTP Response

302

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

HTTP Response

302

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

HTTP Response

302

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

HTTP Response

302

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

HTTP Response

302

HTTP Response

302

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

HTTP Response

302

HTTP Response

302

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

HTTP Response

302

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

HTTP Response

302

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

HTTP Response

302

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

HTTP Response

302

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

HTTP Response

302

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

HTTP Response

302

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

HTTP Response

302

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

HTTP Response

302

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

HTTP Response

302

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

HTTP Response

302

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

HTTP Response

302

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

HTTP Response

302

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

HTTP Response

302

HTTP Response

302

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

HTTP Response

302

HTTP Response

302

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

HTTP Response

302

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

HTTP Response

302

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

HTTP Response

302

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

HTTP Response

302

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

HTTP Response

302

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

HTTP Response

302

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

HTTP Response

302

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

HTTP Response

302

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

HTTP Response

302

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

HTTP Response

302

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

HTTP Response

302

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

HTTP Response

302

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

HTTP Response

302

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

HTTP Response

302

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

HTTP Response

302

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

HTTP Response

302

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

HTTP Response

302

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

HTTP Response

302

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

HTTP Response

302

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D

HTTP Response

302

HTTP Request

GET https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D74%26uid%3D&s=184932&C=1

HTTP Response

302
81.17.55.170:443

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0

tls, http2

msedge.exe

4.4kB
8.0kB
30
25

HTTP Request

GET https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID

HTTP Response

200

HTTP Request

GET https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=

HTTP Response

302

HTTP Request

GET https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D82%26uid%3D%5Bssb_sync_pid%5D

HTTP Response

302

HTTP Request

GET https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0

HTTP Response

302

HTTP Request

GET https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D82%26uid%3D%5Bssb_sync_pid%5D

HTTP Response

302

HTTP Request

GET https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0

HTTP Request

GET https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D82%26uid%3D%5Bssb_sync_pid%5D

HTTP Response

302

HTTP Response

302

HTTP Request

GET https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0

HTTP Response

302
52.215.125.147:443

https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D15%26uid%3D

tls, http2

msedge.exe

11.5kB
36.1kB
92
83

HTTP Request

GET https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D

HTTP Response

200

HTTP Request

GET https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D15%26uid%3D

HTTP Request

GET https://rtb.gumgum.com/usersync?b=pln&i=DBMDuObcjk7S&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D15%26uid%3D

HTTP Request

GET https://rtb.gumgum.com/usersync?b=pln&i=8otcXvUY5kcY&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D15%26uid%3D

HTTP Response

200

HTTP Request

GET https://rtb.gumgum.com/usersync?b=pln&i=YhKT4jHOYqxa&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355

HTTP Response

200

HTTP Request

GET https://rtb.gumgum.com/usersync?b=pln&i=F1Z5hkyNbVFL&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355

HTTP Response

200

HTTP Request

GET https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D15%26uid%3D

HTTP Response

200

HTTP Request

GET https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D15%26uid%3D

HTTP Response

200

HTTP Request

GET https://rtb.gumgum.com/usersync?b=pln&i=OH30ljVOIAKw&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355

HTTP Response

200

HTTP Request

GET https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D15%26uid%3D

HTTP Response

200

HTTP Request

GET https://rtb.gumgum.com/usersync?b=pln&i=Ufy9yNPYe3PQ&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355

HTTP Response

200

HTTP Request

GET https://rtb.gumgum.com/usersync?b=pln&i=ItdmU9063xnj&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355

HTTP Request

GET https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D15%26uid%3D

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://rtb.gumgum.com/usersync?b=pln&i=L0Bf73rJbi5M&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355

HTTP Response

200

HTTP Request

GET https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D15%26uid%3D

HTTP Response

200

HTTP Request

GET https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D15%26uid%3D

HTTP Response

200

HTTP Request

GET https://rtb.gumgum.com/usersync?b=pln&i=izXJ73XKSLvs&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355

HTTP Response

200

HTTP Request

GET https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D15%26uid%3D

HTTP Response

200

HTTP Request

GET https://rtb.gumgum.com/usersync?b=pln&i=SjniNnKYwa1T&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355

HTTP Response

200

HTTP Request

GET https://rtb.gumgum.com/usersync?b=pln&i=ihacTQoybGWj&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355

HTTP Response

200

HTTP Request

GET https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D15%26uid%3D

HTTP Response

200

HTTP Request

GET https://rtb.gumgum.com/usersync?b=pln&i=tZfjeiZg8Uf2&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355

HTTP Response

200

HTTP Request

GET https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D15%26uid%3D

HTTP Response

200

HTTP Request

GET https://rtb.gumgum.com/usersync?b=pln&i=EWTUH4iT49ui&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355

HTTP Response

200

HTTP Request

GET https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D15%26uid%3D

HTTP Response

200

HTTP Request

GET https://rtb.gumgum.com/usersync?b=pln&i=WUVYysfaqzTQ&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355

HTTP Response

200

HTTP Request

GET https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D15%26uid%3D

HTTP Response

200

HTTP Request

GET https://rtb.gumgum.com/usersync?b=pln&i=2ZNkXBZZ5nIv&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355

HTTP Response

200

HTTP Request

GET https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D15%26uid%3D

HTTP Response

200
213.19.162.80:443

https://token.rubiconproject.com/khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1

tls, http

msedge.exe

21.3kB
14.4kB
44
30

HTTP Request

GET https://token.rubiconproject.com/khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1

HTTP Response

200

HTTP Request

GET https://token.rubiconproject.com/khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1

HTTP Response

200

HTTP Request

GET https://token.rubiconproject.com/khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1

HTTP Response

200

HTTP Request

GET https://token.rubiconproject.com/khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1

HTTP Response

200

HTTP Request

GET https://token.rubiconproject.com/khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1

HTTP Response

200

HTTP Request

GET https://token.rubiconproject.com/khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1

HTTP Response

200

HTTP Request

GET https://token.rubiconproject.com/khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1

HTTP Response

200

HTTP Request

GET https://token.rubiconproject.com/khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1

HTTP Response

200

HTTP Request

GET https://token.rubiconproject.com/khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1

HTTP Response

200

HTTP Request

GET https://token.rubiconproject.com/khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1

HTTP Response

200

HTTP Request

GET https://token.rubiconproject.com/khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1

HTTP Response

200

HTTP Request

GET https://token.rubiconproject.com/khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1

HTTP Response

200

HTTP Request

GET https://token.rubiconproject.com/khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1

HTTP Response

200

HTTP Request

GET https://token.rubiconproject.com/khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1

HTTP Response

200

HTTP Request

GET https://token.rubiconproject.com/khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1

HTTP Response

200

HTTP Request

GET https://token.rubiconproject.com/khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1

HTTP Response

200

HTTP Request

GET https://token.rubiconproject.com/khaos.json?gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&gdpr=1

HTTP Response

200
18.205.133.0:443

https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D

tls, http2

msedge.exe

2.2kB
5.3kB
14
16

HTTP Request

GET https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D

HTTP Response

204
104.18.13.192:443

https://cdn.dxkulture.com/x/sync.html

tls, http2

msedge.exe

2.4kB
7.0kB
13
11

HTTP Request

GET https://cdn.dxkulture.com/x/sync.html

HTTP Response

200
13.248.245.213:443

https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

tls, http2

msedge.exe

16.6kB
33.0kB
126
112

HTTP Request

GET https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

302

HTTP Request

GET https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

200

HTTP Request

GET https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

302

HTTP Request

GET https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

200

HTTP Request

GET https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

302

HTTP Request

GET https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

200

HTTP Request

GET https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

302

HTTP Request

GET https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

200

HTTP Request

GET https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

302

HTTP Request

GET https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

200

HTTP Request

GET https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

302

HTTP Request

GET https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

200

HTTP Request

GET https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

302

HTTP Request

GET https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

200

HTTP Request

GET https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

302

HTTP Request

GET https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

200

HTTP Request

GET https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

302

HTTP Request

GET https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

200

HTTP Request

GET https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

302

HTTP Request

GET https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

200

HTTP Request

GET https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

302

HTTP Request

GET https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

200

HTTP Request

GET https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

302

HTTP Request

GET https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

200

HTTP Request

GET https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

302

HTTP Request

GET https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

200

HTTP Request

GET https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

302

HTTP Request

GET https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

200

HTTP Request

GET https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

302

HTTP Request

GET https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

200

HTTP Request

GET https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

302

HTTP Request

GET https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

200

HTTP Request

GET https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

302

HTTP Request

GET https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

200

HTTP Request

GET https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

302

HTTP Request

GET https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

200

HTTP Request

GET https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

302

HTTP Request

GET https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

200

HTTP Request

GET https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

302

HTTP Request

GET https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

200

HTTP Request

GET https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

302

HTTP Request

GET https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

200

HTTP Request

GET https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

302

HTTP Request

GET https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

200

HTTP Request

GET https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

302

HTTP Request

GET https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

200

HTTP Request

GET https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

302

HTTP Request

GET https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

200

HTTP Request

GET https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

302

HTTP Request

GET https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

200

HTTP Request

GET https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

302

HTTP Request

GET https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

200

HTTP Request

GET https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

302

HTTP Request

GET https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D76%26uid%3D%24UID

HTTP Response

200
104.22.54.206:443

https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D

tls, http2

msedge.exe

10.1kB
10.0kB
71
42

HTTP Request

GET https://cdn.connectad.io/connectmyusers.php?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D

HTTP Response

200

HTTP Request

GET https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D

HTTP Response

204

HTTP Request

GET https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D

HTTP Response

204

HTTP Request

GET https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D

HTTP Response

204

HTTP Request

GET https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D

HTTP Response

204

HTTP Request

GET https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D

HTTP Response

204

HTTP Request

GET https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D

HTTP Response

204

HTTP Request

GET https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D

HTTP Response

204

HTTP Request

GET https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D

HTTP Response

204

HTTP Request

GET https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D

HTTP Response

204

HTTP Request

GET https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D

HTTP Response

204

HTTP Request

GET https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D

HTTP Response

204

HTTP Request

GET https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D

HTTP Response

204

HTTP Request

GET https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D

HTTP Response

204

HTTP Request

GET https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D

HTTP Response

204

HTTP Request

GET https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D

HTTP Response

204

HTTP Request

GET https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D

HTTP Response

204

HTTP Request

GET https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D

HTTP Response

204

HTTP Request

GET https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D

HTTP Response

204

HTTP Request

GET https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D

HTTP Response

204

HTTP Request

GET https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D

HTTP Response

204

HTTP Request

GET https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D

HTTP Response

204

HTTP Request

GET https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D

HTTP Response

204

HTTP Request

GET https://sync-eu.connectad.io/syncer/1?gdpr=0&consent=0&us_privacy=0&cb=https%3A//prebid.adnxs.com/pbs/v1/setuid%3Fbidder%3Dconnectad%26gdpr%3D%0%26gdpr_consent%3D0%26uid%3D86%26uid%3D

HTTP Response

204
89.207.16.204:443

prebid-match.dotomi.com

tls

msedge.exe

1.0kB
580 B
10
7
54.145.217.237:443

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=0

tls, http

msedge.exe

4.8kB
13.8kB
23
23

HTTP Request

GET https://sync.srv.stackadapt.com/sync?nid=286

HTTP Response

302

HTTP Request

GET https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=

HTTP Response

302

HTTP Request

GET https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=0

HTTP Response

302

HTTP Request

GET https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=0

HTTP Response

302

HTTP Request

GET https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=0

HTTP Response

302
54.246.136.8:443

https://ads.servenobid.com/sync?pid=321&uid=OPTOUT

tls, http2

msedge.exe

5.1kB
12.0kB
40
33

HTTP Request

GET https://ads.servenobid.com/sync?pid=309&uid=e_bafd225f-69ab-4af2-b288-ccd95597959c

HTTP Response

200

HTTP Request

GET https://ads.servenobid.com/sync?pid=333&uid=0

HTTP Response

200

HTTP Request

GET https://ads.servenobid.com/getsync?tek=pbs&ver=1&gdpr=0&gdpr_consent=0&us_privacy=0&format=json

HTTP Response

200

HTTP Request

GET https://ads.servenobid.com/getsync?tek=pbs&ver=1&gdpr=0&gdpr_consent=0&us_privacy=0&format=json

HTTP Response

200

HTTP Request

GET https://ads.servenobid.com/getsync?tek=pbs&ver=1&gdpr=0&gdpr_consent=0&us_privacy=0&format=json

HTTP Response

200

HTTP Request

GET https://ads.servenobid.com/sync?pid=369&uid=8ef2cb38-8c36-4e69-80d6-9f685d2f2d66

HTTP Response

200

HTTP Request

GET https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA

HTTP Request

GET https://ads.servenobid.com/sync?pid=324&uid=5107433833055754450

HTTP Request

GET https://ads.servenobid.com/sync?pid=353&uid=0000EEA

HTTP Request

GET https://ads.servenobid.com/sync?pid=312&uid=0

HTTP Request

GET https://ads.servenobid.com/sync?pid=321&uid=OPTOUT

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200
34.241.51.123:443

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=0

tls, http2

msedge.exe

5.0kB
13.2kB
50
48

HTTP Request

GET https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=

HTTP Response

200

HTTP Request

GET https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=0

HTTP Response

200
35.244.159.8:443

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D

tls, http2

msedge.exe

1.8kB
4.8kB
13
11

HTTP Request

GET https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
124.146.153.161:443

https://tg.socdm.com/aux/idsync?proto=gumgum

tls, http

msedge.exe

5.6kB
9.1kB
25
15

HTTP Request

GET https://tg.socdm.com/aux/idsync?proto=gumgum

HTTP Response

302

HTTP Request

GET https://tg.socdm.com/aux/idsync?proto=gumgum

HTTP Response

302

HTTP Request

GET https://tg.socdm.com/aux/idsync?proto=gumgum

HTTP Response

302

HTTP Request

GET https://tg.socdm.com/aux/idsync?proto=gumgum

HTTP Response

302
185.89.211.84:443

secure.adnxs.com

tls

msedge.exe

4.5kB
9.2kB
28
21
185.184.8.90:443

creativecdn.com

tls

msedge.exe

1.3kB
4.9kB
12
9
52.71.44.145:443

sync.ipredictive.com

tls

msedge.exe

936 B
460 B
8
7
169.197.150.8:443

https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D

tls, http2

msedge.exe

1.6kB
6.0kB
9
10

HTTP Request

GET https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
208.93.169.131:443

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25

tls, http2

msedge.exe

3.5kB
10.4kB
27
27

HTTP Request

GET https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25

HTTP Response

302

HTTP Request

GET https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D21%26uid%3D%25%25VGUID%25%25

HTTP Response

302

HTTP Request

GET https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25

HTTP Response

302

HTTP Request

GET https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D21%26uid%3D%25%25VGUID%25%25

HTTP Response

302

HTTP Request

GET https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25

HTTP Response

302

HTTP Request

GET https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D21%26uid%3D%25%25VGUID%25%25

HTTP Response

302

HTTP Request

GET https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25

HTTP Response

302
142.250.178.2:443

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9iYWZkMjI1Zi02OWFiLTRhZjItYjI4OC1jY2Q5NTU5Nzk1OWM=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv

tls, http2

msedge.exe

2.0kB
7.6kB
14
17

HTTP Request

GET https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9iYWZkMjI1Zi02OWFiLTRhZjItYjI4OC1jY2Q5NTU5Nzk1OWM=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
37.157.6.233:443

https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0

tls, http2

msedge.exe

8.5kB
26.9kB
67
59

HTTP Request

GET https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=

HTTP Response

302

HTTP Request

GET https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=

HTTP Response

200

HTTP Request

GET https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0

HTTP Response

302

HTTP Request

GET https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0

HTTP Response

302

HTTP Request

GET https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0

HTTP Response

302

HTTP Request

GET https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0

HTTP Response

302

HTTP Request

GET https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0

HTTP Response

302

HTTP Request

GET https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0

HTTP Response

302

HTTP Request

GET https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0

HTTP Response

302

HTTP Request

GET https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0

HTTP Response

302

HTTP Request

GET https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0

HTTP Response

302

HTTP Request

GET https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0

HTTP Response

302

HTTP Request

GET https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0

HTTP Response

302

HTTP Request

GET https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0

HTTP Response

302

HTTP Request

GET https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0

HTTP Response

302

HTTP Request

GET https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=0

HTTP Response

302

HTTP Request

GET https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=0

HTTP Response

200
89.207.16.204:443

https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

tls, http2

msedge.exe

8.8kB
9.5kB
71
45

HTTP Request

GET https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

HTTP Response

204

HTTP Request

GET https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

HTTP Response

204

HTTP Request

GET https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

HTTP Response

204

HTTP Request

GET https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

HTTP Response

204

HTTP Request

GET https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

HTTP Response

204

HTTP Request

GET https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

HTTP Response

204

HTTP Request

GET https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

HTTP Response

204

HTTP Request

GET https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

HTTP Response

204

HTTP Request

GET https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

HTTP Response

204

HTTP Request

GET https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

HTTP Response

204

HTTP Request

GET https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

HTTP Response

204

HTTP Request

GET https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

HTTP Response

204

HTTP Request

GET https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

HTTP Response

204

HTTP Request

GET https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

HTTP Response

204

HTTP Request

GET https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

HTTP Response

204

HTTP Request

GET https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

HTTP Response

204

HTTP Request

GET https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

HTTP Response

204

HTTP Request

GET https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

HTTP Response

204

HTTP Request

GET https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

HTTP Response

204

HTTP Request

GET https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

HTTP Response

204

HTTP Request

GET https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

HTTP Response

204

HTTP Request

GET https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

HTTP Response

204

HTTP Request

GET https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

HTTP Response

204

HTTP Request

GET https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

HTTP Response

204

HTTP Request

GET https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

HTTP Response

204

HTTP Request

GET https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

HTTP Response

204

HTTP Request

GET https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D10%26uid%3D

HTTP Response

204
50.31.142.95:443

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_b14c2044-9b0e-47c5-a311-93f487bb056b&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__

tls, http

msedge.exe

5.5kB
7.7kB
20
14

HTTP Request

GET https://b1sync.zemanta.com/usersync/gumgum/?puid=e_bafd225f-69ab-4af2-b288-ccd95597959c&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__

HTTP Response

302

HTTP Request

GET https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=e_bafd225f-69ab-4af2-b288-ccd95597959c&s=2&us_privacy=1---

HTTP Response

200

HTTP Request

GET https://b1sync.zemanta.com/usersync/gumgum/?puid=e_42b4f343-c748-4a1c-af2d-c580b1cb3a8b&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__

HTTP Response

302

HTTP Request

GET https://b1sync.zemanta.com/usersync/gumgum/?puid=e_9325befe-7c61-44f2-a2c3-d8e0df605064&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__

HTTP Response

302

HTTP Request

GET https://b1sync.zemanta.com/usersync/gumgum/?puid=e_b14c2044-9b0e-47c5-a311-93f487bb056b&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__

HTTP Response

302
124.146.153.161:443

https://tg.socdm.com/aux/idsync?proto=gumgum

tls, http

msedge.exe

7.0kB
7.0kB
19
14

HTTP Request

GET https://tg.socdm.com/aux/idsync?proto=gumgum

HTTP Response

302

HTTP Request

GET https://tg.socdm.com/aux/idsync?proto=gumgum

HTTP Response

302

HTTP Request

GET https://tg.socdm.com/aux/idsync?proto=gumgum

HTTP Response

302

HTTP Request

GET https://tg.socdm.com/aux/idsync?proto=gumgum

HTTP Response

302
185.184.8.90:443

https://creativecdn.com/cm-notify?pi=gumgum&tc=1

tls, http2

msedge.exe

6.3kB
17.9kB
64
47

HTTP Request

GET https://creativecdn.com/cm-notify?pi=gumgum

HTTP Response

302

HTTP Request

GET https://creativecdn.com/cm-notify?pi=gumgum&tc=1

HTTP Response

200

HTTP Request

GET https://creativecdn.com/cm-notify?pi=gumgum

HTTP Response

302

HTTP Request

GET https://creativecdn.com/cm-notify?pi=gumgum&tc=1

HTTP Response

200

HTTP Request

GET https://creativecdn.com/cm-notify?pi=gumgum

HTTP Response

302

HTTP Request

GET https://creativecdn.com/cm-notify?pi=gumgum&tc=1

HTTP Response

200

HTTP Request

GET https://creativecdn.com/cm-notify?pi=gumgum

HTTP Response

302

HTTP Request

GET https://creativecdn.com/cm-notify?pi=gumgum&tc=1

HTTP Response

200

HTTP Request

GET https://creativecdn.com/cm-notify?pi=gumgum

HTTP Response

302

HTTP Request

GET https://creativecdn.com/cm-notify?pi=gumgum&tc=1

HTTP Response

200

HTTP Request

GET https://creativecdn.com/cm-notify?pi=gumgum

HTTP Response

302

HTTP Request

GET https://creativecdn.com/cm-notify?pi=gumgum&tc=1

HTTP Response

200

HTTP Request

GET https://creativecdn.com/cm-notify?pi=gumgum

HTTP Response

302

HTTP Request

GET https://creativecdn.com/cm-notify?pi=gumgum&tc=1

HTTP Response

200

HTTP Request

GET https://creativecdn.com/cm-notify?pi=gumgum

HTTP Response

302

HTTP Request

GET https://creativecdn.com/cm-notify?pi=gumgum&tc=1

HTTP Response

200

HTTP Request

GET https://creativecdn.com/cm-notify?pi=gumgum

HTTP Response

302

HTTP Request

GET https://creativecdn.com/cm-notify?pi=gumgum&tc=1

HTTP Response

200

HTTP Request

GET https://creativecdn.com/cm-notify?pi=gumgum

HTTP Response

302

HTTP Request

GET https://creativecdn.com/cm-notify?pi=gumgum&tc=1

HTTP Response

200

HTTP Request

GET https://creativecdn.com/cm-notify?pi=gumgum

HTTP Response

302

HTTP Request

GET https://creativecdn.com/cm-notify?pi=gumgum&tc=1

HTTP Response

200

HTTP Request

GET https://creativecdn.com/cm-notify?pi=gumgum

HTTP Response

302

HTTP Request

GET https://creativecdn.com/cm-notify?pi=gumgum&tc=1

HTTP Response

200

HTTP Request

GET https://creativecdn.com/cm-notify?pi=gumgum

HTTP Response

302

HTTP Request

GET https://creativecdn.com/cm-notify?pi=gumgum&tc=1

HTTP Response

200

HTTP Request

GET https://creativecdn.com/cm-notify?pi=gumgum

HTTP Response

302

HTTP Request

GET https://creativecdn.com/cm-notify?pi=gumgum&tc=1

HTTP Response

200

HTTP Request

GET https://creativecdn.com/cm-notify?pi=gumgum

HTTP Response

302

HTTP Request

GET https://creativecdn.com/cm-notify?pi=gumgum&tc=1

HTTP Response

200
185.89.211.84:443

https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID

tls, http2

msedge.exe

7.5kB
22.2kB
49
39

HTTP Request

GET https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID

HTTP Response

307

HTTP Request

GET https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID

HTTP Response

302

HTTP Request

GET https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID

HTTP Response

307

HTTP Request

GET https://ib.adnxs.com/getuid?https://ib.adnxs.com/getuidj

HTTP Response

307

HTTP Request

GET https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fib.adnxs.com%2Fgetuidj

HTTP Request

GET https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID

HTTP Request

GET https://ib.adnxs.com/getuid?https://ib.adnxs.com/getuidj

HTTP Response

307

HTTP Response

307

HTTP Request

GET https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID

HTTP Response

302

HTTP Response

302

HTTP Request

GET https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fib.adnxs.com%2Fgetuidj

HTTP Request

GET https://ib.adnxs.com/getuidj

HTTP Response

302

HTTP Response

200

HTTP Request

GET https://ib.adnxs.com/getuidj

HTTP Request

GET https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID

HTTP Response

307

HTTP Response

200

HTTP Request

GET https://ib.adnxs.com/getuid?https://ib.adnxs.com/getuidj

HTTP Request

GET https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID

HTTP Response

302

HTTP Request

GET https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526uid%253D%2524UID

HTTP Response

307

HTTP Response

302

HTTP Request

GET https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fib.adnxs.com%2Fgetuidj

HTTP Response

302

HTTP Request

GET https://ib.adnxs.com/getuidj

HTTP Response

200

HTTP Request

GET https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID

HTTP Response

307

HTTP Request

GET https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID

HTTP Response

302
52.71.44.145:443

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D

tls, http

msedge.exe

4.7kB
8.5kB
20
16

HTTP Request

GET https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D

HTTP Response

302

HTTP Request

GET https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D

HTTP Response

302

HTTP Request

GET https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D

HTTP Response

302

HTTP Request

GET https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D

HTTP Response

302
169.197.150.8:443

https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D

tls, http2

msedge.exe

2.9kB
7.0kB
20
16

HTTP Request

GET https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D

HTTP Response

200

HTTP Request

GET https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D

HTTP Response

200

HTTP Request

GET https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D

HTTP Response

200

HTTP Request

GET https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D

HTTP Response

200

HTTP Request

GET https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
50.31.142.95:443

b1sync.zemanta.com

tls

msedge.exe

1.6kB
3.9kB
9
8
69.166.1.34:443

sync.go.sonobi.com

tls

msedge.exe

2.1kB
6.1kB
13
9
52.210.15.1:443

https://usersync.gumgum.com/usersync?b=opx&i=3a4265e0-6486-4195-9a3a-faf652bec80d&gdpr=0&gdpr_consent=0

tls, http

msedge.exe

6.3kB
8.8kB
26
25

HTTP Request

GET https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=vnt&i=11fe93da-6baf-4a17-811d-28b12186d02c

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=opx&i=a6a8c80d-a804-4dba-8189-5ffe749d0461&gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=sad&i=1847014831823629830

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=opx&i=3a4265e0-6486-4195-9a3a-faf652bec80d&gdpr=0&gdpr_consent=0

HTTP Response

200
52.210.15.1:443

https://usersync.gumgum.com/usersync?b=sus&i=ZfNl38Co8YIAAOd4EBsAAAAA

tls, http

msedge.exe

10.4kB
9.7kB
32
26

HTTP Request

GET https://usersync.gumgum.com/usersync?b=sad&i=6229780957390024286

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=opx&i=a239d5dd-b4eb-4ff2-8137-e8518b0f81d3

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=apn&i=0

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=sus&i=ZfNl28Co8YIAAOd4Do0AAAAA

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=apn&i=0

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=apn&i=0

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=apn&i=0

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=sus&i=ZfNl38Co8YIAAOd4D-wAAAAA

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=sus&i=ZfNl38Co8YIAAOd4EBsAAAAA

HTTP Response

200
52.210.15.1:443

https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0

tls, http

msedge.exe

3.2kB
6.7kB
19
19

HTTP Request

GET https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0

HTTP Response

200
35.186.253.211:443

https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D19%26uid%3D%24%7BUID%7D

tls, http2

msedge.exe

2.1kB
5.2kB
16
19

HTTP Request

GET https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D19%26uid%3D%24%7BUID%7D

HTTP Request

GET https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D19%26uid%3D%24%7BUID%7D
69.166.1.34:443

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

tls, http2

msedge.exe

3.0kB
9.7kB
26
24

HTTP Request

GET https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

HTTP Request

GET https://sync.go.sonobi.com/us.gif?nw=st&nuid=fHKyfRAKVDZ39DwilQps_1mVFzs

HTTP Request

GET https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5141210830210547066

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D

HTTP Response

200

HTTP Request

GET https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

HTTP Response

200
69.166.1.34:443

sync.go.sonobi.com

tls

msedge.exe

1.6kB
6.1kB
12
9
52.210.15.1:443

https://usersync.gumgum.com/usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59

tls, http

msedge.exe

12.3kB
9.9kB
35
25

HTTP Request

GET https://usersync.gumgum.com/usersync?b=sad&i=9053718131989130816

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=apn&i=0

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=opx&i=9c16963e-5892-44cc-875a-60c67a6a1f4f&gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=sus&i=ZfNl-sCo8YsAALcG.k0AAAAA

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=sad&i=6457097766592687760

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=opx&i=cfc69cc5-e403-4454-bf8a-aa053dfbaa1f&gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=sus&i=ZfNmAMCo8YsAALcG.vEAAAAA

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=apn&i=0

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=vnt&i=1bb208a9-71cd-441e-b433-bd2a94f46887

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=sad&i=4982400275696954953

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59

HTTP Response

200
46.228.174.117:443

sync.1rx.io

msedge.exe

52 B
1
52.210.15.1:443

https://usersync.gumgum.com/usersync?b=sad&i=5136342417665535719

tls, http

msedge.exe

8.9kB
8.8kB
29
24

HTTP Request

GET https://usersync.gumgum.com/usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=vnt&i=66d637b9-bbf9-49b4-abb5-0b3ceaefdf36

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=sad&i=2625197540751552148

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=vnt&i=0527c9e9-0001-4e92-b25a-2636167fd3c1

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=opx&i=3f67069a-b229-4141-b580-89f371c28b11&gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=sus&i=ZfNl3sCo8YIAAOd4D94AAAAA

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=sad&i=5136342417665535719

HTTP Response

200
46.228.174.117:443

sync.1rx.io

tls

msedge.exe

1.6kB
6.8kB
10
10
3.71.149.231:443

ups.analytics.yahoo.com

tls, http2

msedge.exe

1.3kB
5.2kB
12
9
145.40.97.67:443

prebid.a-mo.net

tls

msedge.exe

2.3kB
4.0kB
10
11
3.71.149.231:443

https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

tls, http2

msedge.exe

7.4kB
9.2kB
74
64

HTTP Request

GET https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

HTTP Request

GET https://ups.analytics.yahoo.com/ups/58559/occ

HTTP Request

GET https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

HTTP Request

GET https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

HTTP Request

GET https://ups.analytics.yahoo.com/ups/58632/occ

HTTP Request

GET https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

HTTP Request

GET https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

HTTP Request

GET https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

HTTP Request

GET https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

HTTP Request

GET https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

HTTP Request

GET https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

HTTP Request

GET https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

HTTP Request

GET https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

HTTP Request

GET https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

HTTP Request

GET https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

HTTP Request

GET https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

HTTP Request

GET https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

HTTP Request

GET https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

HTTP Request

GET https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

HTTP Request

GET https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

HTTP Request

GET https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

HTTP Request

GET https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

HTTP Request

GET https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

HTTP Request

GET https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

HTTP Request

GET https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

HTTP Request

GET https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

HTTP Request

GET https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

HTTP Request

GET https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D

HTTP Request

GET https://ups.analytics.yahoo.com/ups/58448/occ?uid=191beab17e050a277%26uid%3D
145.40.97.67:443

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

tls, http2

msedge.exe

9.8kB
12.2kB
72
47

HTTP Request

GET https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

HTTP Request

GET https://prebid.a-mo.net/cchain/0?gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D

HTTP Response

302

HTTP Response

302

HTTP Request

GET https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

HTTP Response

302

HTTP Request

GET https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

HTTP Response

302

HTTP Request

GET https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

HTTP Response

302

HTTP Request

GET https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

HTTP Response

302

HTTP Request

GET https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

HTTP Response

302

HTTP Request

GET https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

HTTP Response

302

HTTP Request

GET https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

HTTP Response

302

HTTP Request

GET https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

HTTP Response

302

HTTP Request

GET https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

HTTP Response

302

HTTP Request

GET https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

HTTP Response

302

HTTP Request

GET https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

HTTP Response

302

HTTP Request

GET https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

HTTP Response

302

HTTP Request

GET https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

HTTP Response

302

HTTP Request

GET https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

HTTP Response

302

HTTP Request

GET https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

HTTP Response

302

HTTP Request

GET https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

HTTP Response

302

HTTP Request

GET https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

HTTP Response

302

HTTP Request

GET https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

HTTP Response

302

HTTP Request

GET https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

HTTP Response

302

HTTP Request

GET https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

HTTP Response

302

HTTP Request

GET https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

HTTP Response

302

HTTP Request

GET https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

HTTP Response

302

HTTP Request

GET https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

HTTP Response

302

HTTP Request

GET https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

HTTP Response

302

HTTP Request

GET https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

HTTP Response

302

HTTP Request

GET https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D81%26uid%3D

HTTP Response

302
46.228.174.117:443

https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1710450139554

tls, http2

msedge.exe

4.1kB
11.3kB
27
22

HTTP Request

GET https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D

HTTP Request

GET https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D

HTTP Response

302

HTTP Request

GET https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D&cb=1710450139161

HTTP Response

302

HTTP Response

302

HTTP Request

GET https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D

HTTP Response

302

HTTP Request

GET https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D&cb=1710450140100

HTTP Response

302

HTTP Request

GET https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D

HTTP Response

302

HTTP Request

GET https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D&cb=1710450141431

HTTP Response

302

HTTP Request

GET https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1710450139554

HTTP Response

302
52.18.81.199:443

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D

tls, http2

msedge.exe

2.1kB
6.7kB
15
18

HTTP Request

GET https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D

HTTP Response

204
54.92.234.85:443

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.dxkulture.com%2Fsetuid%3Fbidder%3Dzeta%26uid%3D%24UID&partner=kulturemedia

tls, http2

msedge.exe

2.0kB
6.4kB
14
13

HTTP Request

GET https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID

HTTP Request

GET https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.dxkulture.com%2Fsetuid%3Fbidder%3Dzeta%26uid%3D%24UID&partner=kulturemedia

HTTP Response

204

HTTP Response

204
54.92.234.85:443

ssp.disqus.com

tls

msedge.exe

1.1kB
6.0kB
9
9
45.55.126.71:443

https://ads.dxkulture.com/usync?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D369%26uid%3D%24UID

tls, http

msedge.exe

2.4kB
5.9kB
14
13

HTTP Request

GET https://ads.dxkulture.com/usync?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D369%26uid%3D%24UID

HTTP Response

301
45.55.126.71:443

https://ads.dxkulture.com/usync/lr.gif

tls, http

msedge.exe

1.6kB
5.8kB
10
12

HTTP Request

GET https://ads.dxkulture.com/usync/lr.gif

HTTP Response

302
18.203.108.67:443

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

tls, http2

msedge.exe

10.0kB
14.1kB
79
54

HTTP Request

GET https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

HTTP Request

GET https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID

HTTP Response

204

HTTP Response

204

HTTP Request

GET https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

HTTP Response

204

HTTP Request

GET https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

HTTP Response

204

HTTP Request

GET https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

HTTP Response

204

HTTP Request

GET https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

HTTP Response

204

HTTP Request

GET https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

HTTP Response

204

HTTP Request

GET https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

HTTP Response

204

HTTP Request

GET https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

HTTP Response

204

HTTP Request

GET https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

HTTP Response

204

HTTP Request

GET https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

HTTP Response

204

HTTP Request

GET https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

HTTP Response

204

HTTP Request

GET https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

HTTP Response

204

HTTP Request

GET https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

HTTP Response

204

HTTP Request

GET https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

HTTP Response

204

HTTP Request

GET https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

HTTP Response

204

HTTP Request

GET https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

HTTP Response

204

HTTP Request

GET https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

HTTP Response

204

HTTP Request

GET https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

HTTP Response

204

HTTP Request

GET https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

HTTP Response

204

HTTP Request

GET https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

HTTP Response

204

HTTP Request

GET https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

HTTP Response

204

HTTP Request

GET https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

HTTP Response

204

HTTP Request

GET https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

HTTP Response

204

HTTP Request

GET https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

HTTP Response

204

HTTP Request

GET https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

HTTP Response

204

HTTP Request

GET https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

HTTP Response

204

HTTP Request

GET https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D25%26uid%3D%24UID

HTTP Response

204
18.203.108.67:443

ap.lijit.com

tls

msedge.exe

1.6kB
6.1kB
11
11
67.202.105.24:443

https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

tls, http2

msedge.exe

2.4kB
7.5kB
18
18

HTTP Request

GET https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

HTTP Response

204

HTTP Request

GET https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

HTTP Response

204

HTTP Request

GET https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

HTTP Response

204
185.64.190.79:443

https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

tls, http2

msedge.exe

11.0kB
8.9kB
68
65

HTTP Request

GET https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

HTTP Response

200

HTTP Request

GET https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

HTTP Response

200

HTTP Request

GET https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

HTTP Response

200

HTTP Request

GET https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

HTTP Response

200

HTTP Request

GET https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

HTTP Response

200

HTTP Request

GET https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

HTTP Response

200

HTTP Request

GET https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

HTTP Response

200

HTTP Request

GET https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

HTTP Response

200

HTTP Request

GET https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

HTTP Response

200

HTTP Request

GET https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

HTTP Response

200

HTTP Request

GET https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

HTTP Response

200

HTTP Request

GET https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

HTTP Response

200

HTTP Request

GET https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

HTTP Response

200

HTTP Request

GET https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

HTTP Response

200

HTTP Request

GET https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

HTTP Response

200

HTTP Request

GET https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

HTTP Response

200

HTTP Request

GET https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

HTTP Response

200

HTTP Request

GET https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

HTTP Response

200

HTTP Request

GET https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

HTTP Response

200

HTTP Request

GET https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

HTTP Response

200

HTTP Request

GET https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

HTTP Response

200

HTTP Request

GET https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

HTTP Response

200

HTTP Request

GET https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

HTTP Response

200

HTTP Request

GET https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

HTTP Response

200

HTTP Request

GET https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

HTTP Response

200

HTTP Request

GET https://image8.pubmatic.com/AdServer/ImgSync?p=162168&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D162168%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526id%253D20%2526uid%253D%2523PMUID

HTTP Response

200
18.158.75.183:443

https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

tls, http2

msedge.exe

8.6kB
9.9kB
77
50

HTTP Request

GET https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

HTTP Response

204

HTTP Request

GET https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

HTTP Response

204

HTTP Request

GET https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

HTTP Response

204

HTTP Request

GET https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&us_privacy=1YN-&

HTTP Response

204

HTTP Request

GET https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

HTTP Response

204

HTTP Request

GET https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

HTTP Response

204

HTTP Request

GET https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

HTTP Response

204

HTTP Request

GET https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

HTTP Response

204

HTTP Request

GET https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

HTTP Response

204

HTTP Request

GET https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

HTTP Response

204

HTTP Request

GET https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

HTTP Response

204

HTTP Request

GET https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

HTTP Response

204

HTTP Request

GET https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

HTTP Response

204

HTTP Request

GET https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

HTTP Response

204

HTTP Request

GET https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

HTTP Response

204

HTTP Request

GET https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

HTTP Response

204

HTTP Request

GET https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

HTTP Response

204

HTTP Request

GET https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

HTTP Response

204

HTTP Request

GET https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

HTTP Response

204

HTTP Request

GET https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

HTTP Response

204

HTTP Request

GET https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

HTTP Response

204

HTTP Request

GET https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

HTTP Response

204

HTTP Request

GET https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

HTTP Response

204

HTTP Request

GET https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

HTTP Response

204

HTTP Request

GET https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

HTTP Response

204

HTTP Request

GET https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

HTTP Response

204

HTTP Request

GET https://match.sharethrough.com/universal/v1?supply_id=Uj448boa

HTTP Response

204
216.200.232.253:443

https://sync.mathtag.com/sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D61%26uid%3D%5BMM_UUID%5D

tls, http

msedge.exe

17.2kB
16.1kB
40
23

HTTP Request

GET https://sync.mathtag.com/sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D61%26uid%3D%5BMM_UUID%5D

HTTP Response

302

HTTP Request

GET https://sync.mathtag.com/sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D61%26uid%3D%5BMM_UUID%5D

HTTP Response

302

HTTP Request

GET https://sync.mathtag.com/sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D61%26uid%3D%5BMM_UUID%5D

HTTP Response

302

HTTP Request

GET https://sync.mathtag.com/sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D61%26uid%3D%5BMM_UUID%5D

HTTP Response

302

HTTP Request

GET https://sync.mathtag.com/sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D61%26uid%3D%5BMM_UUID%5D

HTTP Response

302

HTTP Request

GET https://sync.mathtag.com/sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D61%26uid%3D%5BMM_UUID%5D

HTTP Response

302

HTTP Request

GET https://sync.mathtag.com/sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D61%26uid%3D%5BMM_UUID%5D

HTTP Response

302

HTTP Request

GET https://sync.mathtag.com/sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D61%26uid%3D%5BMM_UUID%5D

HTTP Response

302

HTTP Request

GET https://sync.mathtag.com/sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D61%26uid%3D%5BMM_UUID%5D

HTTP Response

302

HTTP Request

GET https://sync.mathtag.com/sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D61%26uid%3D%5BMM_UUID%5D

HTTP Response

302

HTTP Request

GET https://sync.mathtag.com/sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D61%26uid%3D%5BMM_UUID%5D

HTTP Response

302

HTTP Request

GET https://sync.mathtag.com/sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D61%26uid%3D%5BMM_UUID%5D

HTTP Response

302

HTTP Request

GET https://sync.mathtag.com/sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D61%26uid%3D%5BMM_UUID%5D

HTTP Response

302

HTTP Request

GET https://sync.mathtag.com/sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D61%26uid%3D%5BMM_UUID%5D

HTTP Response

302

HTTP Request

GET https://sync.mathtag.com/sync/img?mt_exid=75&gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D61%26uid%3D%5BMM_UUID%5D

HTTP Response

302
23.44.232.24:443

hbx.media.net

tls, http2

msedge.exe

1.3kB
1.3kB
11
9
23.44.232.24:443

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D88%26uid%3D%3Cvsid%3E

tls, http2

msedge.exe

7.3kB
15.6kB
54
65

HTTP Request

GET https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D88%26uid%3D%3Cvsid%3E

HTTP Response

302

HTTP Request

GET https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D88%26uid%3D%3Cvsid%3E

HTTP Response

302

HTTP Request

GET https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D88%26uid%3D%3Cvsid%3E

HTTP Request

GET https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=1&gdpr_consent=CP7dmwAP7dmwAEsACBENArEgAAAAAEPgAAQAAAAR2QD2F2a2kKFkPCuQWYIQBCyjaEAhQBgAAkCBIAAgAUgQAgFIIAgAJFAAEAAMAAAQEgCQAAQABAAAIACgAAAAACIAAAAAAAQQAAAAAIAAAAAAAAEAAAAAAAQAAAAIIABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAIAAA.YAAAAAAAAAA&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E

HTTP Response

302

HTTP Response

302

HTTP Request

GET https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D88%26uid%3D%3Cvsid%3E

HTTP Response

302

HTTP Request

GET https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D88%26uid%3D%3Cvsid%3E

HTTP Response

302

HTTP Request

GET https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D88%26uid%3D%3Cvsid%3E

HTTP Response

302

HTTP Request

GET https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D88%26uid%3D%3Cvsid%3E

HTTP Response

302

HTTP Request

GET https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D88%26uid%3D%3Cvsid%3E

HTTP Response

302

HTTP Request

GET https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D88%26uid%3D%3Cvsid%3E

HTTP Response

302

HTTP Request

GET https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D88%26uid%3D%3Cvsid%3E

HTTP Response

302

HTTP Request

GET https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D88%26uid%3D%3Cvsid%3E

HTTP Response

302

HTTP Request

GET https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D88%26uid%3D%3Cvsid%3E

HTTP Response

302

HTTP Request

GET https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D88%26uid%3D%3Cvsid%3E

HTTP Response

302

HTTP Request

GET https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D88%26uid%3D%3Cvsid%3E

HTTP Response

302

HTTP Request

GET https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=0&us_privacy=0&redirect=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D88%26uid%3D%3Cvsid%3E

HTTP Response

302
213.19.162.71:443

https://prebid-server.rubiconproject.com/getuids

tls, http

msedge.exe

4.1kB
5.9kB
17
20

HTTP Request

GET https://prebid-server.rubiconproject.com/getuids

HTTP Response

200

HTTP Request

GET https://prebid-server.rubiconproject.com/getuids

HTTP Response

200

HTTP Request

GET https://prebid-server.rubiconproject.com/getuids

HTTP Response

200
213.19.162.71:443

https://prebid-server.rubiconproject.com/getuids

tls, http

msedge.exe

6.9kB
3.6kB
23
18

HTTP Request

GET https://prebid-server.rubiconproject.com/getuids

HTTP Response

200

HTTP Request

GET https://prebid-server.rubiconproject.com/getuids

HTTP Response

200

HTTP Request

GET https://prebid-server.rubiconproject.com/getuids

HTTP Response

200

HTTP Request

GET https://prebid-server.rubiconproject.com/getuids

HTTP Response

200

HTTP Request

GET https://prebid-server.rubiconproject.com/getuids

HTTP Response

200

HTTP Request

GET https://prebid-server.rubiconproject.com/getuids

HTTP Response

200
52.210.15.1:443

https://usersync.gumgum.com/usersync?b=vnt&i=eb79bc10-a9ac-4daf-af96-5ff1796862b7

tls, http

msedge.exe

1.9kB
6.6kB
14
17

HTTP Request

GET https://usersync.gumgum.com/usersync?b=vnt&i=eb79bc10-a9ac-4daf-af96-5ff1796862b7

HTTP Response

200
69.166.1.34:443

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

tls, http2

msedge.exe

2.5kB
1.6kB
13
10

HTTP Request

GET https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

HTTP Response

200
104.21.49.210:443

https://dblksync.dblks.net/dblksync/

tls, http2

msedge.exe

2.1kB
13.9kB
20
22

HTTP Request

GET https://dblksync.dblks.net/dblksync/

HTTP Response

200
35.244.174.68:443

idsync.rlcdn.com

tls, http2

msedge.exe

1.1kB
1.0kB
9
5
35.244.174.68:443

https://idsync.rlcdn.com/712910.gif?partner_uid=2fe71f95-f992-4311-8df2-794ceaa27aab

tls, http2

msedge.exe

2.4kB
8.2kB
15
14

HTTP Request

GET https://idsync.rlcdn.com/712910.gif?partner_uid=2fe71f95-f992-4311-8df2-794ceaa27aab
54.145.217.237:443

sync.srv.stackadapt.com

tls

msedge.exe

1.3kB
6.1kB
14
15
69.166.1.34:443

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

tls, http2

msedge.exe

2.9kB
2.4kB
20
13

HTTP Request

GET https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

HTTP Response

200

HTTP Request

GET https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

HTTP Response

200

HTTP Request

GET https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

HTTP Response

200
51.75.86.98:443

https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

tls, http2

msedge.exe

7.3kB
4.7kB
58
35

HTTP Request

GET https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

HTTP Response

403

HTTP Request

GET https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

HTTP Response

403

HTTP Request

GET https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

HTTP Response

403

HTTP Request

GET https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

HTTP Response

403

HTTP Request

GET https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

HTTP Response

403

HTTP Request

GET https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

HTTP Response

403

HTTP Request

GET https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

HTTP Response

403

HTTP Request

GET https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

HTTP Response

403

HTTP Request

GET https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

HTTP Response

403

HTTP Request

GET https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

HTTP Response

403

HTTP Request

GET https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

HTTP Response

403

HTTP Request

GET https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

HTTP Response

403

HTTP Request

GET https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

HTTP Response

403

HTTP Request

GET https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

HTTP Response

403

HTTP Request

GET https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

HTTP Response

403

HTTP Request

GET https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

HTTP Response

403

HTTP Request

GET https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

HTTP Response

403

HTTP Request

GET https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

HTTP Response

403

HTTP Request

GET https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

HTTP Response

403

HTTP Request

GET https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

HTTP Response

403

HTTP Request

GET https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

HTTP Response

403

HTTP Request

GET https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

HTTP Response

403

HTTP Request

GET https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D

HTTP Response

403

HTTP Request

GET https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A//ps.0cf.io/%3Fonetag%3D%24%7BUSER_TOKEN%7D84%26uid%3D
67.202.105.24:443

https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

tls, http2

msedge.exe

3.5kB
1.6kB
24
15

HTTP Request

GET https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

HTTP Response

204

HTTP Request

GET https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

HTTP Response

204

HTTP Request

GET https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

HTTP Response

204

HTTP Request

GET https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

HTTP Response

204

HTTP Request

GET https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

HTTP Response

204

HTTP Request

GET https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

HTTP Response

204
46.228.174.117:443

sync.1rx.io

tls

msedge.exe

799 B
132 B
6
3
46.228.174.117:443

https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D&cb=1710450175472

tls, http2

msedge.exe

3.7kB
10.5kB
27
20

HTTP Request

GET https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D

HTTP Response

302

HTTP Request

GET https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D&cb=1710450173735

HTTP Response

302

HTTP Request

GET https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D

HTTP Response

302

HTTP Request

GET https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D

HTTP Response

302

HTTP Request

GET https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D&cb=1710450174620

HTTP Response

302

HTTP Request

GET https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D&cb=1710450175472

HTTP Response

302
208.93.169.131:443

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25

tls, http2

msedge.exe

3.6kB
6.6kB
26
20

HTTP Request

GET https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D21%26uid%3D%25%25VGUID%25%25

HTTP Response

302

HTTP Request

GET https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D21%26uid%3D%25%25VGUID%25%25

HTTP Request

GET https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25

HTTP Response

302

HTTP Response

302

HTTP Request

GET https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D21%26uid%3D%25%25VGUID%25%25

HTTP Response

302

HTTP Request

GET https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25

HTTP Response

302

HTTP Request

GET https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25

HTTP Response

302

HTTP Request

GET https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D21%26uid%3D%25%25VGUID%25%25

HTTP Response

302

HTTP Request

GET https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25

HTTP Response

302
81.17.55.122:443

ssbsync-global.smartadserver.com

tls

msedge.exe

1.0kB
1.6kB
9
5
50.31.142.95:443

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_00e8c282-3417-4f43-a7a4-9c1df91e75da&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__

tls, http

msedge.exe

5.7kB
6.2kB
18
13

HTTP Request

GET https://b1sync.zemanta.com/usersync/gumgum/?puid=e_d60c189c-d45a-4e99-8049-15696e9ce271&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__

HTTP Response

302

HTTP Request

GET https://b1sync.zemanta.com/usersync/gumgum/?puid=e_08e2a7d8-e9ec-49e3-a0d9-bbc73f0a29f4&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__

HTTP Response

302

HTTP Request

GET https://b1sync.zemanta.com/usersync/gumgum/?puid=e_0b60f980-b2dd-40ef-b061-b53e0d41f79e&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__

HTTP Response

302

HTTP Request

GET https://b1sync.zemanta.com/usersync/gumgum/?puid=e_00e8c282-3417-4f43-a7a4-9c1df91e75da&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__

HTTP Response

302
69.166.1.34:443

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

tls, http2

msedge.exe

2.5kB
1.9kB
15
12

HTTP Request

GET https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

HTTP Response

200

HTTP Request

GET https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

HTTP Response

200
81.17.55.122:443

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D82%26uid%3D%5Bssb_sync_pid%5D

tls, http2

msedge.exe

2.5kB
6.6kB
18
16

HTTP Request

GET https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D82%26uid%3D%5Bssb_sync_pid%5D

HTTP Response

302

HTTP Request

GET https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D82%26uid%3D%5Bssb_sync_pid%5D

HTTP Response

302

HTTP Request

GET https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D82%26uid%3D%5Bssb_sync_pid%5D

HTTP Response

302
54.145.217.237:443

sync.srv.stackadapt.com

tls

msedge.exe

988 B
460 B
9
7
52.71.44.145:443

sync.ipredictive.com

tls

msedge.exe

3.3kB
500 B
15
8
81.17.55.170:443

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0

tls, http2

msedge.exe

3.2kB
2.6kB
19
17

HTTP Request

GET https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0

HTTP Response

302

HTTP Request

GET https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0

HTTP Response

302

HTTP Request

GET https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0

HTTP Response

302

HTTP Request

GET https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0

HTTP Response

302
54.145.217.237:443

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=0

tls, http

msedge.exe

4.1kB
12.3kB
21
20

HTTP Request

GET https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=0

HTTP Response

302

HTTP Request

GET https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=0

HTTP Response

302

HTTP Request

GET https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=0

HTTP Response

302

HTTP Request

GET https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=0

HTTP Response

302
52.71.44.145:443

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D

tls, http

msedge.exe

5.5kB
9.2kB
22
17

HTTP Request

GET https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D

HTTP Response

302

HTTP Request

GET https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D

HTTP Response

302

HTTP Request

GET https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D

HTTP Response

302

HTTP Request

GET https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D

HTTP Response

302
52.210.15.1:443

https://usersync.gumgum.com/usersync?b=opx&i=83bd776a-d624-446f-94ad-f3204e39e0d0&gdpr=0&gdpr_consent=0

tls, http

msedge.exe

11.2kB
10.7kB
34
31

HTTP Request

GET https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=vnt&i=d22982e6-1841-4d86-8590-f97f2deed684

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=sus&i=ZfNmAcCo8YsAALcG.zcAAAAA

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=vnt&i=e7d38da1-fadb-449b-a2d6-e45d17d4228d

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=opx&i=b7809852-e5d8-4d7d-890f-f7a17642baec&gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=sad&i=4310997695062453897

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=vnt&i=7a4e0d22-1f4f-48cc-9d70-898b7e03d9f1

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=opx&i=83bd776a-d624-446f-94ad-f3204e39e0d0&gdpr=0&gdpr_consent=0

HTTP Response

200
169.197.150.8:443

https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D

tls, http2

msedge.exe

4.3kB
8.0kB
37
27

HTTP Request

GET https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D

HTTP Response

200

HTTP Request

GET https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D

HTTP Response

200

HTTP Request

GET https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D

HTTP Response

200

HTTP Request

GET https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D

HTTP Response

200

HTTP Request

GET https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D

HTTP Response

200

HTTP Request

GET https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D

HTTP Response

200

HTTP Request

GET https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D

HTTP Response

200

HTTP Request

GET https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D

HTTP Response

200

HTTP Request

GET https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D

HTTP Response

200

HTTP Request

GET https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D

HTTP Response

200

HTTP Request

GET https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D

HTTP Response

200
50.31.142.95:443

b1sync.zemanta.com

tls

msedge.exe

1.0kB
3.9kB
8
8
52.210.15.1:443

https://usersync.gumgum.com/usersync?b=sus&i=ZfNmA8Co8YsAALcG..oAAAAA

tls, http

msedge.exe

5.9kB
7.6kB
22
21

HTTP Request

GET https://usersync.gumgum.com/usersync?b=apn&i=0

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=apn&i=0

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=sus&i=ZfNmA8Co8YsAALcG..oAAAAA

HTTP Response

200
46.228.174.117:443

sync.1rx.io

tls

msedge.exe

1.6kB
6.8kB
10
10
52.210.15.1:443

https://usersync.gumgum.com/usersync?b=opx&i=a4b4a695-1822-4dd5-89ba-edd5aedfec05&gdpr=0&gdpr_consent=0

tls, http

msedge.exe

8.4kB
9.4kB
31
26

HTTP Request

GET https://usersync.gumgum.com/usersync?b=sad&i=6376218296843874213

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=sus&i=ZfNmHcCo5sEAAFcQrhQAAAAA

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=apn&i=0

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=vnt&i=d2bf796b-9d2e-4fe1-acb0-8d80710624af

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=vnt&i=e4f8a2a7-8915-4836-92da-a15e92cb5e3f

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=opx&i=a4b4a695-1822-4dd5-89ba-edd5aedfec05&gdpr=0&gdpr_consent=0

HTTP Response

200
52.210.15.1:443

https://usersync.gumgum.com/usersync?b=sus&i=ZfNmJMCo5sEAAFcQsLEAAAAA

tls, http

msedge.exe

9.7kB
9.4kB
32
25

HTTP Request

GET https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=vnt&i=ca6d87e0-e4ea-4d7c-898d-fe74a7f8fc64

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=apn&i=0

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=apn&i=0

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=sus&i=ZfNmJMCo5sEAAFcQsLEAAAAA

HTTP Response

200
69.166.1.34:443

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

tls, http2

msedge.exe

1.7kB
1.2kB
10
8

HTTP Request

GET https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

HTTP Response

200
52.210.15.1:443

https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0

tls, http

msedge.exe

7.7kB
9.2kB
28
27

HTTP Request

GET https://usersync.gumgum.com/usersync?b=sus&i=ZfNmG8Co5sEAAFcQrYAAAAAA

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=opx&i=07a440bb-02b8-4a8e-b5ca-3d0a91b668de&gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=opx&i=f73ea143-ace6-4b70-8d9c-d1fca85da750&gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=vnt&i=186ac31b-48ee-4396-bbc4-45d116fd0ecd

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=sad&i=6568365070558539633

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0

HTTP Response

200
213.19.162.71:443

https://prebid-server.rubiconproject.com/getuids

tls, http

msedge.exe

8.4kB
9.1kB
31
33

HTTP Request

GET https://prebid-server.rubiconproject.com/getuids

HTTP Response

200

HTTP Request

GET https://prebid-server.rubiconproject.com/getuids

HTTP Response

200

HTTP Request

GET https://prebid-server.rubiconproject.com/getuids

HTTP Response

200

HTTP Request

GET https://prebid-server.rubiconproject.com/getuids

HTTP Response

200

HTTP Request

GET https://prebid-server.rubiconproject.com/getuids

HTTP Response

200

HTTP Request

GET https://prebid-server.rubiconproject.com/getuids

HTTP Response

200

HTTP Request

GET https://prebid-server.rubiconproject.com/getuids

HTTP Response

200

HTTP Request

GET https://prebid-server.rubiconproject.com/getuids

HTTP Response

200

HTTP Request

GET https://prebid-server.rubiconproject.com/getuids

HTTP Response

200

HTTP Request

GET https://prebid-server.rubiconproject.com/getuids

HTTP Response

200
69.166.1.34:443

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

tls, http2

msedge.exe

3.0kB
3.8kB
23
13

HTTP Request

GET https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

HTTP Response

200

HTTP Request

GET https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

HTTP Response

200

HTTP Request

GET https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

HTTP Response

200

HTTP Request

GET https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

HTTP Response

200

HTTP Request

GET https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

HTTP Response

200

HTTP Request

GET https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

HTTP Response

200
67.202.105.24:443

https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

tls, http2

msedge.exe

4.7kB
2.5kB
34
23

HTTP Request

GET https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

HTTP Response

204

HTTP Request

GET https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

HTTP Response

204

HTTP Request

GET https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

HTTP Response

204

HTTP Request

GET https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

HTTP Response

204

HTTP Request

GET https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

HTTP Response

204

HTTP Request

GET https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

HTTP Response

204

HTTP Request

GET https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

HTTP Response

204

HTTP Request

GET https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

HTTP Response

204

HTTP Request

GET https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

HTTP Response

204

HTTP Request

GET https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

HTTP Response

204
208.93.169.131:443

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25

tls, http2

msedge.exe

4.6kB
8.3kB
34
26

HTTP Request

GET https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D21%26uid%3D%25%25VGUID%25%25

HTTP Request

GET https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25

HTTP Response

302

HTTP Response

302

HTTP Request

GET https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D21%26uid%3D%25%25VGUID%25%25

HTTP Response

302

HTTP Request

GET https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D21%26uid%3D%25%25VGUID%25%25

HTTP Response

302

HTTP Request

GET https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25

HTTP Response

302

HTTP Request

GET https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25

HTTP Response

302

HTTP Request

GET https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25

HTTP Response

302

HTTP Request

GET https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D21%26uid%3D%25%25VGUID%25%25

HTTP Response

302

HTTP Request

GET https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D21%26uid%3D%25%25VGUID%25%25

HTTP Response

302

HTTP Request

GET https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25

HTTP Response

302
81.17.55.122:443

ssbsync-global.smartadserver.com

tls

msedge.exe

1.0kB
1.6kB
8
5
211.120.53.204:443

https://tg.socdm.com/aux/idsync?proto=gumgum

tls, http

msedge.exe

5.1kB
9.3kB
19
17

HTTP Request

GET https://tg.socdm.com/aux/idsync?proto=gumgum

HTTP Response

302

HTTP Request

GET https://tg.socdm.com/aux/idsync?proto=gumgum

HTTP Response

302

HTTP Request

GET https://tg.socdm.com/aux/idsync?proto=gumgum

HTTP Response

302

HTTP Request

GET https://tg.socdm.com/aux/idsync?proto=gumgum

HTTP Response

302

HTTP Request

GET https://tg.socdm.com/aux/idsync?proto=gumgum

HTTP Response

302
37.252.171.149:443

secure.adnxs.com

tls

msedge.exe

3.3kB
84 B
5
2
54.166.93.240:443

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=0

tls, http

msedge.exe

5.5kB
14.0kB
25
24

HTTP Request

GET https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=0

HTTP Response

302

HTTP Request

GET https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=0

HTTP Response

302

HTTP Request

GET https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=0

HTTP Response

302

HTTP Request

GET https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=0

HTTP Response

302

HTTP Request

GET https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=0

HTTP Response

302
52.71.44.145:443

sync.ipredictive.com

tls

msedge.exe

988 B
460 B
9
7
64.74.236.95:443

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_a631c396-5fc4-4378-9bc9-b31449734366&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__

tls, http

msedge.exe

4.3kB
5.0kB
14
10

HTTP Request

GET https://b1sync.zemanta.com/usersync/gumgum/?puid=e_2fbce7b6-2b74-4d62-a9b7-729791e5b5db&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__

HTTP Response

302

HTTP Request

GET https://b1sync.zemanta.com/usersync/gumgum/?puid=e_a631c396-5fc4-4378-9bc9-b31449734366&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__

HTTP Response

302
81.17.55.109:443

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0

tls, http

msedge.exe

6.8kB
7.0kB
23
17

HTTP Request

GET https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0

HTTP Response

302

HTTP Request

GET https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0

HTTP Response

302

HTTP Request

GET https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0

HTTP Response

302

HTTP Request

GET https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0

HTTP Response

302

HTTP Request

GET https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0

HTTP Response

302
211.120.53.204:443

https://tg.socdm.com/aux/idsync?proto=gumgum

tls, http

msedge.exe

2.5kB
5.3kB
10
8

HTTP Request

GET https://tg.socdm.com/aux/idsync?proto=gumgum

HTTP Response

302

HTTP Request

GET https://tg.socdm.com/aux/idsync?proto=gumgum

HTTP Response

302
52.71.44.145:443

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D

tls, http

msedge.exe

7.2kB
9.9kB
24
18

HTTP Request

GET https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D

HTTP Response

302

HTTP Request

GET https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D

HTTP Response

302

HTTP Request

GET https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D

HTTP Response

302

HTTP Request

GET https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D

HTTP Response

302

HTTP Request

GET https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D

HTTP Response

302
37.252.171.149:443

https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID

tls, http2

msedge.exe

4.6kB
16.2kB
33
27

HTTP Request

GET https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID

HTTP Response

307

HTTP Request

GET https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID

HTTP Response

302

HTTP Request

GET https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID

HTTP Response

307

HTTP Request

GET https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID

HTTP Request

GET https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID

HTTP Response

307

HTTP Response

302

HTTP Request

GET https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID

HTTP Response

302

HTTP Request

GET https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID

HTTP Response

307

HTTP Request

GET https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID

HTTP Response

302

HTTP Request

GET https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID

HTTP Response

307

HTTP Request

GET https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID

HTTP Response

302
81.17.55.122:443

ssbsync-global.smartadserver.com

tls

msedge.exe

983 B
1.7kB
7
6
34.247.233.198:443

https://usersync.gumgum.com/usersync?b=apn&i=0

tls, http

msedge.exe

4.8kB
8.0kB
26
19

HTTP Request

GET https://usersync.gumgum.com/usersync?b=apn&i=0

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=sad&i=8431864793752252163

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=apn&i=0

HTTP Response

200
34.247.233.198:443

https://usersync.gumgum.com/usersync?b=vnt&i=cb278e13-91dc-4b26-92f1-69cb0333291c

tls, http

msedge.exe

2.8kB
6.8kB
20
15

HTTP Request

GET https://usersync.gumgum.com/usersync?b=opx&i=7b5d8a99-c504-47c6-94f3-b26b296267bb&gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=vnt&i=cb278e13-91dc-4b26-92f1-69cb0333291c

HTTP Response

200
34.247.233.198:443

https://usersync.gumgum.com/usersync?b=sad&i=4408395789420310522

tls, http

msedge.exe

6.8kB
7.9kB
24
21

HTTP Request

GET https://usersync.gumgum.com/usersync?b=sus&i=ZfNmHcCo5sEAAFcQrjIAAAAA

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=sad&i=6822015247670947740

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=opx&i=9c44422c-1b7a-4311-a07b-f6946153f683&gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=sus&i=ZfNmIcCo5sEAAFcQr6IAAAAA

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=sad&i=4408395789420310522

HTTP Response

200
46.228.174.117:443

https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D&cb=1710450204355

tls, http2

msedge.exe

2.2kB
8.0kB
15
14

HTTP Request

GET https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D

HTTP Response

302

HTTP Request

GET https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D&cb=1710450204355

HTTP Response

302
81.17.55.122:443

ssbsync-global.smartadserver.com

tls

msedge.exe

909 B
1.6kB
8
5
35.214.149.91:443

x.bidswitch.net

tls

msedge.exe

934 B
5.6kB
7
8
64.74.236.95:443

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_238c96d0-080b-464b-9819-02649520a263&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__

tls, http

msedge.exe

4.5kB
6.2kB
18
13

HTTP Request

GET https://b1sync.zemanta.com/usersync/gumgum/?puid=e_d64428ec-54ce-4a48-8237-110549aba0a4&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__

HTTP Response

302

HTTP Request

GET https://b1sync.zemanta.com/usersync/gumgum/?puid=e_560adcd9-e34a-45f1-8e0d-6ad0ce04a047&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__

HTTP Response

302

HTTP Request

GET https://b1sync.zemanta.com/usersync/gumgum/?puid=e_238c96d0-080b-464b-9819-02649520a263&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__

HTTP Response

302
69.166.1.34:443

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

tls, http2

msedge.exe

1.8kB
1.3kB
12
10

HTTP Request

GET https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

HTTP Response

200
69.166.1.34:443

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

tls, http2

msedge.exe

2.8kB
2.6kB
16
13

HTTP Request

GET https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

HTTP Response

200

HTTP Request

GET https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

HTTP Response

200
81.17.55.122:443

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D82%26uid%3D%5Bssb_sync_pid%5D

tls, http2

msedge.exe

2.6kB
6.1kB
21
18

HTTP Request

GET https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D82%26uid%3D%5Bssb_sync_pid%5D

HTTP Response

302

HTTP Request

GET https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D82%26uid%3D%5Bssb_sync_pid%5D

HTTP Response

302

HTTP Request

GET https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D82%26uid%3D%5Bssb_sync_pid%5D

HTTP Response

302
46.228.174.117:443

https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D&cb=1710450209745

tls, http2

msedge.exe

2.3kB
8.0kB
17
14

HTTP Request

GET https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D

HTTP Response

302

HTTP Request

GET https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D&cb=1710450209745

HTTP Response

302
69.166.1.34:443

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

tls, http2

msedge.exe

1.9kB
2.4kB
15
13

HTTP Request

GET https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

HTTP Response

200
172.67.74.152:80

http://api.ipify.org/

http

UnbanMe.exe

269 B
400 B
5
4

HTTP Request

GET http://api.ipify.org/

HTTP Response

200
172.67.74.152:80

http://api.ipify.org/

http

UnbanMe.exe

269 B
400 B
5
4

HTTP Request

GET http://api.ipify.org/

HTTP Response

200
172.67.74.152:80

http://api.ipify.org/

http

UnbanMe.exe

269 B
400 B
5
4

HTTP Request

GET http://api.ipify.org/

HTTP Response

200
213.19.162.71:443

https://prebid-server.rubiconproject.com/getuids

tls, http

msedge.exe

9.0kB
8.2kB
29
26

HTTP Request

GET https://prebid-server.rubiconproject.com/getuids

HTTP Response

200

HTTP Request

GET https://prebid-server.rubiconproject.com/getuids

HTTP Response

200

HTTP Request

GET https://prebid-server.rubiconproject.com/getuids

HTTP Response

200

HTTP Request

GET https://prebid-server.rubiconproject.com/getuids

HTTP Response

200

HTTP Request

GET https://prebid-server.rubiconproject.com/getuids

HTTP Response

200

HTTP Request

GET https://prebid-server.rubiconproject.com/getuids

HTTP Response

200

HTTP Request

GET https://prebid-server.rubiconproject.com/getuids

HTTP Response

200

HTTP Request

GET https://prebid-server.rubiconproject.com/getuids

HTTP Response

200
69.166.1.34:443

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

tls, http2

msedge.exe

2.1kB
1.9kB
15
12

HTTP Request

GET https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

HTTP Response

200

HTTP Request

GET https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

HTTP Response

200

HTTP Request

GET https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D
67.202.105.24:443

https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

tls, http2

msedge.exe

3.5kB
1.6kB
23
14

HTTP Request

GET https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

HTTP Response

204

HTTP Request

GET https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

HTTP Response

204

HTTP Request

GET https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

HTTP Response

204

HTTP Request

GET https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

HTTP Response

204

HTTP Request

GET https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

HTTP Response

204

HTTP Request

GET https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

HTTP Response

204

HTTP Request

GET https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X

HTTP Response

204

HTTP Request

GET https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D1%26uid%3D33XUSERID33X
69.166.1.34:443

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

tls, http2

msedge.exe

2.0kB
1.8kB
15
11

HTTP Request

GET https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

HTTP Response

200

HTTP Request

GET https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

HTTP Response

200
46.228.174.117:443

https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D&cb=1710450234418

tls, http2

msedge.exe

2.3kB
8.0kB
17
15

HTTP Request

GET https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D

HTTP Response

302

HTTP Request

GET https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D&cb=1710450234418

HTTP Response

302
37.252.171.149:443

https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID

tls, http2

msedge.exe

3.4kB
7.2kB
16
14

HTTP Request

GET https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID

HTTP Response

307

HTTP Request

GET https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID

HTTP Response

302

HTTP Request

GET https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID

HTTP Response

307

HTTP Request

GET https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID

HTTP Response

302
54.166.93.240:443

sync.srv.stackadapt.com

tls

msedge.exe

798 B
309 B
5
4
64.74.236.95:443

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_79532521-4522-4ff1-9348-e8c7e721f1ba&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__

tls, http

msedge.exe

2.9kB
5.6kB
12
8

HTTP Request

GET https://b1sync.zemanta.com/usersync/gumgum/?puid=e_113e3891-95fe-483c-bcf7-92df15b25d19&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__

HTTP Response

302

HTTP Request

GET https://b1sync.zemanta.com/usersync/gumgum/?puid=e_79532521-4522-4ff1-9348-e8c7e721f1ba&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__

HTTP Response

302
52.71.44.145:443

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D

tls, http

msedge.exe

3.5kB
7.1kB
11
10

HTTP Request

GET https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D

HTTP Response

302

HTTP Request

GET https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D

HTTP Response

302
208.93.169.131:443

https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D21%26uid%3D%25%25VGUID%25%25

tls, http2

msedge.exe

2.9kB
4.7kB
19
16

HTTP Request

GET https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25

HTTP Request

GET https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D21%26uid%3D%25%25VGUID%25%25

HTTP Response

302

HTTP Response

302

HTTP Request

GET https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25

HTTP Response

302

HTTP Request

GET https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D21%26uid%3D%25%25VGUID%25%25

HTTP Response

302

HTTP Request

GET https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D21%26uid%3D%25%25VGUID%25%25

HTTP Response

302
81.17.55.109:443

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D82%26uid%3D%5Bssb_sync_pid%5D

tls, http2

msedge.exe

3.5kB
6.9kB
22
19

HTTP Request

GET https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0

HTTP Response

302

HTTP Request

GET https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D82%26uid%3D%5Bssb_sync_pid%5D

HTTP Response

302

HTTP Request

GET https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D82%26uid%3D%5Bssb_sync_pid%5D

HTTP Response

302

HTTP Request

GET https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=0

HTTP Response

302

HTTP Request

GET https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D82%26uid%3D%5Bssb_sync_pid%5D

HTTP Response

302

HTTP Request

GET https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D82%26uid%3D%5Bssb_sync_pid%5D

HTTP Response

302
34.247.233.198:443

https://usersync.gumgum.com/usersync?b=sus&i=ZfNmPsCo5sMAAJYh6ysAAAAA

tls, http

msedge.exe

7.5kB
8.6kB
21
20

HTTP Request

GET https://usersync.gumgum.com/usersync?b=sus&i=ZfNmO8Co5sMAAJYh6woAAAAA

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=sad&i=1546519162945908492

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=apn&i=0

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=opx&i=3db707c6-58d1-42a6-b587-6216f1d70504&gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=vnt&i=b8e73281-9e5d-44f1-9dd1-d21f13c3037c

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=sus&i=ZfNmPsCo5sMAAJYh6ysAAAAA

HTTP Response

200
54.166.93.240:443

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=0

tls, http

msedge.exe

3.8kB
9.1kB
14
14

HTTP Request

GET https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=0

HTTP Response

302

HTTP Request

GET https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=0

HTTP Response

302
34.247.233.198:443

https://usersync.gumgum.com/usersync?b=vnt&i=57712d8d-2263-447c-b696-16133d4c1133

tls, http

msedge.exe

5.3kB
8.1kB
19
20

HTTP Request

GET https://usersync.gumgum.com/usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=sad&i=2945505064837033728

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=apn&i=0

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=opx&i=4aebdae4-a064-4a9c-b1fe-ba84311e8bfa&gdpr=0&gdpr_consent=0

HTTP Response

200

HTTP Request

GET https://usersync.gumgum.com/usersync?b=vnt&i=57712d8d-2263-447c-b696-16133d4c1133

HTTP Response

200
34.247.233.198:443

https://usersync.gumgum.com/usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59

tls, http

msedge.exe

1.7kB
6.4kB
10
13

HTTP Request

GET https://usersync.gumgum.com/usersync?b=sta&i=0-7c72b27d-100a-5436-77f4-3c22950a6cff$ip$89.149.23.59

HTTP Response

200
69.166.1.34:443

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

tls, http2

msedge.exe

1.9kB
1.4kB
13
11

HTTP Request

GET https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

HTTP Response

200

HTTP Request

GET https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D
34.247.233.198:443

usersync.gumgum.com

tls

msedge.exe

943 B
6.1kB
8
12
69.166.1.34:443

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

tls, http2

msedge.exe

1.9kB
1.9kB
13
12

HTTP Request

GET https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

HTTP Response

200

HTTP Request

GET https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D26%26uid%3D%5BUID%5D

HTTP Response

200
46.228.174.117:443

https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D&cb=1710450241072

tls, http2

msedge.exe

2.1kB
7.9kB
13
12

HTTP Request

GET https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D

HTTP Response

302

HTTP Request

GET https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3D191beab17e050a2%26id%3D22%26uid%3D%5BRX_UUID%5D&cb=1710450241072

HTTP Response

302
69.166.1.34:443

sync.go.sonobi.com

tls

msedge.exe

655 B
52 B
3
1

8.8.8.8:53

www.unknowncheats.me

dns

msedge.exe

66 B
114 B
1
1

DNS Request

www.unknowncheats.me

DNS Response

104.26.12.251

104.26.13.251

172.67.73.40
8.8.8.8:53

68.159.190.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

68.159.190.20.in-addr.arpa
8.8.8.8:53

251.12.26.104.in-addr.arpa

dns

72 B
134 B
1
1

DNS Request

251.12.26.104.in-addr.arpa
8.8.8.8:53

13.86.106.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

13.86.106.20.in-addr.arpa
8.8.8.8:53

240.221.184.93.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

240.221.184.93.in-addr.arpa
8.8.8.8:53

95.221.229.192.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

95.221.229.192.in-addr.arpa
8.8.8.8:53

cdn.adligature.com

dns

msedge.exe

64 B
96 B
1
1

DNS Request

cdn.adligature.com

DNS Response

188.114.96.2

188.114.97.2
8.8.8.8:53

apps.identrust.com

dns

msedge.exe

128 B
165 B
2
1

DNS Request

apps.identrust.com

DNS Request

apps.identrust.com

DNS Response

96.17.179.205

96.17.179.184
8.8.8.8:53

2.96.114.188.in-addr.arpa

dns

71 B
133 B
1
1

DNS Request

2.96.114.188.in-addr.arpa
8.8.8.8:53

pro.ip-api.com

dns

msedge.exe

120 B
76 B
2
1

DNS Request

pro.ip-api.com

DNS Request

pro.ip-api.com

DNS Response

208.95.112.2
8.8.8.8:53

232.179.250.142.in-addr.arpa

dns

148 B
112 B
2
1

DNS Request

232.179.250.142.in-addr.arpa

DNS Request

232.179.250.142.in-addr.arpa
8.8.8.8:53

238.16.217.172.in-addr.arpa

dns

146 B
142 B
2
1

DNS Request

238.16.217.172.in-addr.arpa

DNS Request

238.16.217.172.in-addr.arpa
8.8.8.8:53

205.179.17.96.in-addr.arpa

dns

144 B
137 B
2
1

DNS Request

205.179.17.96.in-addr.arpa

DNS Request

205.179.17.96.in-addr.arpa
8.8.8.8:53

securepubads.g.doubleclick.net

dns

msedge.exe

76 B
121 B
1
1

DNS Request

securepubads.g.doubleclick.net

DNS Response

172.217.169.34
8.8.8.8:53

ajax.googleapis.com

dns

msedge.exe

65 B
81 B
1
1

DNS Request

ajax.googleapis.com

DNS Response

142.250.187.202
8.8.8.8:53

c.amazon-adsystem.com

dns

msedge.exe

67 B
126 B
1
1

DNS Request

c.amazon-adsystem.com

DNS Response

13.224.223.9
8.8.8.8:53

9.223.224.13.in-addr.arpa

dns

71 B
127 B
1
1

DNS Request

9.223.224.13.in-addr.arpa
8.8.8.8:53

34.169.217.172.in-addr.arpa

dns

73 B
111 B
1
1

DNS Request

34.169.217.172.in-addr.arpa
8.8.8.8:53

202.187.250.142.in-addr.arpa

dns

74 B
113 B
1
1

DNS Request

202.187.250.142.in-addr.arpa
224.0.0.251:5353

msedge.exe

600 B
9
8.8.8.8:53

2.112.95.208.in-addr.arpa

dns

71 B
144 B
1
1

DNS Request

2.112.95.208.in-addr.arpa
172.217.169.34:443

securepubads.g.doubleclick.net

https

msedge.exe

3.1kB
6.5kB
5
7
8.8.8.8:53

idrs.adtelligent.com

dns

msedge.exe

66 B
82 B
1
1

DNS Request

idrs.adtelligent.com

DNS Response

62.149.0.74
8.8.8.8:53

us-central1-wrapper-analytics-prod.cloudfunctions.net

dns

msedge.exe

99 B
115 B
1
1

DNS Request

us-central1-wrapper-analytics-prod.cloudfunctions.net

DNS Response

216.239.36.54
8.8.8.8:53

id5-sync.com

dns

msedge.exe

58 B
218 B
1
1

DNS Request

id5-sync.com

DNS Response

162.19.138.83

162.19.138.120

162.19.138.119

162.19.138.116

162.19.138.118

141.95.98.64

162.19.138.117

162.19.138.82

141.95.33.120

141.95.98.65
8.8.8.8:53

gum.criteo.com

dns

msedge.exe

60 B
107 B
1
1

DNS Request

gum.criteo.com

DNS Response

178.250.1.11
8.8.8.8:53

id.a-mx.com

dns

msedge.exe

57 B
89 B
1
1

DNS Request

id.a-mx.com

DNS Response

79.127.227.46

79.127.216.47
8.8.8.8:53

tagan.adlightning.com

dns

msedge.exe

67 B
131 B
1
1

DNS Request

tagan.adlightning.com

DNS Response

216.137.44.72

216.137.44.76

216.137.44.108

216.137.44.59
8.8.8.8:53

fundingchoicesmessages.google.com

dns

msedge.exe

79 B
116 B
1
1

DNS Request

fundingchoicesmessages.google.com

DNS Response

172.217.16.238
8.8.8.8:53

config.aps.amazon-adsystem.com

dns

msedge.exe

76 B
140 B
1
1

DNS Request

config.aps.amazon-adsystem.com

DNS Response

52.84.90.40

52.84.90.106

52.84.90.126

52.84.90.86
8.8.8.8:53

aax.amazon-adsystem.com

dns

msedge.exe

69 B
201 B
1
1

DNS Request

aax.amazon-adsystem.com

DNS Response

18.155.122.233
8.8.8.8:53

6.39.156.108.in-addr.arpa

dns

71 B
127 B
1
1

DNS Request

6.39.156.108.in-addr.arpa
8.8.8.8:53

54.36.239.216.in-addr.arpa

dns

72 B
132 B
1
1

DNS Request

54.36.239.216.in-addr.arpa
8.8.8.8:53

11.1.250.178.in-addr.arpa

dns

71 B
125 B
1
1

DNS Request

11.1.250.178.in-addr.arpa
8.8.8.8:53

72.44.137.216.in-addr.arpa

dns

72 B
129 B
1
1

DNS Request

72.44.137.216.in-addr.arpa
8.8.8.8:53

46.227.127.79.in-addr.arpa

dns

72 B
118 B
1
1

DNS Request

46.227.127.79.in-addr.arpa
8.8.8.8:53

83.138.19.162.in-addr.arpa

dns

72 B
113 B
1
1

DNS Request

83.138.19.162.in-addr.arpa
8.8.8.8:53

cdn.id5-sync.com

dns

msedge.exe

62 B
110 B
1
1

DNS Request

cdn.id5-sync.com

DNS Response

104.22.52.86

172.67.38.106

104.22.53.86
8.8.8.8:53

cdn.hadronid.net

dns

msedge.exe

62 B
110 B
1
1

DNS Request

cdn.hadronid.net

DNS Response

104.22.52.173

104.22.53.173

172.67.36.110
8.8.8.8:53

tags.crwdcntrl.net

dns

msedge.exe

204 B
259 B
3
2

DNS Request

tags.crwdcntrl.net

DNS Response

18.245.143.83

18.245.143.58

18.245.143.100

18.245.143.118

DNS Request

1.15.210.52.in-addr.arpa

DNS Request

1.15.210.52.in-addr.arpa
8.8.8.8:53

lb.eu-1-id5-sync.com

dns

msedge.exe

132 B
452 B
2
2

DNS Request

lb.eu-1-id5-sync.com

DNS Request

lb.eu-1-id5-sync.com

DNS Response

162.19.138.117

141.95.98.64

162.19.138.120

141.95.33.120

162.19.138.83

162.19.138.119

162.19.138.118

141.95.98.65

162.19.138.82

162.19.138.116

DNS Response

162.19.138.117

141.95.98.64

162.19.138.120

141.95.33.120

162.19.138.83

162.19.138.119

162.19.138.118

141.95.98.65

162.19.138.82

162.19.138.116
8.8.8.8:53

bcp.crwdcntrl.net

dns

msedge.exe

126 B
382 B
2
2

DNS Request

bcp.crwdcntrl.net

DNS Request

bcp.crwdcntrl.net

DNS Response

54.155.211.205

34.252.235.9

54.220.33.129

54.72.51.53

54.194.222.229

54.72.96.86

52.211.239.186

52.31.251.249

DNS Response

52.211.239.186

54.194.222.229

52.31.251.249

52.212.53.200

34.252.235.9

54.155.211.205

54.72.51.53

54.220.33.129
8.8.8.8:53

id.hadron.ad.gt

dns

msedge.exe

122 B
314 B
2
2

DNS Request

id.hadron.ad.gt

DNS Request

id.hadron.ad.gt

DNS Response

104.22.4.69

104.22.5.69

172.67.23.234

DNS Response

104.22.5.69

172.67.23.234

104.22.4.69
216.239.36.54:443

us-central1-wrapper-analytics-prod.cloudfunctions.net

https

msedge.exe

5.6kB
11.1kB
31
30
8.8.8.8:53

a.nel.cloudflare.com

dns

msedge.exe

132 B
164 B
2
2

DNS Request

a.nel.cloudflare.com

DNS Request

a.nel.cloudflare.com

DNS Response

35.190.80.1

DNS Response

35.190.80.1
8.8.8.8:53

40.90.84.52.in-addr.arpa

dns

140 B
250 B
2
2

DNS Request

40.90.84.52.in-addr.arpa

DNS Request

40.90.84.52.in-addr.arpa
8.8.8.8:53

233.122.155.18.in-addr.arpa

dns

146 B
262 B
2
2

DNS Request

233.122.155.18.in-addr.arpa

DNS Request

233.122.155.18.in-addr.arpa
8.8.8.8:53

74.0.149.62.in-addr.arpa

dns

140 B
238 B
2
2

DNS Request

74.0.149.62.in-addr.arpa

DNS Request

74.0.149.62.in-addr.arpa
8.8.8.8:53

83.143.245.18.in-addr.arpa

dns

144 B
256 B
2
2

DNS Request

83.143.245.18.in-addr.arpa

DNS Request

83.143.245.18.in-addr.arpa
8.8.8.8:53

173.52.22.104.in-addr.arpa

dns

144 B
268 B
2
2

DNS Request

173.52.22.104.in-addr.arpa

DNS Request

173.52.22.104.in-addr.arpa
8.8.8.8:53

86.52.22.104.in-addr.arpa

dns

142 B
266 B
2
2

DNS Request

86.52.22.104.in-addr.arpa

DNS Request

86.52.22.104.in-addr.arpa
8.8.8.8:53

117.138.19.162.in-addr.arpa

dns

366 B
397 B
4
3

DNS Request

117.138.19.162.in-addr.arpa

DNS Request

117.138.19.162.in-addr.arpa

DNS Request

48e143e2b4cf63ba0296ab04ca42ed77.safeframe.googlesyndication.com

DNS Request

48e143e2b4cf63ba0296ab04ca42ed77.safeframe.googlesyndication.com

DNS Response

216.58.204.65
8.8.8.8:53

205.211.155.54.in-addr.arpa

dns

270 B
589 B
4
3

DNS Request

205.211.155.54.in-addr.arpa

DNS Request

205.211.155.54.in-addr.arpa

DNS Request

secure.adnxs.com

DNS Request

secure.adnxs.com

DNS Response

185.89.211.84

185.89.210.180

185.89.210.46

185.89.210.244

185.89.210.153

185.89.210.122

185.89.211.116

185.89.211.12

185.89.210.90

185.89.210.212

185.89.210.141

185.89.210.20
8.8.8.8:53

1.80.190.35.in-addr.arpa

dns

140 B
240 B
2
2

DNS Request

1.80.190.35.in-addr.arpa

DNS Request

1.80.190.35.in-addr.arpa
8.8.8.8:53

69.4.22.104.in-addr.arpa

dns

140 B
264 B
2
2

DNS Request

69.4.22.104.in-addr.arpa

DNS Request

69.4.22.104.in-addr.arpa
35.190.80.1:443

a.nel.cloudflare.com

https

msedge.exe

4.0kB
4.0kB
7
8
8.8.8.8:53

a.ad.gt

dns

msedge.exe

106 B
282 B
2
2

DNS Request

a.ad.gt

DNS Request

a.ad.gt

DNS Response

104.22.5.69

104.22.4.69

172.67.23.234

DNS Response

104.22.5.69

172.67.23.234

104.22.4.69
8.8.8.8:53

10.180.250.142.in-addr.arpa

dns

146 B
112 B
2
1

DNS Request

10.180.250.142.in-addr.arpa

DNS Request

10.180.250.142.in-addr.arpa
8.8.8.8:53

227.179.250.142.in-addr.arpa

dns

148 B
112 B
2
1

DNS Request

227.179.250.142.in-addr.arpa

DNS Request

227.179.250.142.in-addr.arpa
8.8.8.8:53

69.5.22.104.in-addr.arpa

dns

140 B
132 B
2
1

DNS Request

69.5.22.104.in-addr.arpa

DNS Request

69.5.22.104.in-addr.arpa
8.8.8.8:53

65.204.58.216.in-addr.arpa

dns

72 B
169 B
1
1

DNS Request

65.204.58.216.in-addr.arpa
8.8.8.8:53

tpc.googlesyndication.com

dns

msedge.exe

142 B
174 B
2
2

DNS Request

tpc.googlesyndication.com

DNS Request

tpc.googlesyndication.com

DNS Response

216.58.212.193

DNS Response

216.58.212.193
8.8.8.8:53

assets.revcontent.com

dns

msedge.exe

134 B
262 B
2
2

DNS Request

assets.revcontent.com

DNS Request

assets.revcontent.com

DNS Response

18.245.218.56

18.245.218.76

18.245.218.9

18.245.218.24

DNS Response

18.245.218.56

18.245.218.76

18.245.218.9

18.245.218.24
216.58.212.193:443

tpc.googlesyndication.com

https

msedge.exe

5.2kB
27.2kB
29
34
8.8.8.8:53

2.169.217.172.in-addr.arpa

dns

72 B
110 B
1
1

DNS Request

2.169.217.172.in-addr.arpa
8.8.8.8:53

193.212.58.216.in-addr.arpa

dns

146 B
342 B
2
2

DNS Request

193.212.58.216.in-addr.arpa

DNS Request

193.212.58.216.in-addr.arpa
8.8.8.8:53

56.218.245.18.in-addr.arpa

dns

72 B
128 B
1
1

DNS Request

56.218.245.18.in-addr.arpa
8.8.8.8:53

ads.pubmatic.com

dns

msedge.exe

124 B
145 B
2
1

DNS Request

ads.pubmatic.com

DNS Request

ads.pubmatic.com

DNS Response

96.16.109.9
8.8.8.8:53

trends.revcontent.com

dns

msedge.exe

134 B
198 B
2
2

DNS Request

trends.revcontent.com

DNS Request

trends.revcontent.com

DNS Response

52.31.85.16

63.33.0.55

DNS Response

52.31.85.16

63.33.0.55
8.8.8.8:53

228.249.119.40.in-addr.arpa

dns

146 B
318 B
2
2

DNS Request

228.249.119.40.in-addr.arpa

DNS Request

228.249.119.40.in-addr.arpa
8.8.8.8:53

9.109.16.96.in-addr.arpa

dns

140 B
266 B
2
2

DNS Request

9.109.16.96.in-addr.arpa

DNS Request

9.109.16.96.in-addr.arpa
8.8.8.8:53

yeet.revcontent.com

dns

msedge.exe

130 B
194 B
2
2

DNS Request

yeet.revcontent.com

DNS Request

yeet.revcontent.com

DNS Response

63.33.0.55

52.31.85.16

DNS Response

52.31.85.16

63.33.0.55
8.8.8.8:53

images.revcontent.com

dns

msedge.exe

134 B
262 B
2
2

DNS Request

images.revcontent.com

DNS Request

images.revcontent.com

DNS Response

143.204.176.129

143.204.176.113

143.204.176.4

143.204.176.97

DNS Response

143.204.176.129

143.204.176.113

143.204.176.4

143.204.176.97
8.8.8.8:53

16.85.31.52.in-addr.arpa

dns

140 B
262 B
2
2

DNS Request

16.85.31.52.in-addr.arpa

DNS Request

16.85.31.52.in-addr.arpa
8.8.8.8:53

129.176.204.143.in-addr.arpa

dns

148 B
266 B
2
2

DNS Request

129.176.204.143.in-addr.arpa

DNS Request

129.176.204.143.in-addr.arpa
8.8.8.8:53

challenges.cloudflare.com

dns

msedge.exe

142 B
206 B
2
2

DNS Request

challenges.cloudflare.com

DNS Request

challenges.cloudflare.com

DNS Response

104.17.3.184

104.17.2.184

DNS Response

104.17.2.184

104.17.3.184
8.8.8.8:53

184.3.17.104.in-addr.arpa

dns

142 B
266 B
2
2

DNS Request

184.3.17.104.in-addr.arpa

DNS Request

184.3.17.104.in-addr.arpa
8.8.8.8:53

196.249.167.52.in-addr.arpa

dns

146 B
147 B
2
1

DNS Request

196.249.167.52.in-addr.arpa

DNS Request

196.249.167.52.in-addr.arpa
8.8.8.8:53

86.23.85.13.in-addr.arpa

dns

140 B
288 B
2
2

DNS Request

86.23.85.13.in-addr.arpa

DNS Request

86.23.85.13.in-addr.arpa
8.8.8.8:53

154.239.44.20.in-addr.arpa

dns

144 B
158 B
2
1

DNS Request

154.239.44.20.in-addr.arpa

DNS Request

154.239.44.20.in-addr.arpa
8.8.8.8:53

198.187.3.20.in-addr.arpa

dns

142 B
157 B
2
1

DNS Request

198.187.3.20.in-addr.arpa

DNS Request

198.187.3.20.in-addr.arpa
8.8.8.8:53

134.71.91.104.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

134.71.91.104.in-addr.arpa
8.8.8.8:53

rtid.tapad.com

dns

msedge.exe

120 B
152 B
2
2

DNS Request

rtid.tapad.com

DNS Request

rtid.tapad.com

DNS Response

35.244.252.209

DNS Response

35.244.252.209
8.8.8.8:53

ib.adnxs-simple.com

dns

msedge.exe

130 B
534 B
2
2

DNS Request

ib.adnxs-simple.com

DNS Request

ib.adnxs-simple.com

DNS Response

37.252.171.21

37.252.173.215

37.252.171.52

37.252.171.53

37.252.171.85

37.252.171.149

37.252.172.123

DNS Response

185.89.210.180

185.89.210.90

185.89.210.141

185.89.211.84

185.89.210.212

185.89.210.244

185.89.210.122

185.89.210.82

185.89.211.12

185.89.210.153

185.89.210.20

185.89.210.46
8.8.8.8:53

hbopenbid.pubmatic.com

dns

msedge.exe

136 B
293 B
2
2

DNS Request

hbopenbid.pubmatic.com

DNS Request

hbopenbid.pubmatic.com

DNS Response

185.64.190.77

DNS Response

185.64.189.112
8.8.8.8:53

web.hb.ad.cpe.dotomi.com

dns

msedge.exe

70 B
216 B
1
1

DNS Request

web.hb.ad.cpe.dotomi.com

DNS Response

63.215.202.146

89.207.16.210

64.158.223.146

63.215.202.178

89.207.16.146
8.8.8.8:53

ads.servenobid.com

dns

msedge.exe

128 B
320 B
2
2

DNS Request

ads.servenobid.com

DNS Request

ads.servenobid.com

DNS Response

54.246.136.8

54.228.145.228

52.17.202.104

52.16.111.73

54.216.191.62

34.253.37.220

DNS Response

34.253.37.220

54.228.145.228

52.16.111.73

52.17.202.104

54.246.136.8

54.216.191.62
8.8.8.8:53

prebid.media.net

dns

msedge.exe

124 B
156 B
2
2

DNS Request

prebid.media.net

DNS Response

34.120.63.153

DNS Request

prebid.media.net

DNS Response

34.120.63.153
8.8.8.8:53

cpm.qortex.ai

dns

msedge.exe

59 B
129 B
1
1

DNS Request

cpm.qortex.ai

DNS Response

77.245.57.72
8.8.8.8:53

ads.betweendigital.com

dns

msedge.exe

136 B
364 B
2
2

DNS Request

ads.betweendigital.com

DNS Response

188.42.189.197

188.42.34.65

188.42.189.231

188.42.196.115

188.42.34.64

188.42.191.196

DNS Request

ads.betweendigital.com

DNS Response

188.42.34.65

188.42.189.197

188.42.189.231

188.42.196.115

188.42.34.64

188.42.191.196
8.8.8.8:53

prebid.dblks.net

dns

msedge.exe

62 B
94 B
1
1

DNS Request

prebid.dblks.net

DNS Response

199.212.255.178

199.212.255.179
8.8.8.8:53

fastlane.rubiconproject.com

dns

msedge.exe

146 B
284 B
2
2

DNS Request

fastlane.rubiconproject.com

DNS Request

fastlane.rubiconproject.com

DNS Response

213.19.162.21

DNS Response

213.19.162.21
8.8.8.8:53

apex.go.sonobi.com

dns

msedge.exe

128 B
306 B
2
2

DNS Request

apex.go.sonobi.com

DNS Request

apex.go.sonobi.com

DNS Response

69.166.1.8

69.166.1.9

69.166.1.32

69.166.1.64

DNS Response

69.166.1.8

69.166.1.9

69.166.1.32

69.166.1.64
35.244.252.209:443

rtid.tapad.com

https

msedge.exe

3.2kB
4.5kB
6
6
8.8.8.8:53

209.252.244.35.in-addr.arpa

dns

146 B
252 B
2
2

DNS Request

209.252.244.35.in-addr.arpa

DNS Request

209.252.244.35.in-addr.arpa
8.8.8.8:53

77.190.64.185.in-addr.arpa

dns

144 B
264 B
2
2

DNS Request

77.190.64.185.in-addr.arpa

DNS Request

77.190.64.185.in-addr.arpa
8.8.8.8:53

21.171.252.37.in-addr.arpa

dns

144 B
268 B
2
2

DNS Request

21.171.252.37.in-addr.arpa

DNS Request

21.171.252.37.in-addr.arpa
8.8.8.8:53

146.202.215.63.in-addr.arpa

dns

146 B
234 B
2
2

DNS Request

146.202.215.63.in-addr.arpa

DNS Request

146.202.215.63.in-addr.arpa
8.8.8.8:53

153.63.120.34.in-addr.arpa

dns

72 B
124 B
1
1

DNS Request

153.63.120.34.in-addr.arpa
8.8.8.8:53

72.57.245.77.in-addr.arpa

dns

71 B
146 B
1
1

DNS Request

72.57.245.77.in-addr.arpa
8.8.8.8:53

21.162.19.213.in-addr.arpa

dns

144 B
144 B
2
2

DNS Request

21.162.19.213.in-addr.arpa

DNS Request

21.162.19.213.in-addr.arpa
8.8.8.8:53

8.136.246.54.in-addr.arpa

dns

71 B
133 B
1
1

DNS Request

8.136.246.54.in-addr.arpa
8.8.8.8:53

178.255.212.199.in-addr.arpa

dns

148 B
294 B
2
2

DNS Request

178.255.212.199.in-addr.arpa

DNS Request

178.255.212.199.in-addr.arpa
8.8.8.8:53

197.189.42.188.in-addr.arpa

dns

146 B
292 B
2
2

DNS Request

197.189.42.188.in-addr.arpa

DNS Request

197.189.42.188.in-addr.arpa
8.8.8.8:53

8.1.166.69.in-addr.arpa

dns

69 B
131 B
1
1

DNS Request

8.1.166.69.in-addr.arpa
8.8.8.8:53

b6351696394dffd7514614659b5d9454.safeframe.googlesyndication.com

dns

msedge.exe

220 B
338 B
2
2

DNS Request

b6351696394dffd7514614659b5d9454.safeframe.googlesyndication.com

DNS Request

b6351696394dffd7514614659b5d9454.safeframe.googlesyndication.com

DNS Response

216.58.204.65

DNS Response

216.58.204.65
8.8.8.8:53

cdn.ampproject.org

dns

msedge.exe

128 B
212 B
2
2

DNS Request

cdn.ampproject.org

DNS Request

cdn.ampproject.org

DNS Response

142.250.180.1

DNS Response

142.250.180.1
216.58.212.193:443

tpc.googlesyndication.com

https

msedge.exe

3.3kB
6.5kB
7
7
8.8.8.8:53

1.180.250.142.in-addr.arpa

dns

144 B
220 B
2
2

DNS Request

1.180.250.142.in-addr.arpa

DNS Request

1.180.250.142.in-addr.arpa
8.8.8.8:53

eus.rubiconproject.com

dns

msedge.exe

136 B
330 B
2
2

DNS Request

eus.rubiconproject.com

DNS Request

eus.rubiconproject.com

DNS Response

2.17.5.216

DNS Response

2.17.5.216
8.8.8.8:53

s.0cf.io

dns

msedge.exe

108 B
172 B
2
2

DNS Request

s.0cf.io

DNS Response

172.64.143.21

172.64.142.21

DNS Request

s.0cf.io

DNS Response

172.64.143.21

172.64.142.21
8.8.8.8:53

public.servenobid.com

dns

msedge.exe

134 B
262 B
2
2

DNS Request

public.servenobid.com

DNS Response

108.156.39.59

108.156.39.44

108.156.39.118

108.156.39.36

DNS Request

public.servenobid.com

DNS Response

108.156.39.59

108.156.39.44

108.156.39.118

108.156.39.36
8.8.8.8:53

contextual.media.net

dns

msedge.exe

132 B
164 B
2
2

DNS Request

contextual.media.net

DNS Request

contextual.media.net

DNS Response

2.17.4.21

DNS Response

2.17.4.21
8.8.8.8:53

match.adsrvr.org

dns

msedge.exe

124 B
252 B
2
2

DNS Request

match.adsrvr.org

DNS Request

match.adsrvr.org

DNS Response

52.223.40.198

35.71.131.137

15.197.193.217

3.33.220.150

DNS Response

52.223.40.198

35.71.131.137

15.197.193.217

3.33.220.150
8.8.8.8:53

sync.srv.stackadapt.com

dns

msedge.exe

268 B
507 B
4
3

DNS Request

sync.srv.stackadapt.com

DNS Request

sync.srv.stackadapt.com

DNS Response

54.145.217.237

52.73.237.27

54.144.120.173

54.175.28.36

54.166.93.240

52.73.22.46

54.156.231.188

54.205.159.141

DNS Response

54.156.221.97

54.145.217.237

54.205.171.68

54.156.231.188

54.160.228.160

54.166.93.240

52.73.22.46

54.174.97.40

DNS Request

usersync.gumgum.com

DNS Request

usersync.gumgum.com

DNS Response

34.247.233.198

52.210.15.1

34.247.205.196
8.8.8.8:53

x.bidswitch.net

dns

msedge.exe

122 B
208 B
2
2

DNS Request

x.bidswitch.net

DNS Request

x.bidswitch.net

DNS Response

35.214.149.91

DNS Response

35.214.149.91
8.8.8.8:53

p.rfihub.com

dns

msedge.exe

116 B
296 B
2
2

DNS Request

p.rfihub.com

DNS Request

p.rfihub.com

DNS Response

193.0.160.131

DNS Response

193.0.160.130
8.8.8.8:53

pixel-sync.sitescout.com

dns

msedge.exe

140 B
172 B
2
2

DNS Request

pixel-sync.sitescout.com

DNS Request

pixel-sync.sitescout.com

DNS Response

34.36.216.150

DNS Response

34.36.216.150
8.8.8.8:53

g2.gumgum.com

dns

msedge.exe

118 B
374 B
2
2

DNS Request

g2.gumgum.com

DNS Response

52.215.125.147

52.51.111.200

79.125.101.2

54.220.54.244

52.208.188.224

52.211.35.42

52.213.137.156

52.19.81.220

DNS Request

g2.gumgum.com

DNS Response

52.19.81.220

52.213.137.156

34.252.204.17

52.215.125.147

52.51.111.200

52.208.188.224

79.125.101.2

54.220.54.244
8.8.8.8:53

onetag-sys.com

dns

msedge.exe

60 B
156 B
1
1

DNS Request

onetag-sys.com

DNS Response

51.75.86.98

51.89.9.251

51.89.9.254

51.38.120.206

51.89.9.253

51.89.9.252
8.8.8.8:53

ssbsync.smartadserver.com

dns

msedge.exe

71 B
378 B
1
1

DNS Request

ssbsync.smartadserver.com

DNS Response

81.17.55.170

89.149.192.196

89.149.192.197

81.17.55.171

89.149.192.244

89.149.192.245

89.149.192.75

81.17.55.123

81.17.55.108

81.17.55.109

81.17.55.122

89.149.192.76
8.8.8.8:53

ssum-sec.casalemedia.com

dns

msedge.exe

70 B
102 B
1
1

DNS Request

ssum-sec.casalemedia.com

DNS Response

104.18.36.155

172.64.151.101
8.8.8.8:53

secure-assets.rubiconproject.com

dns

msedge.exe

78 B
183 B
1
1

DNS Request

secure-assets.rubiconproject.com

DNS Response

23.215.239.190
8.8.8.8:53

cs-rtb.minutemedia-prebid.com

dns

msedge.exe

75 B
181 B
1
1

DNS Request

cs-rtb.minutemedia-prebid.com

DNS Response

18.172.153.47

18.172.153.58

18.172.153.61

18.172.153.123
8.8.8.8:53

sync.adkernel.com

dns

msedge.exe

63 B
109 B
1
1

DNS Request

sync.adkernel.com

DNS Response

77.245.57.72
8.8.8.8:53

token.rubiconproject.com

dns

msedge.exe

140 B
151 B
2
1

DNS Request

token.rubiconproject.com

DNS Response

213.19.162.80

213.19.162.90

DNS Request

token.rubiconproject.com
8.8.8.8:53

cs-server-s2s.yellowblue.io

dns

msedge.exe

73 B
201 B
1
1

DNS Request

cs-server-s2s.yellowblue.io

DNS Response

18.205.133.0

54.80.115.21

54.82.57.110

54.84.110.184

3.215.162.122

3.236.2.99

44.195.196.122

23.23.209.154
8.8.8.8:53

cdn.dxkulture.com

dns

msedge.exe

126 B
302 B
2
2

DNS Request

cdn.dxkulture.com

DNS Request

cdn.dxkulture.com

DNS Response

104.18.13.192

104.18.12.192

DNS Response

104.18.13.192

104.18.12.192
8.8.8.8:53

eb2.3lift.com

dns

msedge.exe

118 B
112 B
2
1

DNS Request

eb2.3lift.com

DNS Request

eb2.3lift.com

DNS Response

13.248.245.213

76.223.111.18
8.8.8.8:53

21.4.17.2.in-addr.arpa

dns

136 B
129 B
2
1

DNS Request

21.4.17.2.in-addr.arpa

DNS Request

21.4.17.2.in-addr.arpa
8.8.8.8:53

59.39.156.108.in-addr.arpa

dns

144 B
129 B
2
1

DNS Request

59.39.156.108.in-addr.arpa

DNS Request

59.39.156.108.in-addr.arpa
8.8.8.8:53

21.143.64.172.in-addr.arpa

dns

144 B
268 B
2
2

DNS Request

21.143.64.172.in-addr.arpa

DNS Request

21.143.64.172.in-addr.arpa
8.8.8.8:53

216.5.17.2.in-addr.arpa

dns

138 B
262 B
2
2

DNS Request

216.5.17.2.in-addr.arpa

DNS Request

216.5.17.2.in-addr.arpa
8.8.8.8:53

198.40.223.52.in-addr.arpa

dns

144 B
256 B
2
2

DNS Request

198.40.223.52.in-addr.arpa

DNS Request

198.40.223.52.in-addr.arpa
8.8.8.8:53

237.217.145.54.in-addr.arpa

dns

146 B
129 B
2
1

DNS Request

237.217.145.54.in-addr.arpa

DNS Request

237.217.145.54.in-addr.arpa
8.8.8.8:53

131.160.0.193.in-addr.arpa

dns

144 B
132 B
2
1

DNS Request

131.160.0.193.in-addr.arpa

DNS Request

131.160.0.193.in-addr.arpa
8.8.8.8:53

91.149.214.35.in-addr.arpa

dns

144 B
124 B
2
1

DNS Request

91.149.214.35.in-addr.arpa

DNS Request

91.149.214.35.in-addr.arpa
8.8.8.8:53

150.216.36.34.in-addr.arpa

dns

144 B
124 B
2
1

DNS Request

150.216.36.34.in-addr.arpa

DNS Request

150.216.36.34.in-addr.arpa
8.8.8.8:53

47.153.172.18.in-addr.arpa

dns

144 B
129 B
2
1

DNS Request

47.153.172.18.in-addr.arpa

DNS Request

47.153.172.18.in-addr.arpa
8.8.8.8:53

155.36.18.104.in-addr.arpa

dns

144 B
134 B
2
1

DNS Request

155.36.18.104.in-addr.arpa

DNS Request

155.36.18.104.in-addr.arpa
8.8.8.8:53

98.86.75.51.in-addr.arpa

dns

140 B
103 B
2
1

DNS Request

98.86.75.51.in-addr.arpa

DNS Request

98.86.75.51.in-addr.arpa
8.8.8.8:53

170.55.17.81.in-addr.arpa

dns

142 B
134 B
2
1

DNS Request

170.55.17.81.in-addr.arpa

DNS Request

170.55.17.81.in-addr.arpa
8.8.8.8:53

147.125.215.52.in-addr.arpa

dns

146 B
137 B
2
1

DNS Request

147.125.215.52.in-addr.arpa

DNS Request

147.125.215.52.in-addr.arpa
8.8.8.8:53

190.239.215.23.in-addr.arpa

dns

146 B
278 B
2
2

DNS Request

190.239.215.23.in-addr.arpa

DNS Request

190.239.215.23.in-addr.arpa
8.8.8.8:53

80.162.19.213.in-addr.arpa

dns

144 B
72 B
2
1

DNS Request

80.162.19.213.in-addr.arpa

DNS Request

80.162.19.213.in-addr.arpa
8.8.8.8:53

0.133.205.18.in-addr.arpa

dns

142 B
125 B
2
1

DNS Request

0.133.205.18.in-addr.arpa

DNS Request

0.133.205.18.in-addr.arpa
8.8.8.8:53

192.13.18.104.in-addr.arpa

dns

144 B
134 B
2
1

DNS Request

192.13.18.104.in-addr.arpa

DNS Request

192.13.18.104.in-addr.arpa
8.8.8.8:53

cdn.connectad.io

dns

msedge.exe

62 B
110 B
1
1

DNS Request

cdn.connectad.io

DNS Response

104.22.54.206

172.67.8.174

104.22.55.206
8.8.8.8:53

prebid-match.dotomi.com

dns

msedge.exe

138 B
145 B
2
1

DNS Request

prebid-match.dotomi.com

DNS Response

89.207.16.204

DNS Request

prebid-match.dotomi.com
8.8.8.8:53

rtb.gumgum.com

dns

msedge.exe

60 B
188 B
1
1

DNS Request

rtb.gumgum.com

DNS Response

52.19.81.220

52.215.125.147

54.220.54.244

52.211.35.42

34.252.204.17

52.208.188.224

79.125.101.2

52.213.137.156
8.8.8.8:53

c1.adform.net

dns

msedge.exe

118 B
176 B
2
1

DNS Request

c1.adform.net

DNS Request

c1.adform.net

DNS Response

37.157.6.233

37.157.6.254

37.157.6.232

37.157.6.237

37.157.6.243
8.8.8.8:53

cm.g.doubleclick.net

dns

msedge.exe

132 B
82 B
2
1

DNS Request

cm.g.doubleclick.net

DNS Request

cm.g.doubleclick.net

DNS Response

142.250.178.2
8.8.8.8:53

tg.socdm.com

dns

msedge.exe

116 B
732 B
2
2

DNS Request

tg.socdm.com

DNS Request

tg.socdm.com

DNS Response

124.146.153.161

124.146.153.167

211.120.53.205

211.120.53.202

124.146.153.160

124.146.153.168

211.120.53.203

124.146.153.165

211.120.53.204

124.146.153.169

211.120.53.200

124.146.153.162

124.146.153.164

124.146.153.170

124.146.153.166

211.120.53.206

124.146.153.163

211.120.53.201

DNS Response

211.120.53.201

124.146.153.168

211.120.53.206

124.146.153.169

124.146.153.166

211.120.53.202

211.120.53.204

124.146.153.165

211.120.53.200

124.146.153.164

124.146.153.170

211.120.53.205

124.146.153.162

211.120.53.203

124.146.153.167

124.146.153.161

124.146.153.160

124.146.153.163
8.8.8.8:53

creativecdn.com

dns

msedge.exe

122 B
77 B
2
1

DNS Request

creativecdn.com

DNS Request

creativecdn.com

DNS Response

185.184.8.90
8.8.8.8:53

pr-bh.ybp.yahoo.com

dns

msedge.exe

65 B
173 B
1
1

DNS Request

pr-bh.ybp.yahoo.com

DNS Response

34.241.51.123

52.215.103.37

34.249.37.159

108.128.78.248
8.8.8.8:53

us-u.openx.net

dns

msedge.exe

60 B
92 B
1
1

DNS Request

us-u.openx.net

DNS Response

35.244.159.8

34.98.64.218
8.8.8.8:53

bh.contextweb.com

dns

msedge.exe

63 B
129 B
1
1

DNS Request

bh.contextweb.com

DNS Response

208.93.169.131
8.8.8.8:53

sync.ipredictive.com

dns

msedge.exe

66 B
194 B
1
1

DNS Request

sync.ipredictive.com

DNS Response

52.71.44.145

54.158.243.155

52.70.187.13

54.159.66.10

52.44.255.182

54.158.64.147

52.87.49.60

54.144.94.27
8.8.8.8:53

match.deepintent.com

dns

msedge.exe

66 B
146 B
1
1

DNS Request

match.deepintent.com

DNS Response

169.197.150.8

8.18.47.7

169.197.150.7

38.91.45.7
8.8.8.8:53

b1sync.zemanta.com

dns

msedge.exe

128 B
328 B
2
2

DNS Request

b1sync.zemanta.com

DNS Request

b1sync.zemanta.com

DNS Response

50.31.142.95

DNS Response

64.74.236.159
8.8.8.8:53

sync.go.sonobi.com

dns

msedge.exe

128 B
153 B
2
1

DNS Request

sync.go.sonobi.com

DNS Request

sync.go.sonobi.com

DNS Response

69.166.1.34

69.166.1.67

69.166.1.66

69.166.1.35
8.8.8.8:53

usersync.gumgum.com

dns

msedge.exe

130 B
113 B
2
1

DNS Request

usersync.gumgum.com

DNS Response

52.210.15.1

34.247.233.198

34.247.205.196

DNS Request

usersync.gumgum.com
35.244.159.8:443

us-u.openx.net

https

msedge.exe

5.6kB
8.7kB
29
31
142.250.178.2:443

cm.g.doubleclick.net

https

msedge.exe

35.6kB
59.0kB
362
339
8.8.8.8:53

ssum.casalemedia.com

dns

msedge.exe

132 B
98 B
2
1

DNS Request

ssum.casalemedia.com

DNS Request

ssum.casalemedia.com

DNS Response

172.64.151.101

104.18.36.155
8.8.8.8:53

rtb.openx.net

dns

msedge.exe

118 B
91 B
2
1

DNS Request

rtb.openx.net

DNS Request

rtb.openx.net

DNS Response

35.186.253.211

35.227.252.103
8.8.8.8:53

ap.lijit.com

dns

msedge.exe

174 B
310 B
3
1

DNS Request

ap.lijit.com

DNS Request

ap.lijit.com

DNS Request

ap.lijit.com

DNS Response

18.203.108.67

54.154.101.9

52.30.255.45

52.17.165.98

54.229.199.32

52.19.161.39

63.32.81.121

52.51.220.206
8.8.8.8:53

sync.1rx.io

dns

msedge.exe

114 B
146 B
2
2

DNS Request

sync.1rx.io

DNS Request

sync.1rx.io

DNS Response

46.228.174.117

DNS Response

46.228.174.117
8.8.8.8:53

prebid.a-mo.net

dns

msedge.exe

254 B
375 B
4
3

DNS Request

prebid.a-mo.net

DNS Request

prebid.a-mo.net

DNS Response

145.40.97.67

147.75.84.158

145.40.97.66

DNS Request

ssc-cms.33across.com

DNS Request

ssc-cms.33across.com

DNS Response

67.202.105.24

67.202.105.21

DNS Response

67.202.105.23

67.202.105.24
8.8.8.8:53

ups.analytics.yahoo.com

dns

msedge.exe

138 B
254 B
2
1

DNS Request

ups.analytics.yahoo.com

DNS Request

ups.analytics.yahoo.com

DNS Response

3.71.149.231

3.75.62.37
8.8.8.8:53

213.245.248.13.in-addr.arpa

dns

146 B
258 B
2
2

DNS Request

213.245.248.13.in-addr.arpa

DNS Request

213.245.248.13.in-addr.arpa
8.8.8.8:53

206.54.22.104.in-addr.arpa

dns

144 B
268 B
2
2

DNS Request

206.54.22.104.in-addr.arpa

DNS Request

206.54.22.104.in-addr.arpa
8.8.8.8:53

8.159.244.35.in-addr.arpa

dns

142 B
244 B
2
2

DNS Request

8.159.244.35.in-addr.arpa

DNS Request

8.159.244.35.in-addr.arpa
8.8.8.8:53

123.51.241.34.in-addr.arpa

dns

144 B
135 B
2
1

DNS Request

123.51.241.34.in-addr.arpa

DNS Request

123.51.241.34.in-addr.arpa
8.8.8.8:53

2.178.250.142.in-addr.arpa

dns

144 B
220 B
2
2

DNS Request

2.178.250.142.in-addr.arpa

DNS Request

2.178.250.142.in-addr.arpa
8.8.8.8:53

131.169.93.208.in-addr.arpa

dns

146 B
276 B
2
2

DNS Request

131.169.93.208.in-addr.arpa

DNS Request

131.169.93.208.in-addr.arpa
8.8.8.8:53

204.16.207.89.in-addr.arpa

dns

144 B
115 B
2
1

DNS Request

204.16.207.89.in-addr.arpa

DNS Request

204.16.207.89.in-addr.arpa
8.8.8.8:53

233.6.157.37.in-addr.arpa

dns

142 B
143 B
2
1

DNS Request

233.6.157.37.in-addr.arpa

DNS Request

233.6.157.37.in-addr.arpa
8.8.8.8:53

90.8.184.185.in-addr.arpa

dns

142 B
113 B
2
1

DNS Request

90.8.184.185.in-addr.arpa

DNS Request

90.8.184.185.in-addr.arpa
8.8.8.8:53

84.211.89.185.in-addr.arpa

dns

144 B
133 B
2
1

DNS Request

84.211.89.185.in-addr.arpa

DNS Request

84.211.89.185.in-addr.arpa
8.8.8.8:53

8.150.197.169.in-addr.arpa

dns

144 B
102 B
2
1

DNS Request

8.150.197.169.in-addr.arpa

DNS Request

8.150.197.169.in-addr.arpa
8.8.8.8:53

95.142.31.50.in-addr.arpa

dns

142 B
101 B
2
1

DNS Request

95.142.31.50.in-addr.arpa

DNS Request

95.142.31.50.in-addr.arpa
8.8.8.8:53

145.44.71.52.in-addr.arpa

dns

142 B
125 B
2
1

DNS Request

145.44.71.52.in-addr.arpa

DNS Request

145.44.71.52.in-addr.arpa
8.8.8.8:53

34.1.166.69.in-addr.arpa

dns

140 B
132 B
2
1

DNS Request

34.1.166.69.in-addr.arpa

DNS Request

34.1.166.69.in-addr.arpa
8.8.8.8:53

161.153.146.124.in-addr.arpa

dns

148 B
162 B
2
1

DNS Request

161.153.146.124.in-addr.arpa

DNS Request

161.153.146.124.in-addr.arpa
8.8.8.8:53

211.253.186.35.in-addr.arpa

dns

146 B
126 B
2
1

DNS Request

211.253.186.35.in-addr.arpa

DNS Request

211.253.186.35.in-addr.arpa
51.75.86.98:443

onetag-sys.com

https

msedge.exe

6.9kB
5
8.8.8.8:53

ib.adnxs.com

dns

msedge.exe

116 B
622 B
2
2

DNS Request

ib.adnxs.com

DNS Request

ib.adnxs.com

DNS Response

185.89.210.90

185.89.210.180

185.89.211.12

185.89.210.46

185.89.211.116

185.89.210.20

185.89.210.153

185.89.210.141

185.89.210.212

185.89.210.244

185.89.210.122

185.89.211.84

DNS Response

185.89.210.90

185.89.210.180

185.89.211.12

185.89.210.46

185.89.211.116

185.89.210.20

185.89.210.153

185.89.210.141

185.89.210.212

185.89.210.244

185.89.210.122

185.89.211.84
8.8.8.8:53

ce.lijit.com

dns

msedge.exe

116 B
550 B
2
2

DNS Request

ce.lijit.com

DNS Request

ce.lijit.com

DNS Response

52.18.81.199

52.208.110.223

34.246.118.212

52.16.5.90

52.50.177.153

34.242.0.137

52.214.8.205

52.209.217.26

DNS Response

52.50.177.153

52.209.217.26

54.155.46.140

52.214.8.205

34.242.0.137

52.48.98.218

34.248.19.205

54.72.52.169
8.8.8.8:53

ssp.disqus.com

dns

msedge.exe

120 B
490 B
2
2

DNS Request

ssp.disqus.com

DNS Request

ssp.disqus.com

DNS Response

54.92.234.85

34.203.46.26

3.230.35.233

18.211.88.58

3.215.148.169

3.222.70.158

54.243.61.221

34.197.250.40

DNS Response

54.92.234.85

34.203.46.26

3.230.35.233

18.211.88.58

3.215.148.169

3.222.70.158

54.243.61.221

34.197.250.40
8.8.8.8:53

ads.dxkulture.com

dns

msedge.exe

126 B
214 B
2
2

DNS Request

ads.dxkulture.com

DNS Request

ads.dxkulture.com

DNS Response

45.55.126.71

DNS Response

45.55.126.71
8.8.8.8:53

sync-eu.connectad.io

dns

msedge.exe

132 B
114 B
2
1

DNS Request

sync-eu.connectad.io

DNS Request

sync-eu.connectad.io

DNS Response

104.22.54.206

104.22.55.206

172.67.8.174
8.8.8.8:53

image8.pubmatic.com

dns

msedge.exe

130 B
284 B
2
2

DNS Request

image8.pubmatic.com

DNS Request

image8.pubmatic.com

DNS Response

185.64.190.79

DNS Response

185.64.190.79
8.8.8.8:53

match.sharethrough.com

dns

msedge.exe

68 B
233 B
1
1

DNS Request

match.sharethrough.com

DNS Response

18.158.75.183

3.122.73.140

52.28.186.109

52.29.151.147

54.93.196.121

3.122.11.77

18.197.241.118

52.59.69.244
8.8.8.8:53

ssbsync-global.smartadserver.com

dns

msedge.exe

78 B
359 B
1
1

DNS Request

ssbsync-global.smartadserver.com

DNS Response

81.17.55.122

81.17.55.108

81.17.55.170

89.149.192.196

89.149.192.75

89.149.192.245

89.149.192.244

81.17.55.123

81.17.55.109

81.17.55.171

89.149.192.76

89.149.192.197
8.8.8.8:53

sync.mathtag.com

dns

msedge.exe

62 B
137 B
1
1

DNS Request

sync.mathtag.com

DNS Response

216.200.232.253

74.121.140.211

216.200.232.249
8.8.8.8:53

hbx.media.net

dns

msedge.exe

118 B
150 B
2
2

DNS Request

hbx.media.net

DNS Request

hbx.media.net

DNS Response

23.44.232.24

DNS Response

23.44.232.24
34.36.216.150:443

pixel-sync.sitescout.com

https

msedge.exe

2.2kB
4.1kB
6
8
8.8.8.8:53

prebid-server.rubiconproject.com

dns

msedge.exe

78 B
187 B
1
1

DNS Request

prebid-server.rubiconproject.com

DNS Response

213.19.162.71
8.8.8.8:53

117.174.228.46.in-addr.arpa

dns

73 B
133 B
1
1

DNS Request

117.174.228.46.in-addr.arpa
8.8.8.8:53

67.97.40.145.in-addr.arpa

dns

71 B
136 B
1
1

DNS Request

67.97.40.145.in-addr.arpa
8.8.8.8:53

231.149.71.3.in-addr.arpa

dns

71 B
136 B
1
1

DNS Request

231.149.71.3.in-addr.arpa
8.8.8.8:53

199.81.18.52.in-addr.arpa

dns

71 B
133 B
1
1

DNS Request

199.81.18.52.in-addr.arpa
8.8.8.8:53

85.234.92.54.in-addr.arpa

dns

71 B
125 B
1
1

DNS Request

85.234.92.54.in-addr.arpa
8.8.8.8:53

71.126.55.45.in-addr.arpa

dns

71 B
138 B
1
1

DNS Request

71.126.55.45.in-addr.arpa
8.8.8.8:53

67.108.203.18.in-addr.arpa

dns

72 B
135 B
1
1

DNS Request

67.108.203.18.in-addr.arpa
8.8.8.8:53

79.190.64.185.in-addr.arpa

dns

144 B
264 B
2
2

DNS Request

79.190.64.185.in-addr.arpa

DNS Request

79.190.64.185.in-addr.arpa
35.186.253.211:443

rtb.openx.net

https

msedge.exe

5.4kB
5.9kB
13
13
8.8.8.8:53

24.105.202.67.in-addr.arpa

dns

216 B
125 B
3
1

DNS Request

24.105.202.67.in-addr.arpa

DNS Request

24.105.202.67.in-addr.arpa

DNS Request

24.105.202.67.in-addr.arpa
8.8.8.8:53

183.75.158.18.in-addr.arpa

dns

216 B
138 B
3
1

DNS Request

183.75.158.18.in-addr.arpa

DNS Request

183.75.158.18.in-addr.arpa

DNS Request

183.75.158.18.in-addr.arpa
8.8.8.8:53

253.232.200.216.in-addr.arpa

dns

222 B
74 B
3
1

DNS Request

253.232.200.216.in-addr.arpa

DNS Request

253.232.200.216.in-addr.arpa

DNS Request

253.232.200.216.in-addr.arpa
8.8.8.8:53

24.232.44.23.in-addr.arpa

dns

213 B
135 B
3
1

DNS Request

24.232.44.23.in-addr.arpa

DNS Request

24.232.44.23.in-addr.arpa

DNS Request

24.232.44.23.in-addr.arpa
8.8.8.8:53

71.162.19.213.in-addr.arpa

dns

216 B
72 B
3
1

DNS Request

71.162.19.213.in-addr.arpa

DNS Request

71.162.19.213.in-addr.arpa

DNS Request

71.162.19.213.in-addr.arpa
8.8.8.8:53

dblksync.dblks.net

dns

msedge.exe

128 B
96 B
2
1

DNS Request

dblksync.dblks.net

DNS Request

dblksync.dblks.net

DNS Response

104.21.49.210

172.67.193.140
8.8.8.8:53

idsync.rlcdn.com

dns

msedge.exe

124 B
156 B
2
2

DNS Request

idsync.rlcdn.com

DNS Request

idsync.rlcdn.com

DNS Response

35.244.174.68

DNS Response

35.244.174.68
8.8.8.8:53

210.49.21.104.in-addr.arpa

dns

144 B
134 B
2
1

DNS Request

210.49.21.104.in-addr.arpa

DNS Request

210.49.21.104.in-addr.arpa
8.8.8.8:53

68.174.244.35.in-addr.arpa

dns

144 B
124 B
2
1

DNS Request

68.174.244.35.in-addr.arpa

DNS Request

68.174.244.35.in-addr.arpa
35.190.80.1:443

a.nel.cloudflare.com

https

msedge.exe

5.3kB
2.3kB
8
6
35.186.253.211:443

rtb.openx.net

https

msedge.exe

7.0kB
8.2kB
69
80
8.8.8.8:53

122.55.17.81.in-addr.arpa

dns

142 B
268 B
2
2

DNS Request

122.55.17.81.in-addr.arpa

DNS Request

122.55.17.81.in-addr.arpa
8.8.8.8:53

ads.pubmatic.com

dns

msedge.exe

186 B
145 B
3
1

DNS Request

ads.pubmatic.com

DNS Request

ads.pubmatic.com

DNS Request

ads.pubmatic.com

DNS Response

96.16.109.9
35.244.159.8:443

us-u.openx.net

https

msedge.exe

7.6kB
12.8kB
74
74
8.8.8.8:53

48.229.111.52.in-addr.arpa

dns

144 B
316 B
2
2

DNS Request

48.229.111.52.in-addr.arpa

DNS Request

48.229.111.52.in-addr.arpa
8.8.8.8:53

eb2.3lift.com

dns

msedge.exe

118 B
224 B
2
2

DNS Request

eb2.3lift.com

DNS Request

eb2.3lift.com

DNS Response

13.248.245.213

76.223.111.18

DNS Response

13.248.245.213

76.223.111.18
8.8.8.8:53

prebid-match.dotomi.com

dns

msedge.exe

138 B
145 B
2
1

DNS Request

prebid-match.dotomi.com

DNS Request

prebid-match.dotomi.com

DNS Response

63.215.202.172
8.8.8.8:53

rtb.openx.net

dns

msedge.exe

118 B
182 B
2
2

DNS Request

rtb.openx.net

DNS Request

rtb.openx.net

DNS Response

35.186.253.211

35.227.252.103

DNS Response

35.186.253.211

35.227.252.103
8.8.8.8:53

ap.lijit.com

dns

msedge.exe

116 B
620 B
2
2

DNS Request

ap.lijit.com

DNS Request

ap.lijit.com

DNS Response

34.241.235.21

54.76.67.130

54.171.115.220

52.51.133.117

52.49.50.56

34.249.26.20

52.17.188.161

54.76.233.138

DNS Response

52.30.255.45

52.17.165.98

52.19.161.39

52.19.77.215

99.80.209.81

54.246.138.33

54.76.67.130

54.247.62.209
8.8.8.8:53

ups.analytics.yahoo.com

dns

msedge.exe

138 B
508 B
2
2

DNS Request

ups.analytics.yahoo.com

DNS Request

ups.analytics.yahoo.com

DNS Response

3.71.149.231

3.75.62.37

DNS Response

3.75.62.37

3.71.149.231
8.8.8.8:53

match.sharethrough.com

dns

msedge.exe

136 B
233 B
2
1

DNS Request

match.sharethrough.com

DNS Request

match.sharethrough.com

DNS Response

18.197.241.118

18.153.34.228

52.29.151.147

18.158.75.183

52.59.69.244

3.122.73.140

3.122.11.77

52.28.186.109
8.8.8.8:53

rtb.gumgum.com

dns

msedge.exe

120 B
188 B
2
1

DNS Request

rtb.gumgum.com

DNS Request

rtb.gumgum.com

DNS Response

52.208.188.224

54.220.54.244

52.213.137.156

52.19.81.220

52.211.35.42

79.125.101.2

52.51.111.200

52.215.125.147
8.8.8.8:53

sync.mathtag.com

dns

msedge.exe

124 B
274 B
2
2

DNS Request

sync.mathtag.com

DNS Request

sync.mathtag.com

DNS Response

216.200.232.253

216.200.232.249

74.121.140.211

DNS Response

216.200.232.249

74.121.140.211

216.200.232.253
8.8.8.8:53

hbx.media.net

dns

msedge.exe

118 B
150 B
2
2

DNS Request

hbx.media.net

DNS Request

hbx.media.net

DNS Response

23.44.232.24

DNS Response

23.44.232.24
8.8.8.8:53

tg.socdm.com

dns

msedge.exe

116 B
732 B
2
2

DNS Request

tg.socdm.com

DNS Request

tg.socdm.com

DNS Response

211.120.53.204

124.146.153.164

211.120.53.202

124.146.153.163

211.120.53.205

124.146.153.169

124.146.153.167

124.146.153.165

211.120.53.201

124.146.153.166

124.146.153.168

124.146.153.160

211.120.53.203

211.120.53.200

211.120.53.206

124.146.153.162

124.146.153.161

124.146.153.170

DNS Response

211.120.53.202

124.146.153.162

124.146.153.164

124.146.153.169

211.120.53.201

124.146.153.170

211.120.53.204

124.146.153.167

211.120.53.206

124.146.153.160

211.120.53.200

124.146.153.161

124.146.153.165

211.120.53.205

124.146.153.163

211.120.53.203

124.146.153.166

124.146.153.168
8.8.8.8:53

secure-assets.rubiconproject.com

dns

msedge.exe

156 B
366 B
2
2

DNS Request

secure-assets.rubiconproject.com

DNS Request

secure-assets.rubiconproject.com

DNS Response

23.215.239.190

DNS Response

23.215.239.190
8.8.8.8:53

secure.adnxs.com

dns

msedge.exe

62 B
235 B
1
1

DNS Request

secure.adnxs.com

DNS Response

37.252.171.149

37.252.171.53

37.252.172.123

37.252.171.85

37.252.171.52

37.252.173.215

37.252.171.21
8.8.8.8:53

sync.srv.stackadapt.com

dns

msedge.exe

138 B
394 B
2
2

DNS Request

sync.srv.stackadapt.com

DNS Request

sync.srv.stackadapt.com

DNS Response

54.166.93.240

54.175.28.36

54.160.228.160

54.174.97.40

54.144.120.173

52.73.237.27

54.156.231.188

54.162.77.126

DNS Response

54.166.93.240

54.175.28.36

54.160.228.160

54.174.97.40

54.144.120.173

52.73.237.27

54.156.231.188

54.162.77.126
8.8.8.8:53

sync.ipredictive.com

dns

msedge.exe

132 B
388 B
2
2

DNS Request

sync.ipredictive.com

DNS Request

sync.ipredictive.com

DNS Response

52.71.44.145

52.87.49.60

54.144.94.27

52.70.187.13

52.44.255.182

54.166.159.113

54.158.243.155

54.159.66.10

DNS Response

54.144.94.27

54.166.159.113

54.158.243.155

52.44.255.182

52.70.187.13

52.44.19.224

54.159.66.10

54.158.64.147
8.8.8.8:53

b1sync.zemanta.com

dns

msedge.exe

128 B
327 B
2
2

DNS Request

b1sync.zemanta.com

DNS Request

b1sync.zemanta.com

DNS Response

64.74.236.95

DNS Response

64.202.112.159
8.8.8.8:53

ssbsync.smartadserver.com

dns

msedge.exe

142 B
756 B
2
2

DNS Request

ssbsync.smartadserver.com

DNS Request

ssbsync.smartadserver.com

DNS Response

81.17.55.109

89.149.192.244

89.149.192.196

89.149.192.76

81.17.55.122

89.149.192.245

89.149.192.197

81.17.55.170

81.17.55.171

81.17.55.108

89.149.192.75

81.17.55.123

DNS Response

81.17.55.109

89.149.192.244

89.149.192.196

89.149.192.76

81.17.55.122

89.149.192.245

89.149.192.197

81.17.55.170

81.17.55.171

81.17.55.108

89.149.192.75

81.17.55.123
8.8.8.8:53

eus.rubiconproject.com

dns

msedge.exe

136 B
165 B
2
1

DNS Request

eus.rubiconproject.com

DNS Request

eus.rubiconproject.com

DNS Response

2.17.5.216
8.8.8.8:53

109.55.17.81.in-addr.arpa

dns

142 B
134 B
2
1

DNS Request

109.55.17.81.in-addr.arpa

DNS Request

109.55.17.81.in-addr.arpa
8.8.8.8:53

149.171.252.37.in-addr.arpa

dns

73 B
134 B
1
1

DNS Request

149.171.252.37.in-addr.arpa
8.8.8.8:53

240.93.166.54.in-addr.arpa

dns

72 B
127 B
1
1

DNS Request

240.93.166.54.in-addr.arpa
8.8.8.8:53

204.53.120.211.in-addr.arpa

dns

73 B
132 B
1
1

DNS Request

204.53.120.211.in-addr.arpa
8.8.8.8:53

95.236.74.64.in-addr.arpa

dns

71 B
101 B
1
1

DNS Request

95.236.74.64.in-addr.arpa
8.8.8.8:53

198.233.247.34.in-addr.arpa

dns

73 B
137 B
1
1

DNS Request

198.233.247.34.in-addr.arpa
8.8.8.8:53

api.ipify.org

dns

UnbanMe.exe

118 B
214 B
2
2

DNS Request

api.ipify.org

DNS Request

api.ipify.org

DNS Response

172.67.74.152

104.26.12.205

104.26.13.205

DNS Response

172.67.74.152

104.26.13.205

104.26.12.205
8.8.8.8:53

152.74.67.172.in-addr.arpa

dns

144 B
134 B
2
1

DNS Request

152.74.67.172.in-addr.arpa

DNS Request

152.74.67.172.in-addr.arpa
8.8.8.8:53

27.73.42.20.in-addr.arpa

dns

140 B
312 B
2
2

DNS Request

27.73.42.20.in-addr.arpa

DNS Request

27.73.42.20.in-addr.arpa
8.8.8.8:53

ads.pubmatic.com

dns

msedge.exe

124 B
290 B
2
2

DNS Request

ads.pubmatic.com

DNS Request

ads.pubmatic.com

DNS Response

96.16.109.9

DNS Response

96.16.109.9

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4d6e17218d9a99976d1a14c6f6944c96

SHA1
9e54a19d6c61d99ac8759c5f07b2f0d5faab447f

SHA256
32e343d2794af8bc6f2f7c905b5df11d53db4ad8922b92ad5e7cc9c856509d93

SHA512
3fa166b3e2d1236298d8dda7071a6fcf2bde283f181b8b0a07c0bb8ba756d6f55fa8a847ca5286d4dbabc6dace67e842a118866320ac01bd5f93cccd3a032e47

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\6ef160a9-e4ea-4e09-87e9-777704fd9b3e.tmp

Filesize
5KB

MD5
ab66cba39d10115971e13b573305645e

SHA1
fd92cfb37c36ea8b41d6976a29febc2374b2db6c

SHA256
0475bf2ab7beb90818a1c923ceedf64d328f1071bd30ee6b4895737c1e6822f4

SHA512
2bb4e96a1f54b8b262d754027e82e94ee15e11e1235f19e188f527e87951078c2762b77bc131f81b6d24772bdd9b4e02a98231adda76f1a3b7159d02e696ba07

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

Filesize
91KB

MD5
6da525a2a71789dd5c6cfe2e7159d21b

SHA1
f369f9f61577a6f4a4e249cada302d705d24bf4f

SHA256
0221311822d2336470fb6722a0b2cc15719642b069a822921736744ad107a926

SHA512
2f77a12fc5b1d048902daefca7b4813c074806d5ee49faeef57eea38fa95786ddbe8c3cfd73c41b5aca122effefb815a369d30ed66ffac3ad7df63d24e74aead

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
30KB

MD5
7808e0e4b7a714230373852158500533

SHA1
4a79d18722a68a2f38d52e2d3a11b550bdd30b3c

SHA256
8ba5796bee6a065b8b31895e7e8d59ba564cfd36d2ce056e327588e67736f054

SHA512
ff9896a0599d770d54b86a875ce98135c5aa077ff19f2be6e075146b8501d92b874361dc8701a18ef4c14ab5400a7a48c928e069e8f05c36d6f6a408b90664f0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
124KB

MD5
136541ed5a617a3ece7e447b6b1d9bf6

SHA1
a8936a0e0e53a42e877cf0dd59184055b77c9fa0

SHA256
940a929e3538d170fc84169b976e4f52c1a01b66264a316797bc19a2fc94799d

SHA512
5ca950944410682a782658e3678e421b637c772c8054f4ee9079a1bda0dec4661c030564062522ea48208ff6e57cf476ffc6c79df8b0fc4a773b57893ad63fd0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
28KB

MD5
04378818418c43bc31e04cb29809eea4

SHA1
1b6ffe8ac3c9caa59e1246658dda944596e411a5

SHA256
0d0145d7bec937d967580cf5b681285036a3de9ed29a440a47b6fdb98dbf8457

SHA512
832917dad66820183763355a51d23598397dc7b4b23aac15dca95ef45998aac4db94f9a09fc209fb43bac2603a1d24e64ebdee29969e34a66cfd393b1284bf1e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
136KB

MD5
9174e0bf41ae55e427f491139b73d70a

SHA1
0d7446e86cc72bc514d282bb8f0a730ade0c4f39

SHA256
378e3bb7735e8f3cbece7db82211689b1333bae0348bcac42a893bf43b020749

SHA512
447b3c754ab99e54ad37ae993ae36ffe40b62908985cbd96d3fe1d049073fcc07182dccf87464a6a06d615e9d8b0772fc59e198485acb9e746093cfce6cc59ee

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

Filesize
73KB

MD5
b8e270464e9be32f82becf211dfbd948

SHA1
ffa213c4bc84d3be93cdae30259eae9cd3ac0e3d

SHA256
d156b5e2824f93537a7a602d96457634ccb1e8df7c5d81a74b6eee8e550cc8a9

SHA512
c06443682511814d4e9c02d571508abc93e799c8181410cc20e719c29b3d8f0807ce4b86439a66dcc91fe20a91e66daf28794fca06f270012ee415f2b4fe49d7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

Filesize
25KB

MD5
b6eabce1ca89cd9c4e328e8455199cd8

SHA1
0d450470d87a56363122763f46042cb5e20a44d3

SHA256
22b546aafc021b918993b28bca3ccbb89e54d3a93d8d77d2410c3b0668ba3888

SHA512
2cd44882a133e7dab8fd859a900d864431fba074f82a0f709809b203884fbab9ef5d6ac6a46e08d5b6ed50cc02c12934c3aefdec4cd6e1fea797ef0b0fac7688

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

Filesize
25KB

MD5
c0cf3ee0d8e9c832cbeafbee996bed47

SHA1
15d36c5263f4a999e8c2f6626a979540dff85ff5

SHA256
c210000720eff4a9cc08da70cfe3120e13e222664f8dc9a7c277bbd2e56ba6b6

SHA512
bc97fc0d6bcbc55f5663ec12aef8642f1f4b23ee818ba13c4fe35d593443c51327e14226ac957895bb6f9b2f79bbac7cfb6a487ae972f4cfc5a454303bf8196c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

Filesize
34KB

MD5
66364083710acc713ffdecd80d4e873e

SHA1
9d6e24d62a8b13cde95625c2c3495653a812b3bf

SHA256
0cc13fb1ab422eb3a841261e5fbbe9b96ddcd7ed3a6200f8d0a6a856d8c7fe63

SHA512
e74d9ab3e5676684d5c10cdae8de47d7d25e8a155a9a50f2d55e7a6018d040a5bb0971174727171ec4b7f99cd4ac2659b2d533a9152db4720bddbab973053f5c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
5860b6a75e46eccc7a3b754d7a183bb1

SHA1
a111fb9eb8df60cf4bd6de962d9088849be1199a

SHA256
7e6fb393fcc40f7efaac47b2aa2b6c33feb03d48463b37df1907238ae7472d3a

SHA512
ed88f61b698249ba4f56d44c63a5c7c740ae7dd93cd748a06bd3b7686724db9344d51285c8f35edc71a71dc1b6215d013041bf02efe6fa774c7af9c020b3e83e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
9KB

MD5
48ec419098197fbafe14f4607cd4b734

SHA1
4279e1c2b8747aa5ed62e050d905d153bc359391

SHA256
ebd4ec3f9591081bac97908fa3e136cd88fa9e15ab1f3979c1e0ada8dea89d0f

SHA512
ae67b47a532ce16d78c99146419f6cb1d6f791f93a646d905feb916c2bd357b91bb03a2f4b9b612d5c157c1ae40c2cd939fc670d3a1e3ff7dd8ef2e4d8bf8069

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
9KB

MD5
84fb9ebb21fc32e3b5d1f69b5e8e3ef0

SHA1
9917665507ae063d3955afadbe047e6a53a68f31

SHA256
7af430957d9017b225b0611e138d9d70e05b17e5a69f18d4450f639896cd47c1

SHA512
a2faa95171be975ae830fe9a92a338c01bc1c00bcd4ece906d9c45945aa4fa4234ed8d983ce7b4e91378a295e175b2549c86a221407952929958a0e5fb81747b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
35cf524331f116e914250dbe9d6fdd47

SHA1
a3f288e2366a8c750590258645a0f32a713d373c

SHA256
9682834bbcdc55db70e67b16ec66aea44ea3222774cfe387b109a0e4b479b89e

SHA512
9e03979c6ee0740bd6113b9b9262e2e29f8a61d312adfa3f49f6c7126a0ea5ad9f2b9b524a12ee4a700460f1f32a373c9946601a897d04a81cb2ca68c735729a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
296bde434ac6ed986b4984054ffc6a0f

SHA1
541432df224611b973dc997a22e10caab06da677

SHA256
20e138f833b171e9f49341548cebd7b897831be2d82a9954402eca9480f2439c

SHA512
487acaa373bc3511525e006aae88ef987cb831720310a0404ebae56dfa82141b70cf7ee46919f1fe38ae6940bd849a69ff756a724a8595eaa1b326e72928b399

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
ed3afe85bc45a2a7d8573e8739fae3f8

SHA1
48f6ac1db9dd8abb67a3086edf6440b1fcf61679

SHA256
c7dbd2a816c93a476aadd9846418c7bbfea0d848bdccaa83de7e6ba3b07677d6

SHA512
02f92220865ca63984c4e6f25e7d0fd3ef2a9958e15080391aca08d665af1d119eb2223af145ec8dd3af090749fd38b7ab6c0809a322bae6286debdc28a5c184

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
21252e7a2d09445f54f3e5dcc01bee69

SHA1
81109dba5e608018274486da207c88908dddb15a

SHA256
4532217af194a98888c40ce5eed33aa9c2946f67d3d86be5010c42db4a026893

SHA512
eb7949e93c0468c1cc1f2800be52b38f3c4b52e660cf8fb68ef6fa2dabc922d964127fa83c18bae544b5c5872d5c1459d264f2c77a3f1b17b8906e8e7761ab67

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
14KB

MD5
9a66c029c193f532f7c8b2d1a81dab83

SHA1
31b4ccadd40cfc1c10a97a74cf4844f84600d50a

SHA256
46a107f4afb94ac81deae6b670b82aec63139b330b2d73f0d026d513a68d4f25

SHA512
9452fd16b9f16b11e959e781e4251ed0f5f2b15d5585472407c4a46649c544b712f82de03381bc8a5b78bdaeab2ee41eabf2ace561fbc7260f07632f2b8d06d3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
24KB

MD5
c2ef1d773c3f6f230cedf469f7e34059

SHA1
e410764405adcfead3338c8d0b29371fd1a3f292

SHA256
185450d538a894e4dcf55b428f506f3d7baa86664fbbc67afd6c255b65178521

SHA512
2ef93803da4d630916bed75d678382fd1c72bff1700a1a72e2612431c6d5e11410ced4eaf522b388028aeadb08e8a77513e16594e6ab081f6d6203e4caa7d549

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\1ba000ec2cec543c4e27228d4cd4aef8ae1e8408\7dfd6da9-6ff9-4c54-9e84-9dd30ca35bb6\index-dir\the-real-index

Filesize
72B

MD5
e38bfbf6059e14d17d06970658c44524

SHA1
236f998cf2df08793193f4a2c7021f0d47dc6560

SHA256
cd80af7c5b788d442a75111be16eecc805caaff1df9b7e4378396830a5617b35

SHA512
8ad6d1325cbd569533b3defd5631c7712e06b8989c22c30f6bdc9df79c68dc0a4b42140889468058f909b44a0c7fa2e331f8ca132b765f0ec61426457aacfbeb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\1ba000ec2cec543c4e27228d4cd4aef8ae1e8408\7dfd6da9-6ff9-4c54-9e84-9dd30ca35bb6\index-dir\the-real-index

Filesize
72B

MD5
c5a0b2e2e7bfcd845ba1f73849e72724

SHA1
9a5b51238f826e9553ce215efd23b4b8777d3268

SHA256
9aea3a3ef726491dcae50fd6dec0383be8a04ce0fa6e76fa68a42938b0387ef2

SHA512
0af8fe77d1327380753f38946a98019f8c4065894509a1d83cfc61b0f17d92980c523165836bfa5f634ec390b95c9d29f1af32636576bd11e3eed13687fc915d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\1ba000ec2cec543c4e27228d4cd4aef8ae1e8408\7dfd6da9-6ff9-4c54-9e84-9dd30ca35bb6\index-dir\the-real-index

Filesize
72B

MD5
e0cf575e6710ceda749c6cbc15f4ab8a

SHA1
402542a8512f6fefffe3d75cc4fcd0bc7a16ddd3

SHA256
647f83fb753a86c95c50df8d46d39a5bfc63e391faf179ea42e61ea47409618d

SHA512
ce2cf4d6267dd1447e53f7658b6fd1f54ad354787e220d8f575f6afda58e0b0556a7c8e7a33b96e3e0a72d672a23878a9f9f063ce8184715d780fd96c4a333e8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\1ba000ec2cec543c4e27228d4cd4aef8ae1e8408\7dfd6da9-6ff9-4c54-9e84-9dd30ca35bb6\index-dir\the-real-index~RFe585fbf.TMP

Filesize
48B

MD5
92c17737da7816c3fe7cfb4227408d75

SHA1
f93599786ef4e2c8496f0ea7096d97004c0857b9

SHA256
45acb0f4bc9be4594a610a629237173850b31825f145e7d00df437ef8087a413

SHA512
bb476d47f31c4e19d339457d3b9f91a20336be3d6907a8b803371b6d8dd116e20216750617466043634f7dd37848b6217f1b50ddefc5c9eade0654b0418d71cc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\1ba000ec2cec543c4e27228d4cd4aef8ae1e8408\index.txt

Filesize
70B

MD5
bfc6a5773d77b40335af6199b55b7bf8

SHA1
0889c64a7b82bdfbf9b7ddcfdedcca3a6284974c

SHA256
e5c53b114e47127bba60299ff9bed3e6d6078ee387d126c116017c73d7b60227

SHA512
391c635049cac800b3130cf4e849fc50a23455ab2397c6b7e05fa410d633249f756d82fee3af74985f4d69b17583d63796d989a303221e44aab11f65d83a42ee

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\1ba000ec2cec543c4e27228d4cd4aef8ae1e8408\index.txt

Filesize
76B

MD5
750eeb45c2d03ea2034bad8c56044b1a

SHA1
f05e1053930fde0fce3eda9800e7808e9c09c49e

SHA256
63cad804881cb707c65f4832d4a7eec0d75219f00334c52ffafc2375909b034b

SHA512
d4cabf8bb84f14abf865a3fdb2b01a9e539a1f8de35306553dc87d57fbe1cb0bf53ba601c2f5eff2670157ea55d8f0529e9f1e7346292bb4c5d01c4291dcb0ba

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0

Filesize
5KB

MD5
ffed70fcbf6fa023eb26227eff6dbcd4

SHA1
455564b5ee1ea6151463d08ad7b79b16f6ea10f8

SHA256
8e5f4cc51b226fe679862d58e01d07c090e36107173748616f21ff1213b659eb

SHA512
68d7177c45ff7d1187f703ac5f0a4ab87ec444a46319217619e288bd5f0b04aa0d28d53623904d44ca6a6177c4f4c526c5a8d534cdc5596ca17b8f6d852cc4fa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_1

Filesize
3KB

MD5
e722c8404be4880466936b762dc40ff9

SHA1
9ad258f7eb7763adbcb1917e72a8a4db4a89071c

SHA256
2ca5f4289eb207f49ca081edf7f49277570765788d46576323793fb9e1013a5e

SHA512
2c86b61586a602c5fa7269381a81b709136e66697cc71764d86697b2c42da6e5bd2a71d8cccec017e2e90b5120e2eecb20584fb02fb7eb0e4824fc71652b82fd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
58b138b171b35905fb03884460163527

SHA1
9699c5cca9924181105c207e295e9d0a4dd20315

SHA256
d6aeba31ec31885672d63046eb4c2920a121d5d5053d87d592c253a2612ff787

SHA512
69db0b5f799bffe1e6ba90d231db77d61729270bd86d4fc8d0f5933de5ac1ef852e427b952dc319589d6eab45494657b6aafcd11df5a0c150ab9790c0349482b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe58557e.TMP

Filesize
48B

MD5
2033ca8c33c723da0bb9396ccafc036e

SHA1
67c0d12f07d39fed4e6e59f7609ea7cbbc8da475

SHA256
c9ec4028066628f252f4d89c061295e103f824bc335c59f231f93ac7a101dc8e

SHA512
48ab6e8e62ffa51e2299111998d2049d699942f20f15106332aa3bbb29fe69556bfd8a97974a0fd0a5aa031b607255ac2a075ba86c867c6825684237686ffd82

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
bbb0581e046b16b37440e73e4cc5d870

SHA1
5e4ec805a9471b00ea169d825c7c5de75c6ba71c

SHA256
80d68f40bfda0a74a1d7f5727eff8802847f31eaff24f51bf1f13a205965c01f

SHA512
142df43e3f7b180e8f4642c68f248df7081aed4ae3c40ac3ed0b3bcf4088333c92d50ab1fdfe4e273b95984e0af352e6bcf3ecf1b9ea2302b5ee0aff93ca1568

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
b7c22344fb47dc43e54824ac9d5e607a

SHA1
70c3fcbc39aa75fb118b2d2e14f1d87f1c9f2f00

SHA256
37dddfd4f72d4eb02b794c47313cacdf76cab8c1ae15ff2b86e3c674ea4b180d

SHA512
4efc4ec59608ac4858ae323e1e88a24c6e8d7b132caba33356d8703452cdbbf6c15e8aa95a249d8a3b0896b3a6896ddfa2f24901a016cb04f1a0000053fd9b21

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
94e9e62828c5b29b9cd85b75430770c0

SHA1
edad05872feae04ce1e0d23967f083c74ca2afb9

SHA256
3a4500a4f6a3cc2d72f7f492c8ec2450a6aa550a0f8f4d7f74d590d3d918907f

SHA512
64acd6ca8a612c4f94bef2d15e1e899df6423d56f13a89d50b5fffc1a13a278ebea2734d415a11a15b76ccdf4d3a54ba7124999c7f930d6db86343a71d4022a5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
f042571d074aef0692726cf88f4be902

SHA1
1d0ac83800f6eb8f3d80db3510bb465a095414e0

SHA256
8413d62ab907c611ca006a6b71e7e6dacdb7d28a1f1b006d8761b3adcbdd8694

SHA512
91b415ad117d823fdff1bb60dae2f89d7beb3eba5140727e7a19043bed625d1d92b6e45aab7fdb97c7010adf7d0b8d7cb033170bf62fb543345370682a4ba162

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
a83894e8cc6377960c8d6b4763ea9da0

SHA1
5c81ebe371d4fdb0871ae42aa6e04456e18c94dc

SHA256
8d9ceefbd8fd9e492b4a4d8bb14e2c968e898880ec7b80bf03c6d82a96167a40

SHA512
b511bc87071a8b17df4ef6b11f153eb8a103b827caa4cd4757d17dc6e3d86b15f010c1d602c94c43c9293ea03b8099ddb6dc87593466889eea236f5da0783089

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
cb6f19f8ac67cc54ef5b21892aa68a28

SHA1
578f331500b4d5077706191e9efecc195968c650

SHA256
13c56f380f01a9e8a3d3ddb9cda2ecf047e231391d0b6fc1fad7a9f7215c9037

SHA512
69918306aa35744c2522158adcd4acfe5f2f95a3d6ca750f4994435e0e9ff82cbfec900edb30bd20cf5b04840933aa2d3880d70e81151014e9c3bd259a20be81

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
91ebd199c9870d3f260534887e2fafa1

SHA1
3c6f04ecb389bb7011ede5ef002136e7ee1c04b7

SHA256
f8147b8118ee4348f63331f8490f126eb20722ccd1421d376dcfc7bbdc7f186a

SHA512
077c95f4513db5aa3b444f2e7c6792afd9e8fca61ef85522fb8eb645057d4ea6d856241a3c07b92bceb62f8f014207025ea56709ef500aa804274978b19bcd62

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
54de576ba950c559042119fa7eabd858

SHA1
f95d78c84eb72c3864fba2d0ac59e81f9536b991

SHA256
ee3b7a4a2aefde4625b611a2c15b2ec17734d2323e3eef81e1c7a1122739f634

SHA512
30400c7d901ace01edb840b1688e000921734a5e67726e5b7524e91bc78cb4d5bffad8bed76e5547858672ab7918c87aac7b9273c97c4d251d3233db1cd89274

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57b92e.TMP

Filesize
1KB

MD5
d09f9727af614240256d39d4ea13b30e

SHA1
03a961d5ae90d2657eb8a32e911e0a80774eb6fa

SHA256
ed65460f30752c5939e055d4d2a14eb6299e7b33f2839ba2fb7e15ea462d4095

SHA512
4843bef356b29f8b3df79060f14b6ce91af1c3fc93f4b4b4a69518ba0844fdc6d64d52bf6dbfd79aa9bbabe548693459a8ac919354429c959794dc40b38ab953

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
bc6cba64664a64c447d39588a47bbd04

SHA1
e4169de145843d25f11b4325c2deafa53e31ea54

SHA256
a82c43aaf546966deaf3353e454d82632b65ade1a35815b5398144c9dc215d8a

SHA512
a88340315b1f2e7ab9568a129ea9e3589c9609e99553aaa25f4734cecf2e2f48a6596eb35ee9d844129bc6c81be8d081bb6b02ae0cad3fb5c5f1d6062beebd06

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
7fe32174232c0c37eba113fb136a488c

SHA1
2e8c74d4ad1b457caf850f5cf004cbc59b408c55

SHA256
f427bfa8f48d85169d3442dff9f4ebfa9e8d6deab183df6e2ee3e250d04d9a62

SHA512
494b07df345bb816ac5ad3f8fda1c62b7dd4dd0c1b151aa0e3508492e16be3af8fce0256bc53d4e2fde1636250d817020c6793818c7b1af4043f384a35e13842

Download Submit
C:\Users\Admin\Downloads\UnbanMe_[unknowncheats.me]_\UnbanMe\5431d988.exe

Filesize
140KB

MD5
bb1ad21ff22b5c5a119029ff404b2b73

SHA1
8ede218382c074f272dfaacbddc7bfe8de93139e

SHA256
f57213211f76cfa293dc38a886b62283bf97b79cd6df4610e779295382a0d399

SHA512
5e59c3eaac37829fb88133c909afdc760427ce8063c801e9b3fa38ff36d1dfa4b1fa3b5e7cadec8f69dc41748f805c34bf657d7be9c2a35970eb76cf6a7e4386

Download Submit
C:\Users\Admin\Downloads\Unconfirmed 468590.crdownload

Filesize
564KB

MD5
73641a1a0c4e7ec7f3efbeda80214784

SHA1
cabeb693c99048cdb20668c723797f8edb2dd5e7

SHA256
fb73d82fd14f66605d94ccff65fcb6380f166ab930f3032b20b43c9f9f601443

SHA512
0eeea40df82168df7593c86f141808b1ad7fd7e32b68119a712786336473ccb313702069b0fea0169cd94bb137cfcc38dde69e18825c4aa89cbbc29f237fe0f3

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request