ref-lek-ti-one-rom-val.blog Open in urlscan Pro
192.0.78.25 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ref-lek-ti-one-rom-val.blog/
Effective URL:
https://ref-lek-ti-one-rom-val.blog/
Submission Tags: @phish_report
Submission: On January 29 via api (January 29th 2024, 8:50:31 pm UTC) from FI — Scanned from NZ

Summary HTTP 146 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 47 IPs in 9 countries across 51 domains to perform 146 HTTP transactions. The main IP is 192.0.78.25, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is ref-lek-ti-one-rom-val.blog.
TLS certificate: Issued by R3 on January 29th 2024. Valid for: 3 months.

This is the only time ref-lek-ti-one-rom-val.blog was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	192.0.78.25 192.0.78.25	2635 (AUTOMATTIC) (AUTOMATTIC)
18	192.0.77.32 192.0.77.32	2635 (AUTOMATTIC) (AUTOMATTIC)
1	23.55.38.27 23.55.38.27	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
23	184.169.159.105 184.169.159.105	16509 (AMAZON-02) (AMAZON-02)
2	2404:6800:400... 2404:6800:4006:809::2008	15169 (GOOGLE) (GOOGLE)
1	192.0.78.22 192.0.78.22	2635 (AUTOMATTIC) (AUTOMATTIC)
3 5	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
8	23.198.59.89 23.198.59.89	16625 (AKAMAI-AS) (AKAMAI-AS)
1	192.0.78.19 192.0.78.19	2635 (AUTOMATTIC) (AUTOMATTIC)
1	67.199.150.80 67.199.150.80	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	192.0.77.38 192.0.77.38	2635 (AUTOMATTIC) (AUTOMATTIC)
1 1	23.106.127.56 23.106.127.56	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
6 6	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 9	72.34.250.75 72.34.250.75	27630 (AS-XFERNET) (AS-XFERNET)
6 6	13.228.126.19 13.228.126.19	16509 (AMAZON-02) (AMAZON-02)
1 1	23.106.127.38 23.106.127.38	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
1 2	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8 8	67.202.105.22 67.202.105.22	32748 (STEADFAST) (STEADFAST)
1 3	67.202.105.33 67.202.105.33	32748 (STEADFAST) (STEADFAST)
1	2606:2800:10c... 2606:2800:10c:84af:88cd:a4c9:e204:b71d	15133 (EDGECAST) (EDGECAST)
1 1	67.202.105.31 67.202.105.31	32748 (STEADFAST) (STEADFAST)
1 1	34.215.225.192 34.215.225.192	16509 (AMAZON-02) (AMAZON-02)
1 1	20.127.253.7 20.127.253.7	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4 7	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
1 1	2600:9000:208... 2600:9000:2083:cc00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.115.174.0 13.115.174.0	16509 (AMAZON-02) (AMAZON-02)
1	151.101.1.108 151.101.1.108	54113 (FASTLY) (FASTLY)
6	23.204.65.234 23.204.65.234	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.204.64.24 23.204.64.24	16625 (AKAMAI-AS) (AKAMAI-AS)
4 6	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	23.204.65.54 23.204.65.54	16625 (AKAMAI-AS) (AKAMAI-AS)
14 21	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	35.71.178.8 35.71.178.8	16509 (AMAZON-02) (AMAZON-02)
4 5	103.43.90.53 103.43.90.53	29990 (ASN-APPNEX) (ASN-APPNEX)
1	207.65.33.83 207.65.33.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 4	103.43.90.21 103.43.90.21	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	2603:c020:400... 2603:c020:400d:3000:b5b3:7157:5b47:80e4	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
2	67.199.150.85 67.199.150.85	62713 (AS-PUBMATIC) (AS-PUBMATIC)
12	54.238.120.71 54.238.120.71	16509 (AMAZON-02) (AMAZON-02)
2 2	54.156.106.93 54.156.106.93	14618 (AMAZON-AES) (AMAZON-AES)
2 2	3.213.224.25 3.213.224.25	14618 (AMAZON-AES) (AMAZON-AES)
2 2	2406:da18:929... 2406:da18:929:5a01:91d6:7dd1:d2a5:7023	16509 (AMAZON-02) (AMAZON-02)
2 2	52.71.215.193 52.71.215.193	14618 (AMAZON-AES) (AMAZON-AES)
1	8.18.47.7 8.18.47.7	398989 (DEEPINTENT) (DEEPINTENT)
2 2	64.202.112.127 64.202.112.127	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2 2	74.214.196.131 74.214.196.131	19189 (PULSEPOINT) (PULSEPOINT)
1 1	23.106.127.164 23.106.127.164	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
1 2	185.84.60.20 185.84.60.20	198622 (ADFORM) (ADFORM)
3 8	172.217.24.34 172.217.24.34	15169 (GOOGLE) (GOOGLE)
1 1	211.120.53.202 211.120.53.202	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
4 4	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2 2	104.68.31.231 104.68.31.231	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	198.8.71.131 198.8.71.131	54312 (ROCKETFUEL) (ROCKETFUEL)
1 1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
2 3	54.145.188.191 54.145.188.191	14618 (AMAZON-AES) (AMAZON-AES)
1	34.111.79.67 34.111.79.67	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	216.200.232.253 216.200.232.253	30419 (MEDIAMATH...) (MEDIAMATH-INC)
4	34.117.239.71 34.117.239.71	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	98.98.134.242 98.98.134.242	21859 (ZEN-ECN) (ZEN-ECN)
2 4	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	67.202.105.24 67.202.105.24	32748 (STEADFAST) (STEADFAST)
2 3	52.95.125.22 52.95.125.22	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 4	52.46.128.147 52.46.128.147	16509 (AMAZON-02) (AMAZON-02)
2 2	54.95.222.155 54.95.222.155	16509 (AMAZON-02) (AMAZON-02)
1	52.76.134.18 52.76.134.18	16509 (AMAZON-02) (AMAZON-02)
1 2	172.64.146.152 172.64.146.152	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.1.240.138 23.1.240.138	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	8.43.72.97 8.43.72.97	26667 (RUBICONPR...) (RUBICONPROJECT)
1	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
2	35.201.67.47 35.201.67.47	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.190.59.101 35.190.59.101	15169 (GOOGLE) (GOOGLE)
146	47

2 192.0.78.25 (San Francisco, United States) 1 redirects

ASN2635 (AUTOMATTIC, US)

ref-lek-ti-one-rom-val.blog	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 192.0.77.32 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

s0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts-api.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.55.38.27 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-55-38-27.deploy.static.akamaitechnologies.com

ced.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 184.169.159.105 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-184-169-159-105.us-west-1.compute.amazonaws.com

s.pubmine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4006:809::2008 (Sydney, Australia)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.22 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

public-api.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 141.95.98.65 (France) 3 redirects

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.198.59.89 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-198-59-89.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.19 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

r-login.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.199.150.80 (Singapore, Singapore)

ASN3257 (GTT-BACKBONE GTT, US)

ut.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.38 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

c0.pubmine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.106.127.56 (Singapore, Singapore) 1 redirects

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 15.197.193.217 (Seattle, United States) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 72.34.250.75 (Hemet, United States) 1 redirects

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.228.126.19 (Singapore, Singapore) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.106.127.38 (Singapore, Singapore) 1 redirects

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

ssbsync-global.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.151.101 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 67.202.105.22 (Chicago, United States) 8 redirects

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.202.105.33 (Chicago, United States) 1 redirects

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hde.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:10c:84af:88cd:a4c9:e204:b71d (United States)

ASN15133 (EDGECAST, US)

ad-cdn.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.31 (Chicago, United States) 1 redirects

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.215.225.192 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-215-225-192.us-west-2.compute.amazonaws.com

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.127.253.7 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sync.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.213.12.39 (Tokyo, Japan) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2083:cc00:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.115.174.0 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-115-174-0.ap-northeast-1.compute.amazonaws.com

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.204.65.234 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-204-65-234.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.204.64.24 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-204-64-24.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.244.159.8 (Kansas City, United States) 4 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.204.65.54 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-204-65-54.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 69.173.158.64 (Singapore, Singapore) 14 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.178.8 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 103.43.90.53 (Singapore, Singapore) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.65.33.83 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 103.43.90.21 (Singapore, Singapore) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2603:c020:400d:3000:b5b3:7157:5b47:80e4 (Ashburn, United States) 1 redirects

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.199.150.85 (Singapore, Singapore)

ASN62713 (AS-PUBMATIC, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 54.238.120.71 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com

usersync.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.156.106.93 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-106-93.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.213.224.25 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-224-25.compute-1.amazonaws.com

qvdt3feo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:da18:929:5a01:91d6:7dd1:d2a5:7023 (Singapore, Singapore) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.71.215.193 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-215-193.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.18.47.7 (United States)

ASN398989 (DEEPINTENT, US)

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.127 (United States) 2 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.214.196.131 (Sunnyvale, United States) 2 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.106.127.164 (Singapore, Singapore) 1 redirects

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.84.60.20 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.24.34 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: syd15s20-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 211.120.53.202 (Japan) 1 redirects

ASN4694 (IDCF IDC Frontier Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.184.8.90 (Amsterdam, Netherlands) 4 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.68.31.231 (Sydney, Australia) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-68-31-231.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.8.71.131 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway) 1 redirects

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.145.188.191 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-188-191.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.79.67 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 67.79.111.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.200.232.253 (Frederick, United States) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.117.239.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.239.117.34.bc.googleusercontent.com

events-ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 98.98.134.242 (United States) 1 redirects

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.24 (Chicago, United States) 1 redirects

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net

dp1.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.95.125.22 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.46.128.147 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.95.222.155 (Tokyo, Japan) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-95-222-155.ap-northeast-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.76.134.18 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-134-18.ap-southeast-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.146.152 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.1.240.138 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-1-240-138.deploy.static.akamaitechnologies.com

hb.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.97 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

s.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.67.47 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 47.67.201.35.bc.googleusercontent.com

t.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com

r.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	rubiconproject.com 17 redirects eus.rubiconproject.com — Cisco Umbrella Rank: 579 pixel.rubiconproject.com — Cisco Umbrella Rank: 381 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 967 token.rubiconproject.com — Cisco Umbrella Rank: 477 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1274	52 KB
24	pubmine.com s.pubmine.com — Cisco Umbrella Rank: 16700 c0.pubmine.com — Cisco Umbrella Rank: 35567	76 KB
23	wp.com s0.wp.com — Cisco Umbrella Rank: 8186 fonts-api.wp.com — Cisco Umbrella Rank: 16464 stats.wp.com — Cisco Umbrella Rank: 2723 fonts.wp.com — Cisco Umbrella Rank: 17444 pixel.wp.com — Cisco Umbrella Rank: 2679	776 KB
13	gumgum.com rtb.gumgum.com — Cisco Umbrella Rank: 1478 usersync.gumgum.com — Cisco Umbrella Rank: 1988	4 KB
13	33across.com 9 redirects ssc-cms.33across.com — Cisco Umbrella Rank: 901 events-ssc.33across.com — Cisco Umbrella Rank: 1615 dp1.33across.com — Cisco Umbrella Rank: 7249	6 KB
12	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 535 ut.pubmatic.com — Cisco Umbrella Rank: 7383 image6.pubmatic.com — Cisco Umbrella Rank: 805 simage4.pubmatic.com — Cisco Umbrella Rank: 1277	169 KB
10	adnxs.com 6 redirects acdn.adnxs.com — Cisco Umbrella Rank: 598 ib.adnxs.com — Cisco Umbrella Rank: 253 secure.adnxs.com — Cisco Umbrella Rank: 490	8 KB
9	sonobi.com 1 redirects sync.go.sonobi.com — Cisco Umbrella Rank: 976	8 KB
8	doubleclick.net 3 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 260	2 KB
8	yahoo.com 8 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 358 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495	3 KB
7	amazon-adsystem.com 4 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 801 s.amazon-adsystem.com — Cisco Umbrella Rank: 326	5 KB
7	bidswitch.net 4 redirects x.bidswitch.net — Cisco Umbrella Rank: 373	4 KB
6	openx.net 4 redirects u.openx.net — Cisco Umbrella Rank: 683 us-u.openx.net — Cisco Umbrella Rank: 524	1 KB
6	adsrvr.org 6 redirects match.adsrvr.org — Cisco Umbrella Rank: 357	2 KB
5	skimresources.com s.skimresources.com — Cisco Umbrella Rank: 4213 t.skimresources.com — Cisco Umbrella Rank: 4334 r.skimresources.com — Cisco Umbrella Rank: 4122	20 KB
5	id5-sync.com 3 redirects id5-sync.com — Cisco Umbrella Rank: 425	5 KB
4	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 501	1 KB
4	creativecdn.com 4 redirects creativecdn.com — Cisco Umbrella Rank: 564	1 KB
4	tynt.com 2 redirects de.tynt.com — Cisco Umbrella Rank: 1526 hde.tynt.com — Cisco Umbrella Rank: 3986 ic.tynt.com — Cisco Umbrella Rank: 11236	7 KB
3	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 239	2 KB
3	smartadserver.com 3 redirects rtb-csync.smartadserver.com — Cisco Umbrella Rank: 669 ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1724 ssbsync.smartadserver.com — Cisco Umbrella Rank: 742	1 KB
2	connatix.com 1 redirects capi.connatix.com — Cisco Umbrella Rank: 1105	523 B
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 555	1 KB
2	sitescout.com 1 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 722	547 B
2	adform.net 1 redirects c1.adform.net — Cisco Umbrella Rank: 583	1 KB
2	contextweb.com 2 redirects bh.contextweb.com — Cisco Umbrella Rank: 523	2 KB
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 626	1 KB
2	ipredictive.com 2 redirects sync.ipredictive.com — Cisco Umbrella Rank: 906	958 B
2	qvdt3feo.com 2 redirects qvdt3feo.com — Cisco Umbrella Rank: 4307	3 KB
2	stackadapt.com 2 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 730	395 B
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 412	886 B
2	technoratimedia.com 1 redirects ad-cdn.technoratimedia.com — Cisco Umbrella Rank: 5647 sync.technoratimedia.com — Cisco Umbrella Rank: 1913	7 KB
2	casalemedia.com 1 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 497	1 KB
2	wordpress.com public-api.wordpress.com — Cisco Umbrella Rank: 9533 r-login.wordpress.com — Cisco Umbrella Rank: 27867	821 B
2	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 570	17 KB
2	ref-lek-ti-one-rom-val.blog 1 redirects ref-lek-ti-one-rom-val.blog	22 KB
1	yahoo.net hb.yahoo.net — Cisco Umbrella Rank: 773	614 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 508	280 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 349	538 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 1331	692 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1375	204 B
1	opera.com 1 redirects t.adx.opera.com — Cisco Umbrella Rank: 1217	506 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 841	736 B
1	socdm.com 1 redirects tg.socdm.com — Cisco Umbrella Rank: 1525	837 B
1	deepintent.com match.deepintent.com — Cisco Umbrella Rank: 1026	44 B
1	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1376	305 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 709	12 KB
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 662	497 B
1	inmobi.com 1 redirects sync.inmobi.com — Cisco Umbrella Rank: 1482	712 B
1	omnitagjs.com 1 redirects visitor.omnitagjs.com — Cisco Umbrella Rank: 731	461 B
1	sascdn.com ced.sascdn.com — Cisco Umbrella Rank: 10545	37 KB
146	51

	Domain	Requested by
23	s.pubmine.com	ref-lek-ti-one-rom-val.blog c0.pubmine.com ssum-sec.casalemedia.com rtb.gumgum.com de.tynt.com hde.tynt.com
14	s0.wp.com	ref-lek-ti-one-rom-val.blog
12	usersync.gumgum.com	rtb.gumgum.com
12	pixel.rubiconproject.com	8 redirects ref-lek-ti-one-rom-val.blog
9	token.rubiconproject.com	6 redirects eus.rubiconproject.com
9	sync.go.sonobi.com	1 redirects c0.pubmine.com sync.go.sonobi.com
8	cm.g.doubleclick.net	3 redirects rtb.gumgum.com sync.go.sonobi.com ref-lek-ti-one-rom-val.blog
8	ssc-cms.33across.com	8 redirects
8	ads.pubmatic.com	s0.wp.com ads.pubmatic.com c0.pubmine.com rtb.gumgum.com simage4.pubmatic.com
7	x.bidswitch.net	4 redirects c0.pubmine.com rtb.gumgum.com sync.go.sonobi.com
6	eus.rubiconproject.com	c0.pubmine.com eus.rubiconproject.com rtb.gumgum.com de.tynt.com
6	ups.analytics.yahoo.com	6 redirects
6	match.adsrvr.org	6 redirects
5	ib.adnxs.com	4 redirects ref-lek-ti-one-rom-val.blog
5	id5-sync.com	3 redirects ced.sascdn.com ref-lek-ti-one-rom-val.blog
4	s.amazon-adsystem.com	2 redirects ref-lek-ti-one-rom-val.blog
4	pixel.tapad.com	2 redirects hde.tynt.com ref-lek-ti-one-rom-val.blog
4	events-ssc.33across.com	de.tynt.com us-u.openx.net
4	creativecdn.com	4 redirects
4	us-u.openx.net	3 redirects de.tynt.com
4	secure.adnxs.com	2 redirects ref-lek-ti-one-rom-val.blog hde.tynt.com
4	pixel.wp.com	ref-lek-ti-one-rom-val.blog
3	aax-eu.amazon-adsystem.com	2 redirects
3	dpm.demdex.net	2 redirects sync.go.sonobi.com
3	fonts.wp.com	fonts-api.wp.com
2	r.skimresources.com	s.skimresources.com
2	t.skimresources.com	s.skimresources.com
2	capi.connatix.com	1 redirects
2	match.prod.bidr.io	2 redirects
2	pixel-sync.sitescout.com	1 redirects de.tynt.com
2	secure-assets.rubiconproject.com	2 redirects
2	c1.adform.net	1 redirects rtb.gumgum.com
2	bh.contextweb.com	2 redirects
2	b1sync.zemanta.com	2 redirects
2	sync.ipredictive.com	2 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	qvdt3feo.com	2 redirects
2	sync.srv.stackadapt.com	2 redirects
2	simage4.pubmatic.com	ads.pubmatic.com
2	eb2.3lift.com	2 redirects
2	u.openx.net	1 redirects c0.pubmine.com
2	de.tynt.com	1 redirects c0.pubmine.com
2	ssum-sec.casalemedia.com	1 redirects c0.pubmine.com
2	ssl.google-analytics.com	ref-lek-ti-one-rom-val.blog ssl.google-analytics.com
2	ref-lek-ti-one-rom-val.blog	1 redirects
1	s.skimresources.com	c0.pubmine.com
1	pixel-us-east.rubiconproject.com	1 redirects
1	hb.yahoo.net
1	match.sharethrough.com	ref-lek-ti-one-rom-val.blog
1	px.ads.linkedin.com	ref-lek-ti-one-rom-val.blog
1	dp1.33across.com	1 redirects
1	sync.mathtag.com	1 redirects
1	odr.mookie1.com	de.tynt.com
1	t.adx.opera.com	1 redirects
1	p.rfihub.com	1 redirects
1	tg.socdm.com	1 redirects
1	ssbsync.smartadserver.com	1 redirects
1	match.deepintent.com	rtb.gumgum.com
1	sync.technoratimedia.com	1 redirects
1	image6.pubmatic.com	ads.pubmatic.com
1	sync.teads.tv	c0.pubmine.com
1	contextual.media.net	c0.pubmine.com
1	acdn.adnxs.com	c0.pubmine.com
1	rtb.gumgum.com	c0.pubmine.com
1	s.ad.smaato.net	1 redirects
1	sync.inmobi.com	1 redirects
1	visitor.omnitagjs.com	1 redirects
1	ic.tynt.com	1 redirects
1	ad-cdn.technoratimedia.com	c0.pubmine.com
1	hde.tynt.com	c0.pubmine.com
1	ssbsync-global.smartadserver.com	1 redirects
1	rtb-csync.smartadserver.com	1 redirects
1	c0.pubmine.com	ref-lek-ti-one-rom-val.blog
1	ut.pubmatic.com	ads.pubmatic.com
1	r-login.wordpress.com	ref-lek-ti-one-rom-val.blog
1	public-api.wordpress.com	ref-lek-ti-one-rom-val.blog
1	stats.wp.com	ref-lek-ti-one-rom-val.blog
1	ced.sascdn.com	ref-lek-ti-one-rom-val.blog
1	fonts-api.wp.com	ref-lek-ti-one-rom-val.blog
146	79

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
wordpress.com
reflektioneromval.wordpress.com
en.wordpress.com
subscribe.wordpress.com
automattic.com

Subject Issuer	Validity	Valid
tls.automattic.com R3	`2024-01-29` - `2024-04-28`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
*.sascdn.com DigiCert TLS RSA SHA256 2020 CA1	`2023-07-14` - `2024-07-17`	a year	crt.sh
s.pubmine.com Sectigo RSA Domain Validation Secure Server CA	`2023-10-02` - `2024-10-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.wordpress.com Sectigo ECC Domain Validation Secure Server CA	`2023-12-05` - `2025-01-04`	a year	crt.sh
*.id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-26` - `2024-11-26`	a year	crt.sh
c0.pubmine.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-04` - `2024-05-04`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2023-12-07` - `2025-01-07`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-05` - `2024-09-30`	a year	crt.sh
*.technoratimedia.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-16` - `2024-09-15`	a year	crt.sh
jp-ad-exch-prd-two-eks.prd.eks.jp.adexchange.gumgum.com Amazon RSA 2048 M01	`2023-08-31` - `2024-09-28`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-21` - `2024-12-21`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
teads.tv R3	`2024-01-22` - `2024-04-21`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2023-12-01` - `2025-01-01`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.ad-server.k8s.jp.ggops.com Amazon RSA 2048 M02	`2023-12-18` - `2025-01-16`	a year	crt.sh
events-ssc.33across.com GTS CA 1D4	`2023-12-22` - `2024-03-21`	3 months	crt.sh
*.skimresources.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-11-07`	a year	crt.sh

This page contains 39 frames:

Primary Page: https://ref-lek-ti-one-rom-val.blog/
Frame ID: BCD58952B916B42BAD508068AE270E65
Requests: 51 HTTP requests in this frame

Frame: https://r-login.wordpress.com/remote-login.php?wpcom_remote_login=key&origin=aHR0cHM6Ly9yZWYtbGVrLXRpLW9uZS1yb20tdmFsLmJsb2c%3D&wpcomid=116229836&time=1706561420
Frame ID: 0E7F9A3EF0E6591B022EA375D32D79A7
Requests: 1 HTTP requests in this frame

Frame: https://s.pubmine.com/match?bidder_id=13&external_user_id=4d30d4a0-0316-4953-b820-f61396106e9a&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=
Frame ID: DB99AD7C0D4FAD96E0D4E0B669273F52
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html
Frame ID: 81FBB76CEC678CAAD72B1F936DFF1135
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D11%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Frame ID: 2DD5E0466FD01F6FB341983FD4BFE067
Requests: 1 HTTP requests in this frame

Frame: https://s.pubmine.com/match?bidder_id=27&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&external_user_id=y-lf_hXTdE2uHP6uZlRlweynt9M76IPENq1YAE9tM-~A&gdpr=0
Frame ID: 44DE4F281989F305C9819AC41A03097B
Requests: 1 HTTP requests in this frame

Frame: https://s.pubmine.com/match?bidder_id=23&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=2350732139629937322
Frame ID: 0CDB283095847D7E0B0F1AF14DFF92A5
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D21%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D&gdpr=0&gdpr_consent=&s=197465&us_privacy=&C=1
Frame ID: 5A2EE77BE7C8F3F85069DB2A5A5BBA51
Requests: 2 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D&b=1
Frame ID: 0D812FB74B3650649E9BC1DDA62CADB3
Requests: 4 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?cb=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D30%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D%5BUSER_ID%5D
Frame ID: 8B76C733B1351257E002F1F03355E6BD
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D26%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Frame ID: BE3CAAF1444709C1621A95346228827A
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
Frame ID: E8D0A731349CAAD56E58D52EF5C88457
Requests: 6 HTTP requests in this frame

Frame: https://s.pubmine.com/match?bidder_id=22&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=53ae31b4630b4509b188d93fcbe10a57
Frame ID: E11F287AC566CE8BC838CAA095BD5168
Requests: 1 HTTP requests in this frame

Frame: https://s.pubmine.com/match?bidder_id=20&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=ID5-a6a4R5765o4gt_5ynLs5_WXf9rHLFpFE3Qa1yz6pQA
Frame ID: 1ECA8038BEE67FB9EBDCBCD9C9E33419
Requests: 1 HTTP requests in this frame

Frame: https://s.pubmine.com/match?bidder_id=18&external_user_id=&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=
Frame ID: 6A6CE6DABA1E93711C860383A6327DEB
Requests: 1 HTTP requests in this frame

Frame: https://s.pubmine.com/match?bidder_id=29&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=e0208b8364
Frame ID: B2349EA22762640D8F1370C8E71D9CC6
Requests: 1 HTTP requests in this frame

Frame: https://s.pubmine.com/match?bidder_id=15&external_user_id=y-y_Bcex1E2uHlIpDC2pNLAR0w.MVud0iB9cgGaoA-~A&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408
Frame ID: 9B526558AD1A13C4CC8A4BBBB6FDEDBA
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Frame ID: B67DCFC9529C04B44BEAB34DFDFD4BAC
Requests: 12 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: D4927FA59BD8901CB5487673A252F435
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156204&gdpr=0&gdpr_consent=
Frame ID: B520C4E6E33C6A3D34CC984D958F6E23
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: D85339972147D0474B83221D4B78B7BC
Requests: 19 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?cid=8CU8HDVRS&cs=13
Frame ID: 665345572D4F95A36D8C7BC12CFF0160
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?cc=1
Frame ID: 29CC257241CBF7A048B98B8AECDE9729
Requests: 1 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe
Frame ID: 068929F9AC057FCC7AF13F68959AB5B4
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?ssp=themediagrid&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 85266CCCBA78DA732517604AC4F2CA74
Requests: 1 HTTP requests in this frame

Frame: https://simage4.pubmatic.com/AdServer/SPug?o=1&p=156204&sc=1&u=A67F380D-5739-4F34-9320-78030CEE7CBB&rs=3&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: A28D6B62F0677E217B2A65FF21B61360
Requests: 1 HTTP requests in this frame

Frame: https://simage4.pubmatic.com/AdServer/SPug?o=1&p=156204&sc=1&u=A67F380D-5739-4F34-9320-78030CEE7CBB&rs=3&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 0D12BE8111E276C56DB94E5E872E2A68
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=
Frame ID: B6F9517D65EB5ABB0B20C5D823DB62A0
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV84ZTYzOTYwNy1jMDgzLTQ2ODEtYTFjOS0xNGQwMzc1YzBmN2I=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv&google_tc=
Frame ID: 5F56A783B188A3E40BCDC141008C04A9
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 42CE6B2F8A3DA971D421C52C1A62A1F8
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=84aafd0b-0af4-4d9d-8b79-676c6031532d
Frame ID: 438C4644332BC44270329219551759F8
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZbgPj8Co5ugAAGUQoXAAAAAA
Frame ID: 5F6CD876A48E7D1977F2699E506DE405
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=s2EP478xQhhTsFMTfaJP4Q605rU-9RipGOe9CawUtbA&pi=gumgum&tc=1
Frame ID: 33647756BC09D5F45415BF9070E74421
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 45ED89662C22A1196EFA34E03E72F425
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3DA67F380D-5739-4F34-9320-78030CEE7CBB%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID
Frame ID: 963BC58D949859E9AB3C8AD5E6BB5CAD
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3DA67F380D-5739-4F34-9320-78030CEE7CBB%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID
Frame ID: 4840D64404407D06A25D60EA37D37DA3
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: B9C093799A61C72FAA5F9DA8FC8856A8
Requests: 4 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?cc=1&id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Frame ID: A34A4F0F6B4F6680EC55FDD2C7BAF774
Requests: 2 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.5644972220771327
Frame ID: C87FD37FC49BFCE230CC656765DDB9F4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

På nya äventyr – En resa genom främmande land

Page URL History Show full URLs

http://ref-lek-ti-one-rom-val.blog/ HTTP 301
https://ref-lek-ti-one-rom-val.blog/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+s\d+\.wp\.com
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

146
Requests

64 %
HTTPS

8 %
IPv6

51
Domains

79
Subdomains

47
IPs

9
Countries

1206 kB
Transfer

2444 kB
Size

85
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/watch?v=7zrGSAWyERM
Title: How to be a Great Game Master – 5 Secrets To Making an Awesome Adventure.

Search URL Search Domain Scan URL

URL: https://wordpress.com/?ref=footer_website
Title: Skapa en gratis webbplats eller blogg på WordPress.com.

Search URL Search Domain Scan URL

URL: https://wordpress.com/log-in?redirect_to=https%3A%2F%2Fr-login.wordpress.com%2Fremote-login.php%3Faction%3Dlink%26back%3Dhttps%253A%252F%252Fref-lek-ti-one-rom-val.blog%252F2020%252F08%252F01%252Fgoblin-kungen%252F
Title: Logga in nu.

Search URL Search Domain Scan URL

URL: https://reflektioneromval.wordpress.com/wp-admin/customize.php?url=https%3A%2F%2Freflektioneromval.wordpress.com%2F
Title: Anpassa

Search URL Search Domain Scan URL

URL: https://wordpress.com/start/
Title: Registrera

Search URL Search Domain Scan URL

URL: http://en.wordpress.com/abuse/?report_url=https://ref-lek-ti-one-rom-val.blog
Title: Rapportera detta innehåll

Search URL Search Domain Scan URL

URL: https://wordpress.com/read/feeds/95181640
Title: Visa webbplats i Inläggsvyn

Search URL Search Domain Scan URL

URL: https://subscribe.wordpress.com/
Title: Hantera prenumerationer

Search URL Search Domain Scan URL

URL: https://automattic.com/cookies/
Title: Cookie-policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ref-lek-ti-one-rom-val.blog/ HTTP 301
https://ref-lek-ti-one-rom-val.blog/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://id5-sync.com/i/102/8.gif?id5id=ID5*NUy7jglEvtOzFSgOZjE37dfTEpwJApePlDd-BVkQpSOALdkTYhF-wN_LIw7Zr-ZdgC5mjcIxqJCKLLsT5TFT-w&o=api&gdpr_consent=undefined&gdpr=0 HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-a6a4R5765o4gt_5ynLs5_WXf9rHLFpFE3Qa1yz6pQA&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F7%2F2.gif%3Fpuid%3DSMART_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/102/102/7/2.gif?puid=1006051374732706466&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/k/264.gif?puid=84aafd0b-0af4-4d9d-8b79-676c6031532d&ttl=%%TTL%%

Request Chain 34

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D13%26external_user_id%3D%5BUID%5D%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://s.pubmine.com/match?bidder_id=13&external_user_id=4d30d4a0-0316-4953-b820-f61396106e9a&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=

Request Chain 37

https://ups.analytics.yahoo.com/ups/58666/occ?uid=4435b34d-7403-44d2-a649-cc1135ee9408&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58666/occ?uid=4435b34d-7403-44d2-a649-cc1135ee9408&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://s.pubmine.com/match?bidder_id=27&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&external_user_id=y-lf_hXTdE2uHP6uZlRlweynt9M76IPENq1YAE9tM-~A&gdpr=0

Request Chain 38

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&US_privacy=&redirectUri=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D23%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D[ssb_sync_pid] HTTP 302
https://s.pubmine.com/match?bidder_id=23&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=2350732139629937322

Request Chain 39

https://ssum-sec.casalemedia.com/usermatch?s=197465&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D21%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D21%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D&gdpr=0&gdpr_consent=&s=197465&us_privacy=&C=1

Request Chain 40

https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D HTTP 302
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D HTTP 307
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D&b=1

Request Chain 43

https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz HTTP 307
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz

Request Chain 44

https://visitor.omnitagjs.com/visitor/bsync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=0&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D22%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D[BUYER_USERID] HTTP 307
https://s.pubmine.com/match?bidder_id=22&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=53ae31b4630b4509b188d93fcbe10a57

Request Chain 45

https://sync.inmobi.com/prebid?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D20%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&us_privacy=&callback=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D20%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D%7BID5UID%7D HTTP 302
https://s.pubmine.com/match?bidder_id=20&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=ID5-a6a4R5765o4gt_5ynLs5_WXf9rHLFpFE3Qa1yz6pQA

Request Chain 46

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D18%26external_user_id%3D%24%7BBSW_UUID%7D%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://s.pubmine.com/match?bidder_id=18&external_user_id=&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=

Request Chain 47

https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D29%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D%24UID HTTP 302
https://s.pubmine.com/match?bidder_id=29&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=e0208b8364

Request Chain 48

https://ups.analytics.yahoo.com/ups/58366/occ?uid=4435b34d-7403-44d2-a649-cc1135ee9408 HTTP 302
https://ups.analytics.yahoo.com/ups/58366/occ?uid=4435b34d-7403-44d2-a649-cc1135ee9408&verify=true HTTP 302
https://s.pubmine.com/match?bidder_id=15&external_user_id=y-y_Bcex1E2uHlIpDC2pNLAR0w.MVud0iB9cgGaoA-~A&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408

Request Chain 54

https://u.openx.net/w/1.0/pd HTTP 302
https://u.openx.net/w/1.0/pd?cc=1

Request Chain 59

https://pixel.rubiconproject.com/exchange/sync.php?p=18894&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://s.pubmine.com/match?bidder_id=14&external_user_id=LRZELXRL-1D-3W3N&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&gdpr=0

Request Chain 60

https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D12%26external_user_id%3D%24UID%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D12%26external_user_id%3D%24UID%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://s.pubmine.com/match?bidder_id=12&external_user_id=603368634042752454944&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=

Request Chain 61

https://ib.adnxs.com/getuid?https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D10%26external_user_id%3D%24UID%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.pubmine.com%252Fmatch%253Fbidder_id%253D10%2526external_user_id%253D%2524UID%2526ssp_data%253D4435b34d-7403-44d2-a649-cc1135ee9408%2526rid%253D%2526us_privacy%253D%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
https://s.pubmine.com/match?bidder_id=10&external_user_id=983861297989771225&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=

Request Chain 62

https://x.bidswitch.net/sync?ssp=wordpress&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&user_id=4435b34d-7403-44d2-a649-cc1135ee9408&gdpr=0&gdpr_consent= HTTP 302
https://s.pubmine.com/match?bidder_id=1&external_user_id=&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&gdpr=0&gdpr_consent=

Request Chain 63

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D1%26external_user_id%3D%24%7BBSW_UUID%7D%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D HTTP 302
https://s.pubmine.com/match?bidder_id=1&external_user_id=&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 64

https://ssc-cms.33across.com/ps/?ri=0010b00002CphGRAAZ&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://s.pubmine.com/match?bidder_id=6&external_user_id=212440406140821&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=

Request Chain 67

https://secure.adnxs.com/async_usersync?cbfn=AN_async_load HTTP 307
https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load

Request Chain 71

https://sync.technoratimedia.com/services?cb=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D30%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D%5BUSER_ID%5D&srv=cs&att=99 HTTP 307
https://s.pubmine.com/match?bidder_id=30&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=GDPR

Request Chain 75

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://usersync.gumgum.com/usersync?b=apn&i=983861297989771225

Request Chain 77

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=opx&i=14fa5110-6366-4174-8521-e9a57663e903

Request Chain 78

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
https://qvdt3feo.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sta&i=0-3f034712-633b-5c9e-600d-bf13af836540$ip$103.75.11.107

Request Chain 79

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=oth&i=y-Imm6ag5E2pdeD1RHwBEauOSnGOKgsrBqYonm~A

Request Chain 80

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=vnt&i=013492e7-3182-4594-a1b9-0e05c56efc3f

Request Chain 82

https://b1sync.zemanta.com/usersync/gumgum/?puid=a_8e639607-c083-4681-a1c9-14d0375c0f7b&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=a_8e639607-c083-4681-a1c9-14d0375c0f7b&s=2&us_privacy= HTTP 302
https://usersync.gumgum.com/usersync?b=zem&i=C8qDO33Mo-ZerRQuGhw0&gdpr=0

Request Chain 83

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://usersync.gumgum.com/usersync?b=pln&i=ZnbPqM40z0xa&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355

Request Chain 84

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sad&i=2159908696878776871

Request Chain 86

https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=

Request Chain 87

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV84ZTYzOTYwNy1jMDgzLTQ2ODEtYTFjOS0xNGQwMzc1YzBmN2I=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV84ZTYzOTYwNy1jMDgzLTQ2ODEtYTFjOS0xNGQwMzc1YzBmN2I=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv&google_tc=

Request Chain 89

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=ttd&i=84aafd0b-0af4-4d9d-8b79-676c6031532d

Request Chain 90

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://usersync.gumgum.com/usersync?b=sus&i=ZbgPj8Co5ugAAGUQoXAAAAAA

Request Chain 91

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://usersync.gumgum.com/usersync?b=rth&i=s2EP478xQhhTsFMTfaJP4Q605rU-9RipGOe9CawUtbA&pi=gumgum&tc=1

Request Chain 92

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
https://eus.rubiconproject.com/usync.html?p=gumgum

Request Chain 94

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=&gdpr=0&gdpr_consent= HTTP 302
https://sync.go.sonobi.com/us.gif?nw=td&nuid=84aafd0b-0af4-4d9d-8b79-676c6031532d&pubid=

Request Chain 95

https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=4545175990075894257

Request Chain 96

https://sync.srv.stackadapt.com/sync?nid=286 HTTP 302
https://qvdt3feo.com/sync?nid=286 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=st&nuid=PwNHEmM7XJ5gDb8Tr4NlQGdLC2s

Request Chain 97

https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=5d7bb849-d82a-4a41-a827-2b0111b53556&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=eVlLT2lxUm1iMHZRR29mRm5BamkyZw&gdpr=&gdpr_consent=

Request Chain 98

https://creativecdn.com/cm-notify?pi=sonobi HTTP 302
https://creativecdn.com/cm-notify?pi=sonobi&tc=1 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=s2EP478xQhhTsFMTfaJP4Q605rU-9RipGOe9CawUtbA&pi=sonobi&tc=1

Request Chain 99

https://t.adx.opera.com/pub/sync?pubid=pub9935550313792 HTTP 302
https://sync.go.sonobi.com/us.gif?nuid=OPUd03a567f3c0142a6bf47f959f0620909&nw=oa

Request Chain 100

https://dpm.demdex.net/ibs:dpid=87880&dpuuid=5d7bb849-d82a-4a41-a827-2b0111b53556 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=5d7bb849-d82a-4a41-a827-2b0111b53556

Request Chain 101

https://ib.adnxs.com/getuid?https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID HTTP 302
https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=4618620154437102574

Request Chain 102

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=NWQ3YmI4NDktZDgyYS00YTQxLWE4MjctMmIwMTExYjUzNTU2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm=&google_hm=NWQ3YmI4NDktZDgyYS00YTQxLWE4MjctMmIwMTExYjUzNTU2&google_tc= HTTP 302
https://sync.go.sonobi.com/usg.gif?google_error=3

Request Chain 107

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=

Request Chain 108

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1706561423498.6&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c87ac3c8%26us_privacy%3D%24%7BUS_PRIVACY%7D%26r%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D70%2526external_user_id%253D HTTP 302
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D

Request Chain 109

https://ssc-cms.33across.com/ps/?_=1706561423498.&ri=zzz000000000002zzz&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X HTTP 302
https://s.pubmine.com/match?bidder_id=24&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=212441188476780

Request Chain 110

https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=bf5f6494-5e64-4d36-97ff-caa5a872fb1d&ssp=the33across&gdpr=&gdpr_consent=

Request Chain 111

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1706561423498.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=557365b8-0f90-4600-b06e-cd18794bd505

Request Chain 112

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D

Request Chain 113

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1706561423498.7&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D90%2526external_user_id%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID HTTP 302
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=4618620154437102574

Request Chain 115

https://ssc-cms.33across.com/ps/?_=1706561423724.&ri=0010b00002CphGRAAZ&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D HTTP 302
https://s.pubmine.com/match?bidder_id=6&external_user_id=212441188476780&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 116

https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=FtT2L2W4D48tP33rW0QwCw%3D%3D&us_privacy=&random=1706561423724.2&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=FtT2L2W4D48tP33rW0QwCw%3D%3D&us_privacy=&random=1706561423724.2&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
https://dpm.demdex.net/ibs:dpid=540&dpuuid=285b4cda-b805-4183-a162-ce66ebe721f5&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3D285b4cda-b805-4183-a162-ce66ebe721f5%252C%252C HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=10958277533995031381769522495878219098&pt=285b4cda-b805-4183-a162-ce66ebe721f5%2C%2C

Request Chain 117

https://dp1.33across.com/ps/?pid=669&uid=FtT2L2W4D48tP33rW0QwCw%3D%3D&us_privacy=&random=1706561423724.3&pu=https%3A%2F%2Fref-lek-ti-one-rom-val.blog%2F HTTP 302
https://secure.adnxs.com/mapuid?t=2&member=1001&user=212441188476780&seg_code=33x&random=1706561424

Request Chain 118

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/6mPaZd8b7NWef6KUzyiU2Mn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-AhSWFGpE2oLndBqQRTUsMtrwgeFEy2tuTrKqOQ--~A

Request Chain 120

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=g7-8lNTrSOa4ib_7C3X8wQ&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=g7-8lNTrSOa4ib_7C3X8wQ

Request Chain 121

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRZELXZX-1T-FYJI

Request Chain 122

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODJlYjE5YjhlNTRjMjM1ZGVkYjI3YTZhMWM0OTAwOTUyMWVhOTAwOA

Request Chain 123

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFJaRUxYWlgtMVQtRllKSQ==

Request Chain 124

https://match.adsrvr.org/track/cmf/rubicon HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=84aafd0b-0af4-4d9d-8b79-676c6031532d&gdpr=0&gdpr_consent=&expires=30

Request Chain 125

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
https://s.amazon-adsystem.com/ecm3?id=LRZELXZX-1T-FYJI&ex=d-rubiconproject.com&status=ok

Request Chain 126

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=g2z-BDA-RcWd1QEZk2_fUw&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=g2z-BDA-RcWd1QEZk2_fUw

Request Chain 127

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACjsk7LcB8AABQ90hT_OQ&expires=30

Request Chain 128

https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LRZELXZX-1T-FYJI

Request Chain 129

https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=6adbf343-fb6d-4f1f-a3f2-a1c749cd108d&expires=30

Request Chain 130

https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LRZELXZX-1T-FYJI

Request Chain 131

https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
https://capi.connatix.com/us/pixel?puid=LRZELXZX-1T-FYJI&pId=11&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://capi.connatix.com/us/pixel?puid=LRZELXZX-1T-FYJI&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true

Request Chain 132

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LRZELXZX-1T-FYJI

Request Chain 133

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LRZELXZX-1T-FYJI&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LRZELXZX-1T-FYJI&redir=true HTTP 302
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1GOV9XMnM1RTJ1R0c5d0NZQldIa1hvQlJJQl9BeS5nTn5B&ovsid=LRZELXZX-1T-FYJI&dpid=58160

Request Chain 136

https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LRZELXZX-1T-FYJI HTTP 302
https://usersync.gumgum.com/usersync?b=mag&i=LRZELXZX-1T-FYJI

Request Chain 138

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=LRZELXZX-1T-FYJI HTTP 302
https://ssc-cms.33across.com/ps/?xi=1&xu=LRZELXZX-1T-FYJI HTTP 302
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LRZELXZX-1T-FYJI&ts=1706561425&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

146 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ref-lek-ti-one-rom-val.blog/
Redirect Chain

http://ref-lek-ti-one-rom-val.blog/
https://ref-lek-ti-one-rom-val.blog/

76 KB
22 KB

1183ms
446ms

Document
text/html

192.0.78.25
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://ref-lek-ti-one-rom-val.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.25 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c3a5165ca7cfe2156bdf923a180ee73fa4fe0ed030334ee1d688dedf53876600

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 29 Jan 2024 20:50:20 GMT
host-header: WordPress.com
link: <https://wp.me/7RGGM>; rel=shortlink
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding accept, content-type, cookie
x-ac: 2.syd _bur MISS
x-hacker: Want root? Visit join.a8c.com/hacker and mention this header.

Redirect headers

Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Mon, 29 Jan 2024 20:50:19 GMT
Location: https://ref-lek-ti-one-rom-val.blog/
Server: nginx
X-ac: 2.syd _bur BYPASS

GET
H2 200 /
s0.wp.com/_static/ 5 KB
2 KB 212ms
68ms Stylesheet
text/css 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/_static/??-eJyFjcsOQiEMRH9IrGjiY2H8ll5oCFoouS0h/r24ugsXbs+cmYHRXJBqVA0WluQa95SrwpA1YlQXGFVJIejGtOBq+0l28KcOiWVB/nFL38wcE5kC9ZnKK5NjHGBUGqPNY7U303fgUe7+cjj748nfrs8PkPxEqg==&cssminify=yes
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 02f9d88f20a2389ec219ac0d59cf9748d8f8f552a16d592494018a21a04efa70

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Origin: https://ref-lek-ti-one-rom-val.blog
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-nc: HIT syd 2
date: Mon, 29 Jan 2024 20:50:20 GMT
content-encoding: br
x-ac: 2.syd _bur BYPASS
last-modified: Wed, 24 Jan 2024 19:06:57 GMT
server: nginx
etag: W/"65b15fd1-15a8"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
expires: Thu, 23 Jan 2025 19:07:23 GMT

GET
H2 200 style.css
s0.wp.com/wp-content/plugins/gutenberg-core/v17.5.2/build/block-library/ 110 KB
15 KB 212ms
69ms Stylesheet
text/css 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/plugins/gutenberg-core/v17.5.2/build/block-library/style.css?m=1706122120i&cssminify=yes
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 9a900c75ff4b94ebc8ba82768df4345bb01390ef53ed59b933cae77d6cbd351f

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Origin: https://ref-lek-ti-one-rom-val.blog
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-minify-cache: hit
date: Mon, 29 Jan 2024 20:50:20 GMT
content-encoding: br
x-ac: 2.syd _bur BYPASS
x-minify: t
alt-svc: h3=":443"; ma=86400
x-nc: HIT syd 2
server: nginx
etag: W/113055-1706122140419.649
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Thu, 23 Jan 2025 22:34:31 GMT

GET
H2 200 /
s0.wp.com/_static/ 159 KB
17 KB 213ms
69ms Stylesheet
text/css 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/_static/??-eJyVjV0OwiAQBi8kEKrR+mA8C4UN2br8hAVNby8mprEvGh8n+82semSB0VJzwGpmFcChAYIAsW4gk1mgCAJv7CIDRmmZd+qb3m+fvJFsivW1ydQ8Rla+dZygeDFRsrceg5qNvYn+NrUqfEGnuC4E/yeKqRg9/9BtemuD1KPUgjFkAlHgLg/KIdd1IdbQNVz0cdTjfhjOp/kJMmh7kg==&cssminify=yes
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 71df132c94f689f31822d47f4c4651b3639b7eb548a20bac80d9f30f686312a3

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Origin: https://ref-lek-ti-one-rom-val.blog
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-nc: HIT syd 2
date: Mon, 29 Jan 2024 20:50:20 GMT
content-encoding: br
x-ac: 2.syd _bur BYPASS
last-modified: Fri, 19 May 2023 01:53:10 GMT
server: nginx
etag: W/"6466d686-27db3"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
expires: Tue, 22 Oct 2024 20:49:47 GMT

GET
H2 200 /
s0.wp.com/_static/ 369 B
676 B 349ms
206ms Stylesheet
text/css 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/_static/??/wp-content/mu-plugins/core-compat/wp-mediaelement.css,/wp-content/mu-plugins/wpcom-bbpress-premium-themes.css?m=1432920480j&cssminify=yes
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 9c83b89ab9d2677980617afacb833a74da3050a2d3d711176b500d7922e49ab5

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Origin: https://ref-lek-ti-one-rom-val.blog
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-nc: HIT syd 2
date: Mon, 29 Jan 2024 20:50:20 GMT
x-ac: 2.syd _bur BYPASS
last-modified: Mon, 06 Dec 2021 05:28:46 GMT
server: nginx
etag: "61ad9f8e-171"
access-control-allow-methods: GET, HEAD
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 369
expires: Sun, 14 Apr 2024 13:36:53 GMT

GET
H2 200 /
s0.wp.com/_static/ 47 KB
10 KB 349ms
206ms Stylesheet
text/css 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/_static/??/wp-content/themes/pub/affinity/style.css,/wp-content/themes/pub/affinity/blocks.css?m=1566337076j&cssminify=yes
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 6550610a8b8c68c259d1b261e9d8eec342fbb65a1f8c74ba40a995aea363e4a5

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Origin: https://ref-lek-ti-one-rom-val.blog
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-nc: HIT syd 2
date: Mon, 29 Jan 2024 20:50:20 GMT
content-encoding: br
x-ac: 2.syd _bur BYPASS
last-modified: Fri, 19 May 2023 03:01:34 GMT
server: nginx
etag: W/"6466e68e-bbd7"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Oct 2024 21:48:21 GMT

GET
H2 200 css
fonts-api.wp.com/ 13 KB
1 KB 407ms
264ms Stylesheet
text/css 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts-api.wp.com/css?family=Raleway%3A400%2C400italic%2C700%2C700italic%7CLora%3A400%2C400italic%2C700%2C700italic&subset=latin%2Clatin-ext

Requested by

Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b958d10b8b3d47942c376576786aefa35104a54cb3470766386b5763eb63b1ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-nc: BYPASS syd 1
date: Mon, 29 Jan 2024 20:50:20 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0

GET
H2 200 /
s0.wp.com/_static/ 32 KB
17 KB 211ms
69ms Stylesheet
text/css 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/_static/??-eJx9jsEKwjAQRH/IuFRa0YP4KZKGbdya7IZmQ+nfm4KHgOJtHswbBtZknLAiK8RiUiieOMOMmqx7fRiiCMOD2IFHxoWqkX/Ho8v5AM2oPjFihlRGsNNETLrBPpR1C2jW5CR+Oc0Rj2KCOKtUH7RgpmBp+acuOAbxNXqorQZ36R5v3fkydKdr3/fzG1ivYgo=&cssminify=yes
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 35dfb3e21acbb626befad4937c1162b219c250ed0f863fa65d9fb2c9f9c1dabe

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Origin: https://ref-lek-ti-one-rom-val.blog
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-nc: HIT syd 2
date: Mon, 29 Jan 2024 20:50:20 GMT
content-encoding: br
x-ac: 2.syd _bur BYPASS
last-modified: Fri, 26 May 2023 19:31:02 GMT
server: nginx
etag: W/"647108f6-7e55"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
expires: Wed, 29 May 2024 16:44:00 GMT

GET
H2 200 global.css
s0.wp.com/wp-content/themes/h4/ 311 B
604 B 211ms
69ms Stylesheet
text/css 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/themes/h4/global.css?m=1420737423i&cssminify=yes
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 947d703f577549cbb0b1a4143f3b363ec9c7cf309587d5b12b87f0e64ff99db4

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Origin: https://ref-lek-ti-one-rom-val.blog
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-minify-cache: hit
x-nc: HIT syd 2
date: Mon, 29 Jan 2024 20:50:20 GMT
x-ac: 2.syd _bur BYPASS
server: nginx
x-minify: t
etag: W/471-1684465026935.076
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 311
expires: Thu, 30 May 2024 20:22:45 GMT

GET
H2 200 / Show response
s0.wp.com/_static/ 128 KB
43 KB 348ms
207ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/_static/??-eJyFjs1OAzEMhF8IN1skVHFAPArKjxt5m9jBcbb07bsV3Qq4cBp55rPH7twgChuyubm7KoEKwuioPq8eEB9lN/cn95vTYtBUvi5bRhzLSNhv4fw5UC932VXifyGolNUb/oS3tjqglZGJ1x205uPpPq/PCm/ex4KcRJ0fJtWbUXzQCyWUpti7C4NKcoWCMzkhQ1BKGf82hiL50XkWTT51iMX3/v16rM0tzzcBFoacmq4n3uvb/jBN02H/8jrNV6qmgC4=
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 1284252c0fbd4c05cf335d0e9694befe652a1fee9b55433c14a7014ab9754950

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Origin: https://ref-lek-ti-one-rom-val.blog
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-nc: HIT syd 2
date: Mon, 29 Jan 2024 20:50:20 GMT
content-encoding: br
x-ac: 2.syd _bur BYPASS
last-modified: Wed, 15 Nov 2023 18:06:43 GMT
server: nginx
etag: W/"655508b3-2018d"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
expires: Thu, 14 Nov 2024 18:33:51 GMT

GET
BLOB 200
OK 246d7ff7-abaf-41c8-a3c7-e6fab1287fe4
https://ref-lek-ti-one-rom-val.blog/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ref-lek-ti-one-rom-val.blog/246d7ff7-abaf-41c8-a3c7-e6fab1287fe4
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H3 200 wpcom-gray-white.png
s0.wp.com/i/logo/ 8 KB
8 KB 209ms
70ms Image
image/png 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s0.wp.com/i/logo/wpcom-gray-white.png
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: c0e93b5ebf107af77d9e7d101d186b3b93e9d5ad4fbb6a74e2dea60173cc04f8

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-nc: HIT syd 2
date: Mon, 29 Jan 2024 20:50:20 GMT
x-ac: 2.syd _bur MISS
last-modified: Fri, 19 May 2023 02:57:50 GMT
server: nginx
etag: "6466e5ae-200b"
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 8203
expires: Sat, 09 Nov 2024 15:08:24 GMT

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/3905/ 107 KB
37 KB 631ms
210ms Script
application/javascript 23.55.38.27
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/3905/smart.js
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.38.27 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-55-38-27.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 28725bb710c49bdbc2c33ae596fbd6d897715d2a8283c768f7ea29819406d9f9

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 29 Jan 2024 20:50:20 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=7200
Connection: keep-alive
Content-Length: 37097
Expires: Mon, 29 Jan 2024 22:50:20 GMT

GET
H2 200 / Show response
s0.wp.com/_static/ 68 KB
20 KB 155ms
155ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/_static/??-eJyVjsFOAzEMRH+I1C1CRRwQ3+ImTvBu4kRrh6V/T9oKtao40OvMvJmBtTlfxUgMDrkm13JPLAprXQIGdT6jKilMV0kLLraZ9Alu4NKvKIdEpkB9uHVmchlXMCoto9Gdft9jn1RGpvUDYIwsbEc4PbDzhbiMWMNEvxiLzz1c/nEZhuaKgcKmsPyVKahVluOt/c/lLt64ij6GCX5xwhP4GKczN5dZZher7+oif4+Cj/K+e93udy/Pb/vt9AMBPqYd
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: c1e19fc3e6904501de37c171da1f3747ed0dfccf0e02277e9f50e1153e4a6277

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Origin: https://ref-lek-ti-one-rom-val.blog
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-nc: HIT syd 2
date: Mon, 29 Jan 2024 20:50:20 GMT
content-encoding: br
x-ac: 2.syd _bur BYPASS
last-modified: Thu, 25 Jan 2024 00:36:10 GMT
server: nginx
etag: W/"65b1acfa-110fc"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
expires: Sun, 26 Jan 2025 20:11:40 GMT

GET
H2 200 w.js Show response
stats.wp.com/ 12 KB
5 KB 210ms
68ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/w.js?67
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 79674b01741c3978417b6b9b4b98d125755e7bb468979d5cd593eac4b94cdb91

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-minify-cache: miss
x-nc: HIT syd
date: Mon, 29 Jan 2024 20:50:20 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/12827-1705538370071.9917
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
expires: Fri, 17 Jan 2025 00:39:37 GMT

GET
H/1.1 200
OK conf Show response
s.pubmine.com/ 8 KB
3 KB 1043ms
171ms Script
text/javascript 184.169.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pubmine.com/conf?gdpr=0&pp.pt=0&pp.ht=0&pp.tn=affinity&pp.uloggedin=0&pp.amp=false&pp.consent=0&pp.gdpr_applies=false&pp.ad.label.text=Annonser&pp.ad.reportAd.text=Rapportera%20denna%20annons&pp.siteid=8982&pp.blogid=116229836&rid=1297532969793&ref=https%3A%2F%2Fref-lek-ti-one-rom-val.blog%2F&vp=1600x1200&cb=callback__lrzelvrm_1
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.169.159.105 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-184-169-159-105.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 202089342de87a37bfe8232e213d337b276253b318f9ffce0fc5f9fecf3f7020

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 29 Jan 2024 20:50:21 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 553ms
152ms Script
text/javascript 2404:6800:4006:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:809::2008 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 29 Jan 2024 19:17:21 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5580
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Mon, 29 Jan 2024 21:17:21 GMT

GET
H3 200 autumn.jpg
s0.wp.com/wp-content/themes/pub/affinity/assets/img/ 507 KB
507 KB 202ms
69ms Image
image/jpeg 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s0.wp.com/wp-content/themes/pub/affinity/assets/img/autumn.jpg
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 482557e9a36abd333794bc970936371d1e516a179f73fb5765f67af03c854e98

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-nc: HIT syd 2
date: Mon, 29 Jan 2024 20:50:20 GMT
x-ac: 2.syd _bur MISS
last-modified: Mon, 06 Dec 2021 06:44:47 GMT
server: nginx
etag: "61adb15f-7eb07"
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 518919
expires: Sun, 14 Apr 2024 13:50:56 GMT

GET
H2 200 0QIvMX1D_JOuMwr7I_FMl_E.woff2
fonts.wp.com/s/lora/v32/ 35 KB
35 KB 72ms
69ms Font
font/woff2 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.wp.com/s/lora/v32/0QIvMX1D_JOuMwr7I_FMl_E.woff2

Requested by

Host: fonts-api.wp.com
URL: https://fonts-api.wp.com/css?family=Raleway%3A400%2C400italic%2C700%2C700italic%7CLora%3A400%2C400italic%2C700%2C700italic&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

963ef2b3b0a8b5db60d69df5814239c385bc4e8e8781c6c24bc7390457e1e6dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts-api.wp.com/
Origin: https://ref-lek-ti-one-rom-val.blog
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-nc: HIT syd 2
date: Mon, 29 Jan 2024 20:50:20 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Feb 2023 21:46:02 GMT
server: nginx
age: 352067
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 36036
x-xss-protection: 0

GET
H2 200 1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
fonts.wp.com/s/raleway/v29/ 42 KB
43 KB 85ms
82ms Font
font/woff2 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.wp.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2

Requested by

Host: fonts-api.wp.com
URL: https://fonts-api.wp.com/css?family=Raleway%3A400%2C400italic%2C700%2C700italic%7CLora%3A400%2C400italic%2C700%2C700italic&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

de87ef766937eaf5107ea3e9a2a378f39aa123abfc451de76e011f887be28b39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts-api.wp.com/
Origin: https://ref-lek-ti-one-rom-val.blog
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-nc: HIT syd 2
date: Mon, 29 Jan 2024 20:50:20 GMT
x-content-type-options: nosniff
last-modified: Thu, 14 Sep 2023 00:53:11 GMT
server: nginx
age: 14243
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 43448
x-xss-protection: 0

GET
H2 200 0QIhMX1D_JOuMw_LIftLtfOm8w.woff2
fonts.wp.com/s/lora/v32/ 38 KB
39 KB 72ms
69ms Font
font/woff2 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.wp.com/s/lora/v32/0QIhMX1D_JOuMw_LIftLtfOm8w.woff2

Requested by

Host: fonts-api.wp.com
URL: https://fonts-api.wp.com/css?family=Raleway%3A400%2C400italic%2C700%2C700italic%7CLora%3A400%2C400italic%2C700%2C700italic&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

9da68a2041121bd70ba1224bd2240dea9ef6ca2e8a07d500c4d74d731c127f13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts-api.wp.com/
Origin: https://ref-lek-ti-one-rom-val.blog
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-nc: HIT syd 2
date: Mon, 29 Jan 2024 20:50:20 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Feb 2023 21:46:04 GMT
server: nginx
age: 354126
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 39380
x-xss-protection: 0

GET
H2 200 g.gif
pixel.wp.com/ 50 B
177 B 71ms
68ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=wpcom-no-pv&x_mobile_platforms=iphone&x_mobile_devices=iphone&baba=0.6861642135664843
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin: *
date: Mon, 29 Jan 2024 20:50:21 GMT
cache-control: no-cache
server: nginx
alt-svc: h3=":443"; ma=86400
content-length: 50
content-type: image/gif

GET
H2 200 g.gif
pixel.wp.com/ 50 B
177 B 70ms
68ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.9222315088060384
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin: *
date: Mon, 29 Jan 2024 20:50:21 GMT
cache-control: no-cache
server: nginx
alt-svc: h3=":443"; ma=86400
content-length: 50
content-type: image/gif

GET
H2 200 g.gif
pixel.wp.com/ 50 B
177 B 70ms
69ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?blog=116229836&v=wpcom&tz=1&user_id=0&subd=reflektioneromval&host=ref-lek-ti-one-rom-val.blog&ref=&rand=0.11653177366326406
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin: *
date: Mon, 29 Jan 2024 20:50:21 GMT
cache-control: no-cache
server: nginx
alt-svc: h3=":443"; ma=86400
content-length: 50
content-type: image/gif

GET
H2 200 g.gif
pixel.wp.com/ 50 B
177 B 70ms
69ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?crypt=UE5XaGUuOTlwaD85flAmcm1mcmZsaDhkV11YdWtpP0NsWnVkPS9sL0ViLndld3BmVVV5STAyWFEzVzJXZDcyU1V3aUFpRnkzJnhubFtPZUJ8TmJnOE9kWm9DWVQuY1FiaWkuUkVpMGNOSzh2OGVOLFYxZnV4RkFOUj1IZjVfaD9uenlXamMmODhBJTAzVzFSSEh8cysteklmR1VofjlLOVFhLUlNPzltUzZHUS0vbnJMP0dPLGY%2FU1VhfDkvLGlxbkQ%2FMFFORnY%2FS1l0Vi9GdGZ1ayxfenE1dG5rTlhqMy5PT2diVHlLWywuYnFySytlWFBVV3Y2YitUfHFWSWEwc0psYzdfdy00Li9yfE5lRjMrdTNwLFNwTjFxckVHSTJ6T0s%3D&v=wpcom-no-pv&rand=0.8259776992224852
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin: *
date: Mon, 29 Jan 2024 20:50:21 GMT
cache-control: no-cache
server: nginx
alt-svc: h3=":443"; ma=86400
content-length: 50
content-type: image/gif

GET
H3 200 wp-emoji-release.min.js Show response
s0.wp.com/wp-includes/js/ 18 KB
5 KB 71ms
70ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-includes/js/wp-emoji-release.min.js?m=1677072837i&ver=6.5-alpha-57321
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-nc: HIT syd 2
date: Mon, 29 Jan 2024 20:50:21 GMT
content-encoding: br
x-ac: 2.syd _bur MISS
last-modified: Fri, 19 May 2023 02:58:04 GMT
server: nginx
etag: W/"6466e5bc-4904"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
expires: Tue, 28 Jan 2025 14:56:32 GMT

GET
H2 200 / Show response
public-api.wordpress.com/geo/ 136 B
367 B 362ms
218ms XHR
application/json 192.0.78.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://public-api.wordpress.com/geo/

Requested by

Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9b09fce25bd8c396410d60a125123e72e75042ce6a2637c23d647a26d47d10c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-hacker: Want root? Visit join.a8c.com/hacker and mention this header.
date: Mon, 29 Jan 2024 20:50:21 GMT
content-encoding: br
x-ac: 1.syd _bur BYPASS
strict-transport-security: max-age=31536000
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
host-header: WordPress.com
alt-svc: h3=":443"; ma=86400

POST
H2 200 102.json Show response
id5-sync.com/g/v2/ 630 B
1 KB 967ms
322ms XHR
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/102.json

Requested by

Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/3905/smart.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

820499f827121023aaa9f93a0abb0bea4c3a318737bd14689bb9c81cbc4afb2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ref-lek-ti-one-rom-val.blog
date: Mon, 29 Jan 2024 20:50:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
p3p: CP="CAO PSA OUR"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/164116/11712/ 438 KB
141 KB 216ms
70ms Script
application/javascript 23.198.59.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/164116/11712/pwt.js
Requested by: Host: s0.wp.com
URL: https://s0.wp.com/_static/??-eJyVjsFOAzEMRH+I1C1CRRwQ3+ImTvBu4kRrh6V/T9oKtao40OvMvJmBtTlfxUgMDrkm13JPLAprXQIGdT6jKilMV0kLLraZ9Alu4NKvKIdEpkB9uHVmchlXMCoto9Gdft9jn1RGpvUDYIwsbEc4PbDzhbiMWMNEvxiLzz1c/nEZhuaKgcKmsPyVKahVluOt/c/lLt64ij6GCX5xwhP4GKczN5dZZher7+oif4+Cj/K+e93udy/Pb/vt9AMBPqYd
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.198.59.89 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-198-59-89.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8664f6b61a5bdf0f339c1ef04532e924a52f6b77003c6fb47da16ab4a779d008

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 29 Jan 2024 20:50:21 GMT
content-encoding: gzip
last-modified: Tue, 23 Jan 2024 18:00:56 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=110868
accept-ranges: bytes
content-length: 144238
expires: Wed, 31 Jan 2024 03:38:09 GMT

GET
H2 200 remote-login.php Show response
r-login.wordpress.com/ Frame 0E7F 229 B
454 B 401ms
253ms Document
text/html 192.0.78.19
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://r-login.wordpress.com/remote-login.php?wpcom_remote_login=key&origin=aHR0cHM6Ly9yZWYtbGVrLXRpLW9uZS1yb20tdmFsLmJsb2c%3D&wpcomid=116229836&time=1706561420

Requested by

Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.19 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

1b3ca133575b7b4eaba1afdd8eacb98be8605603d323360ae79b094d90710277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, must-revalidate, max-age=0
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 29 Jan 2024 20:50:21 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding Cookie
x-ac: 1.syd _dfw MISS

POST
H2 200 __utm.gif Show response
ssl.google-analytics.com/j/ 1 B
215 B 250ms
249ms XHR
text/plain 2404:6800:4006:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/j/__utm.gif?utmwv=5.7.2&utms=1&utmn=14240856&utmhn=ref-lek-ti-one-rom-val.blog&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=P%C3%A5%20nya%20%C3%A4ventyr%20%E2%80%93%20En%20resa%20genom%20fr%C3%A4mmande%20land&utmhid=797351758&utmr=-&utmp=%2F&utmht=1706561421436&utmac=UA-52447-2&utmcc=__utma%3D1.1332862310.1706561421.1706561421.1706561421.1%3B%2B__utmz%3D1.1706561421.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&aip=1&utmjid=265129157&utmredir=1&utmu=uhQAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: ssl.google-analytics.com
URL: https://ssl.google-analytics.com/ga.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:809::2008 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 20:50:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ref-lek-ti-one-rom-val.blog
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 floors.json Show response
ads.pubmatic.com/AdServer/js/pwt/floors/164116/11712/ 186 B
566 B 209ms
69ms Fetch
application/json 23.198.59.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/floors/164116/11712/floors.json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/164116/11712/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.198.59.89 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-198-59-89.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 28f17848c3b64ee19d529aa7caeedd1e2a389837e1310fb74e6175a7ce5cb185

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
content-type: text/plain

Response headers

date: Mon, 29 Jan 2024 20:50:21 GMT
content-encoding: gzip
last-modified: Fri, 15 Dec 2023 16:05:33 GMT
server: Apache
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: *
content-type: application/json
cache-control: public, max-age=12554
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 159
expires: Tue, 30 Jan 2024 00:19:35 GMT

GET
H2 200 geo Show response
ut.pubmatic.com/ 12 B
93 B 481ms
157ms Fetch
application/json 67.199.150.80
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://ut.pubmatic.com/geo?pubid=164116
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/164116/11712/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.199.150.80 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: 667bf42b6718c05fa0121720bc1d20d73e2a0e33a7d4df9c9255e0bc95beda86

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Mon, 29 Jan 2024 20:43:58 GMT
cache-control: max-age=172800
content-length: 12
content-type: application/json

GET
H2 200 ata.js Show response
c0.pubmine.com/2.39.01695837358837/ 216 KB
58 KB 214ms
69ms Script
text/javascript 192.0.77.38
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.pubmine.com/2.39.01695837358837/ata.js

Requested by

Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.38 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

c6f921178c04e85a2499b306b750c3404727a71e251c88d8d4b905aba13545ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-nc: HIT syd 1
date: Mon, 29 Jan 2024 20:50:22 GMT
content-encoding: gzip
strict-transport-security: max-age=15552000
last-modified: Wed, 27 Sep 2023 18:00:45 GMT
server: nginx
x-amz-cf-pop: LAX53-P1
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400

GET
H2

404

264.gif
id5-sync.com/k/
Redirect Chain

https://id5-sync.com/i/102/8.gif?id5id=ID5*NUy7jglEvtOzFSgOZjE37dfTEpwJApePlDd-BVkQpSOALdkTYhF-wN_LIw7Zr-ZdgC5mjcIxqJCKLLsT5TFT-w&o=api&gdpr_consent=undefined&gdpr=0
https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-a6a4R5765o4gt_5ynLs5_WXf9rHLFpFE3Qa1yz6pQA&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F7%2F2.gif%3Fpuid%3DSMART_...
https://id5-sync.com/c/102/102/7/2.gif?puid=1006051374732706466&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
https://id5-sync.com/k/264.gif?puid=84aafd0b-0af4-4d9d-8b79-676c6031532d&ttl=%%TTL%%

43 B
43 B

319ms
319ms

Image
text/html

141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/k/264.gif?puid=84aafd0b-0af4-4d9d-8b79-676c6031532d&ttl=%%TTL%%

Requested by

Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/

Protocol

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

5f789ccae156b160492d89a6146b1974d15128790b74abb995d8e89fa44cde5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 29 Jan 2024 20:50:23 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: text/html;charset=utf-8

Redirect headers

location: https://id5-sync.com/k/264.gif?puid=84aafd0b-0af4-4d9d-8b79-676c6031532d&ttl=%%TTL%%
date: Mon, 29 Jan 2024 20:50:23 GMT
server: Kestrel
content-length: 199

GET
H/1.1

200
OK

match Show response
s.pubmine.com/ Frame DB99
Redirect Chain

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D13%26external_user_id%3D%5BUID%5D%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%...
https://s.pubmine.com/match?bidder_id=13&external_user_id=4d30d4a0-0316-4953-b820-f61396106e9a&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=

43 B
818 B

287ms
168ms

Document
image/gif

184.169.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pubmine.com/match?bidder_id=13&external_user_id=4d30d4a0-0316-4953-b820-f61396106e9a&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.169.159.105 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-184-169-159-105.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: image/gif
Date: Mon, 29 Jan 2024 20:50:23 GMT
Server: nginx
Transfer-Encoding: chunked

Redirect headers

Cache-Control: no-cache, no-store, private
Content-Length: 0
Content-Type: text/plain; charset=utf8
Date: Mon, 29 Jan 2024 20:50:22 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://s.pubmine.com/match?bidder_id=13&external_user_id=4d30d4a0-0316-4953-b820-f61396106e9a&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Server: sonobi-go
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: go-lax-1-5-92
X-Xss-Protection: 0

GET
H/1.1 200
OK uc.html Show response
sync.go.sonobi.com/ Frame 81FB 1 KB
1 KB 753ms
186ms Document
text/html 72.34.250.75
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?

Requested by

Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

72.34.250.75 Hemet, United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

cda692c4f59ce9eccdff074cdee62a9fb02477d7bae319bbc3d3544606562e4a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, private
Content-Encoding: gzip
Content-Length: 616
Content-Type: text/html
Date: Mon, 29 Jan 2024 20:50:22 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Server: sonobi-go
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: go-lax-1-5-84
X-Xss-Protection: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 2DD5 16 KB
6 KB 70ms
70ms Document
text/html 23.198.59.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D11%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.198.59.89 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-198-59-89.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=25478
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Mon, 29 Jan 2024 20:50:22 GMT
expires: Tue, 30 Jan 2024 03:55:00 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1

200
OK

match Show response
s.pubmine.com/ Frame 44DE
Redirect Chain

https://ups.analytics.yahoo.com/ups/58666/occ?uid=4435b34d-7403-44d2-a649-cc1135ee9408&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58666/occ?uid=4435b34d-7403-44d2-a649-cc1135ee9408&gdpr=0&gdpr_consent=&verify=true
https://s.pubmine.com/match?bidder_id=27&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&external_user_id=y-lf_hXTdE2uHP6uZlRlweynt9M76IPENq1YAE9tM-~A&gdpr=0

43 B
735 B

284ms
168ms

Document
image/gif

184.169.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pubmine.com/match?bidder_id=27&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&external_user_id=y-lf_hXTdE2uHP6uZlRlweynt9M76IPENq1YAE9tM-~A&gdpr=0
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.169.159.105 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-184-169-159-105.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: image/gif
Date: Mon, 29 Jan 2024 20:50:23 GMT
Server: nginx
Transfer-Encoding: chunked

Redirect headers

age: 0
content-length: 0
date: Mon, 29 Jan 2024 20:50:22 GMT
location: https://s.pubmine.com/match?bidder_id=27&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&external_user_id=y-lf_hXTdE2uHP6uZlRlweynt9M76IPENq1YAE9tM-~A&gdpr=0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.10.94
strict-transport-security: max-age=31536000

GET
H/1.1

200
OK

match Show response
s.pubmine.com/ Frame 0CDB
Redirect Chain

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&US_privacy=&redirectUri=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D23%26ssp_data%3D4435b34d-7403-44d2-a649-c...
https://s.pubmine.com/match?bidder_id=23&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=2350732139629937322

43 B
768 B

275ms
168ms

Document
image/gif

184.169.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pubmine.com/match?bidder_id=23&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=2350732139629937322
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.169.159.105 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-184-169-159-105.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: image/gif
Date: Mon, 29 Jan 2024 20:50:23 GMT
Server: nginx
Transfer-Encoding: chunked

Redirect headers

content-length: 0
date: Mon, 29 Jan 2024 20:50:22 GMT
location: https://s.pubmine.com/match?bidder_id=23&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=2350732139629937322

GET
H2

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 5A2E
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=197465&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D21%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%...
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D21%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_conse...

295 B
483 B

181ms
180ms

Document
text/html

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D21%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D&gdpr=0&gdpr_consent=&s=197465&us_privacy=&C=1
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aea0ca7e2cf658b802e1dfa9c69b17fc6b701f22935c8d323382458b1798288a

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 84d458daf9d550c2-AKL
content-encoding: br
content-type: text/html
date: Mon, 29 Jan 2024 20:50:22 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YKNc1SqQknwobUrPBoQzj5eFIsAxuK8du%2FU7zpS%2BQ71JJHpiIcr7vgJ08X3D95MC9nEeFoREFw3CvuGqmd%2BWN5zs5Dk%2B%2BCQtaC%2BgIV2seGJUluvxDVj1uX6ZzMnmbSgGk%2FtTlb6ocAGSvw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 84d458d9dfb050c2-AKL
content-length: 0
date: Mon, 29 Jan 2024 20:50:22 GMT
expires: 0
location: /usermatch?cb=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D21%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D&gdpr=0&gdpr_consent=&s=197465&us_privacy=&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KRrbDh4L5GUx7E7s3Mz59UFEGsgDwtSZnm0JLZ77Q2bhBKEhNRsPaMw7cKkvOiBZDIf4ZOfZRHhWk9m9445Cr7rdAMDIlDAaLwRti3SnAbt5VzuNRd0i02hmytgGcHSINGwpC4Pin6SrQg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2

200

/ Show response
hde.tynt.com/deb/ Frame 0D81
Redirect Chain

https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3D4435b34d-740...
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3D4435b34d-7403-44d2-a...
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3D4435b34d-7403-44d2-...

1 KB
2 KB

226ms
220ms

Document
text/html

67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D&b=1
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: 5e2a013bec81adba8c4fa7ae3e4ff0d238a34b0e8ebe301d8b3866d1cdcbb326

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length: 1290
content-type: text/html
date: Mon, 29 Jan 2024 20:50:23 GMT
expires: Sat, 26 Jul 1997 05:00:00 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy: unsafe-url

Redirect headers

accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length: 0
date: Mon, 29 Jan 2024 20:50:22 GMT
expires: Sat, 26 Jul 1997 05:00:00 GMT
location: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D&b=1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy: unsafe-url

GET
H2 200 usersync.html Show response
ad-cdn.technoratimedia.com/html/ Frame 8B76 17 KB
7 KB 248ms
60ms Document
text/html 2606:2800:10c:84af:88cd:a4c9:e204:b71d
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ad-cdn.technoratimedia.com/html/usersync.html?cb=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D30%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D%5BUSER_ID%5D
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:10c:84af:88cd:a4c9:e204:b71d , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nwa/E799) /
Resource Hash: 2bd27fb4cdd30b9b0c730e44a8ec482a49dbf95eaa5c3f399c816dfef9990beb

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,date,etag,opc-client-info,opc-request-id,x-api-id
age: 796
cache-control: max-age=900
content-encoding: gzip
content-length: 6048
content-md5: jpm9v92eYnJZrYEV0creyA==
content-type: text/html; charset=utf-8
date: Mon, 29 Jan 2024 20:50:22 GMT
etag: 84d4a6e5-3860-4103-9387-92737002d50d
expires: Mon, 29 Jan 2024 21:05:22 GMT
last-modified: Wed, 16 Aug 2023 20:56:04 GMT
opc-request-id: iad-1:Bnjmvu5i7Mv2VGU2R-TlzQ_yIz-hw2uNDSq-XhQEm6m6hJ7osHqF4g6k8X8HOUzc
server: ECAcc (nwa/E799)
storage-tier: Standard
vary: Accept-Encoding
version-id: ff6bccb1-2ffd-4aa2-bd14-9776592cc90b
x-api-id: native
x-cache: HIT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame BE3C 16 KB
6 KB 70ms
69ms Document
text/html 23.198.59.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D26%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.198.59.89 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-198-59-89.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=25478
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Mon, 29 Jan 2024 20:50:22 GMT
expires: Tue, 30 Jan 2024 03:55:00 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2

200

/ Show response
de.tynt.com/deb/ Frame E8D0
Redirect Chain

https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privac...
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_priva...

2 KB
3 KB

660ms
220ms

Document
text/html

67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: 132f31fc74c7d18884c7c9163058e34a1d37acc7631232ea21baee9c3b90beaf

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length: 2242
content-type: text/html
date: Mon, 29 Jan 2024 20:50:23 GMT
expires: Sat, 26 Jul 1997 05:00:00 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy: unsafe-url

Redirect headers

accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
content-length: 171
content-type: text/html; charset=utf-8
date: Mon, 29 Jan 2024 20:50:22 GMT
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
location: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server: nginx/1.16.1

GET
H/1.1

200
OK

match Show response
s.pubmine.com/ Frame E11F
Redirect Chain

https://visitor.omnitagjs.com/visitor/bsync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=0&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D22%26ssp_da...
https://s.pubmine.com/match?bidder_id=22&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=53ae31b4630b4509b188d93fcbe10a57

43 B
677 B

258ms
169ms

Document
image/gif

184.169.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pubmine.com/match?bidder_id=22&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=53ae31b4630b4509b188d93fcbe10a57
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.169.159.105 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-184-169-159-105.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: image/gif
Date: Mon, 29 Jan 2024 20:50:23 GMT
Server: nginx
Transfer-Encoding: chunked

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 29 Jan 2024 20:50:22 GMT
expires: 0
location: https://s.pubmine.com/match?bidder_id=22&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=53ae31b4630b4509b188d93fcbe10a57
p3p: CP="CAO PSA OUR"
pragma: no-cache
vary: Accept-Encoding
via: kong/2.8.3
x-content-type-options: nosniff
x-kong-proxy-latency: 0
x-kong-upstream-latency: 17

GET
H/1.1

200
OK

match Show response
s.pubmine.com/ Frame 1ECA
Redirect Chain

https://sync.inmobi.com/prebid?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D20%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy...
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&us_privacy=&callback=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D20%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_priva...
https://s.pubmine.com/match?bidder_id=20&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=ID5-a6a4R5765o4gt_5ynLs5_WXf9rHLFpFE3Qa1yz6pQA

43 B
1 KB

170ms
170ms

Document
image/gif

184.169.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pubmine.com/match?bidder_id=20&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=ID5-a6a4R5765o4gt_5ynLs5_WXf9rHLFpFE3Qa1yz6pQA
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.169.159.105 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-184-169-159-105.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: image/gif
Date: Mon, 29 Jan 2024 20:50:23 GMT
Server: nginx
Transfer-Encoding: chunked

Redirect headers

date: Mon, 29 Jan 2024 20:50:22 GMT
location: https://s.pubmine.com/match?bidder_id=20&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=ID5-a6a4R5765o4gt_5ynLs5_WXf9rHLFpFE3Qa1yz6pQA
p3p: CP="CAO PSA OUR"
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H/1.1

200
OK

match Show response
s.pubmine.com/ Frame 6A6C
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D18%26external_user_id%3D%24%7BBSW_UUID%7D%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privac...
https://s.pubmine.com/match?bidder_id=18&external_user_id=&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=

43 B
286 B

265ms
169ms

Document
image/gif

184.169.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pubmine.com/match?bidder_id=18&external_user_id=&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.169.159.105 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-184-169-159-105.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: image/gif
Date: Mon, 29 Jan 2024 20:50:23 GMT
Server: nginx
Transfer-Encoding: chunked

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Mon, 29 Jan 2024 20:50:22 GMT
Location: https://s.pubmine.com/match?bidder_id=18&external_user_id=&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=
Server: nginx

GET
H/1.1

200
OK

match Show response
s.pubmine.com/ Frame B234
Redirect Chain

https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D29%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent...
https://s.pubmine.com/match?bidder_id=29&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=e0208b8364

43 B
558 B

180ms
170ms

Document
image/gif

184.169.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pubmine.com/match?bidder_id=29&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=e0208b8364
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.169.159.105 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-184-169-159-105.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: image/gif
Date: Mon, 29 Jan 2024 20:50:22 GMT
Server: nginx
Transfer-Encoding: chunked

Redirect headers

cache-control: no-cache, must-revalidate
content-length: 0
date: Mon, 29 Jan 2024 20:50:22 GMT
location: https://s.pubmine.com/match?bidder_id=29&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=e0208b8364
server: CloudFront
via: 1.1 fd2442d18add87f1fea3351cec311828.cloudfront.net (CloudFront)
x-amz-cf-id: XzoRxAEehBR-MoxlGrl_v3nYQq7xQIUKw_DDITVrF4msbrnE3n7rsw==
x-amz-cf-pop: SYD1-C1
x-cache: Miss from cloudfront

GET
H/1.1

200
OK

match Show response
s.pubmine.com/ Frame 9B52
Redirect Chain

https://ups.analytics.yahoo.com/ups/58366/occ?uid=4435b34d-7403-44d2-a649-cc1135ee9408
https://ups.analytics.yahoo.com/ups/58366/occ?uid=4435b34d-7403-44d2-a649-cc1135ee9408&verify=true
https://s.pubmine.com/match?bidder_id=15&external_user_id=y-y_Bcex1E2uHlIpDC2pNLAR0w.MVud0iB9cgGaoA-~A&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408

43 B
631 B

205ms
168ms

Document
image/gif

184.169.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pubmine.com/match?bidder_id=15&external_user_id=y-y_Bcex1E2uHlIpDC2pNLAR0w.MVud0iB9cgGaoA-~A&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.169.159.105 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-184-169-159-105.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: image/gif
Date: Mon, 29 Jan 2024 20:50:23 GMT
Server: nginx
Transfer-Encoding: chunked

Redirect headers

age: 0
content-length: 0
date: Mon, 29 Jan 2024 20:50:22 GMT
location: https://s.pubmine.com/match?bidder_id=15&external_user_id=y-y_Bcex1E2uHlIpDC2pNLAR0w.MVud0iB9cgGaoA-~A&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.10.94
strict-transport-security: max-age=31536000

GET
H2 200 prbds2s Show response
rtb.gumgum.com/usync/ Frame B67D 3 KB
1 KB 706ms
233ms Document
text/html 13.115.174.0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.115.174.0 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-115-174-0.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 492e3360fd48e4ecce938c07d1c35d06b129661bd0be387adda08e077b64c77a

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Mon, 29 Jan 2024 20:50:22 GMT
etag: W/"037d1dc8329c1e042431048597df3e776"
server: nginx
timing-allow-origin: *

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/ib/static/usersync/v3/ Frame D492 995 B
1 KB 113ms
35ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 17534836
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 506
Content-Type: text/html
Date: Mon, 29 Jan 2024 20:50:22 GMT
ETag: W/"573e714d-3e3"
Expires: Tue, 09 Jul 2024 22:03:08 GMT
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 5765, 8241
X-Served-By: cache-lga21923-LGA, cache-akl10331-AKL
X-Timer: S1706561422.396176,VS0,VE0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame B520 16 KB
6 KB 70ms
69ms Document
text/html 23.198.59.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156204&gdpr=0&gdpr_consent=
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.198.59.89 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-198-59-89.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=25478
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Mon, 29 Jan 2024 20:50:22 GMT
expires: Tue, 30 Jan 2024 03:55:00 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame D853 281 B
554 B 204ms
66ms Document
text/html 23.204.65.234
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.65.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-204-65-234.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 29 Jan 2024 20:50:22 GMT
ETag: "20524-119-60b38417c4040"
Last-Modified: Tue, 28 Nov 2023 15:41:45 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 6653 36 KB
12 KB 254ms
111ms Document
text/html 23.204.64.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?cid=8CU8HDVRS&cs=13

Requested by

Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.64.24 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-64-24.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

906f18075913738d5463a9d00bade872fd6aa0e7a6994a79b4447b0b14626ea7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=93600
cache-control: max-age=172800
content-encoding: gzip
content-length: 11880
content-type: text/html; charset=UTF-8
date: Mon, 29 Jan 2024 20:50:22 GMT
expires: Wed, 31 Jan 2024 20:50:22 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2

200

pd Show response
u.openx.net/w/1.0/ Frame 29CC
Redirect Chain

https://u.openx.net/w/1.0/pd
https://u.openx.net/w/1.0/pd?cc=1

199 B
235 B

165ms
164ms

Document
text/html

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd?cc=1
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 151
content-type: text/html
date: Mon, 29 Jan 2024 20:50:22 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 29 Jan 2024 20:50:22 GMT
location: https://u.openx.net/w/1.0/pd?cc=1
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
via: 1.1 google

GET
H2 200 iframe Show response
sync.teads.tv/ Frame 0689 153 B
305 B 489ms
286ms Document
text/html 23.204.65.54
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.teads.tv/iframe
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.65.54 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-204-65-54.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 716a727e47216ad28191f60fb09d59015b1bcb3df8cc32b5bb94f73d534a5732

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-length: 153
content-type: text/html; charset=UTF-8
date: Mon, 29 Jan 2024 20:50:22 GMT
expires: Mon, 29 Jan 2024 20:50:22 GMT
pragma: no-cache
server: pekko-http/1.0.0

GET
H/1.1 200
OK sync Show response
x.bidswitch.net/ Frame 8526 43 B
748 B 757ms
215ms Document
image/gif 35.213.12.39
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://x.bidswitch.net/sync?ssp=themediagrid&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 39.12.213.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Mon, 29 Jan 2024 20:50:22 GMT
Server: nginx

GET
DATA 200
OK truncated
/ 135 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a914ebd8267f0641e0ebd8333aa52a13ec9635160335147b7d90aed18c6db017

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK pixel
s.pubmine.com/ 43 B
286 B 169ms
169ms Image
image/gif 184.169.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.pubmine.com/pixel?id=15&type=img
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.169.159.105 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-184-169-159-105.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 29 Jan 2024 20:50:22 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H/1.1

200
OK

match
s.pubmine.com/
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=18894&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&gdpr=0&gdpr_consent=&us_privacy=
https://s.pubmine.com/match?bidder_id=14&external_user_id=LRZELXRL-1D-3W3N&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&gdpr=0

43 B
1 KB

170ms
170ms

Image
image/gif

184.169.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.pubmine.com/match?bidder_id=14&external_user_id=LRZELXRL-1D-3W3N&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&gdpr=0
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: HTTP/1.1
Server: 184.169.159.105 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-184-169-159-105.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 29 Jan 2024 20:50:23 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://s.pubmine.com/match?bidder_id=14&external_user_id=LRZELXRL-1D-3W3N&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 550b0c1400f70e56269f7c1848fb3166
Expires: 0

GET
H/1.1

200
OK

match
s.pubmine.com/
Redirect Chain

https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D12%26external_user_id%3D%24UID%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26ri...
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D12%26external_user_id%3D%24UID%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408...
https://s.pubmine.com/match?bidder_id=12&external_user_id=603368634042752454944&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=

43 B
853 B

481ms
168ms

Image
image/gif

184.169.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.pubmine.com/match?bidder_id=12&external_user_id=603368634042752454944&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: HTTP/1.1
Server: 184.169.159.105 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-184-169-159-105.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 29 Jan 2024 20:50:23 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

location: https://s.pubmine.com/match?bidder_id=12&external_user_id=603368634042752454944&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=
date: Mon, 29 Jan 2024 20:50:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

match
s.pubmine.com/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D10%26external_user_id%3D%24UID%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.pubmine.com%252Fmatch%253Fbidder_id%253D10%2526external_user_id%253D%2524UID%2526ssp_data%253D4435b34d-7403-44d2-a649-cc1135ee9408%2526...
https://s.pubmine.com/match?bidder_id=10&external_user_id=983861297989771225&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=

43 B
913 B

436ms
170ms

Image
image/gif

184.169.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.pubmine.com/match?bidder_id=10&external_user_id=983861297989771225&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: HTTP/1.1
Server: 184.169.159.105 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-184-169-159-105.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 29 Jan 2024 20:50:23 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 20:50:22 GMT
an-x-request-uuid: 13236ce0-0121-48ac-a8b8-9870ff1fc840
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://s.pubmine.com/match?bidder_id=10&external_user_id=983861297989771225&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=
x-proxy-origin: 103.75.11.107; 103.75.11.107; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

match
s.pubmine.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=wordpress&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&user_id=4435b34d-7403-44d2-a649-cc1135ee9408&gdpr=0&gdpr_consent=
https://s.pubmine.com/match?bidder_id=1&external_user_id=&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&gdpr=0&gdpr_consent=

43 B
286 B

427ms
168ms

Image
image/gif

184.169.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.pubmine.com/match?bidder_id=1&external_user_id=&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&gdpr=0&gdpr_consent=
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: HTTP/1.1
Server: 184.169.159.105 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-184-169-159-105.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 29 Jan 2024 20:50:23 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

Location: //s.pubmine.com/match?bidder_id=1&external_user_id=&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&gdpr=0&gdpr_consent=
Date: Mon, 29 Jan 2024 20:50:22 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

match
s.pubmine.com/
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D1%26external_user_id%3D%24%7BBSW_UUID%7D%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26gdpr%3D0%2...
https://s.pubmine.com/match?bidder_id=1&external_user_id=&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&gdpr=0&gdpr_consent=&us_privacy=

43 B
286 B

429ms
169ms

Image
image/gif

184.169.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.pubmine.com/match?bidder_id=1&external_user_id=&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: HTTP/1.1
Server: 184.169.159.105 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-184-169-159-105.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 29 Jan 2024 20:50:23 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

Location: https://s.pubmine.com/match?bidder_id=1&external_user_id=&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&gdpr=0&gdpr_consent=&us_privacy=
Date: Mon, 29 Jan 2024 20:50:22 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

match
s.pubmine.com/
Redirect Chain

https://ssc-cms.33across.com/ps/?ri=0010b00002CphGRAAZ&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26r...
https://s.pubmine.com/match?bidder_id=6&external_user_id=212440406140821&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=

43 B
881 B

455ms
168ms

Image
image/gif

184.169.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.pubmine.com/match?bidder_id=6&external_user_id=212440406140821&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: HTTP/1.1
Server: 184.169.159.105 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-184-169-159-105.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 29 Jan 2024 20:50:23 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 20:50:22 GMT
referrer-policy: unsafe-url
server: 33XP014
x-33x-status: 100000000008200000C
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://s.pubmine.com/match?bidder_id=6&external_user_id=212440406140821&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
BLOB 200
OK 99395e20-6e92-40cd-931e-fd4bb0ba2048
https://ref-lek-ti-one-rom-val.blog/ 2 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ref-lek-ti-one-rom-val.blog/99395e20-6e92-40cd-931e-fd4bb0ba2048
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b32ac08ac704f56f164eca7ed8dbc4ff2c50dff8f9e3527d2c52c93081672b02

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Length: 1572
Content-Type: text/javascript

GET
H2 200 UCookieSetPug Show response
image6.pubmatic.com/AdServer/ Frame B520 60 B
268 B 497ms
157ms Script
text/html 207.65.33.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156204&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.33.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 9ee6202a67a5fb72b72d7f98eeec222cccbe7da0cc58ebf3f15326653ea24608

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

content-type: text/html; charset=UTF-8
date: Mon, 29 Jan 2024 20:50:22 GMT
cache-control: private
expires: Sun, 28 Apr 2024 13:14:51 GMT
content-length: 60
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

bounce Show response
secure.adnxs.com/ Frame D492
Redirect Chain

https://secure.adnxs.com/async_usersync?cbfn=AN_async_load
https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load

0
646 B

155ms
155ms

Script
text/html

103.43.90.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load

Requested by

Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/

Protocol

Server

103.43.90.21 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 20:50:22 GMT
an-x-request-uuid: a61e4782-5076-4fe2-806d-2bb8ab420b81
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 103.75.11.107; 103.75.11.107; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 20:50:22 GMT
an-x-request-uuid: 887e66b1-d86d-497d-b4b5-34f199b09629
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load
cache-control: no-store, no-cache, private
x-proxy-origin: 103.75.11.107; 103.75.11.107; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jslog
s.pubmine.com/ 43 B
286 B 169ms
168ms Image
image/gif 184.169.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.pubmine.com/jslog?n=cmp%20ping%20returned%20error%20with%20data%3A%20%7B%22gdprApplies%22%3Afalse%2C%22cmpLoaded%22%3Afalse%2C%22cmpStatus%22%3A%22stub%22%2C%22displayStatus%22%3A%22disabled%22%2C%22apiVersion%22%3A%222%22%7D&pvid=8488a00b-3bdd-4740-b3be-67d241451657&s=err&v=2.39.01695837358837
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.169.159.105 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-184-169-159-105.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 29 Jan 2024 20:50:22 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

POST
H/1.1 200
OK adjr Show response
s.pubmine.com/ 123 B
787 B 338ms
171ms XHR
application/json 184.169.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pubmine.com/adjr?pvid=8488a00b-3bdd-4740-b3be-67d241451657&rid=1297532969793
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.169.159.105 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-184-169-159-105.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a7aa369071e3a50369a4511c4258ca53d1f041884bbeab829121914842ff60f2

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 29 Jan 2024 20:50:22 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://ref-lek-ti-one-rom-val.blog
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame D853 39 KB
11 KB 78ms
78ms Script
text/html 23.204.65.234
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.65.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-204-65-234.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b88bc818f09d63feaa1a980f7a5c59ef6afab11e7e426623b620fc50f1edf231

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 29 Jan 2024 20:50:22 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Jan 2024 05:22:09 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=30700
Connection: keep-alive
Content-Length: 10901
Expires: Tue, 30 Jan 2024 05:22:02 GMT

GET
H/1.1

200
OK

match
s.pubmine.com/ Frame 8B76
Redirect Chain

https://sync.technoratimedia.com/services?cb=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D30%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consen...
https://s.pubmine.com/match?bidder_id=30&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=GDPR

43 B
983 B

336ms
169ms

Image
image/gif

184.169.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.pubmine.com/match?bidder_id=30&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=GDPR
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: HTTP/1.1
Server: 184.169.159.105 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-184-169-159-105.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ad-cdn.technoratimedia.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 29 Jan 2024 20:50:23 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

date: Mon, 29 Jan 2024 20:50:23 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: text/plain; charset=utf-8
location: https://s.pubmine.com/match?bidder_id=30&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=GDPR
access-control-allow-origin: https://ad-cdn.technoratimedia.com/
x-varnish: 515340771
access-control-allow-credentials: true
content-length: 0

GET
H/1.1 200
OK match
s.pubmine.com/ Frame 5A2E 43 B
573 B 254ms
169ms Image
image/gif 184.169.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.pubmine.com/match?bidder_id=21&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=0
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D21%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D&gdpr=0&gdpr_consent=&s=197465&us_privacy=&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.169.159.105 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-184-169-159-105.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 29 Jan 2024 20:50:22 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame A28D 470 B
553 B 470ms
153ms Document
text/html 67.199.150.85
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?o=1&p=156204&sc=1&u=A67F380D-5739-4F34-9320-78030CEE7CBB&rs=3&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156204&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.199.150.85 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 946fca3834122da27d870ea4baae4040183c10a875cddc4e60c583444f823102

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 29 Jan 2024 20:50:23 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 0D12 470 B
402 B 470ms
154ms Document
text/html 67.199.150.85
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?o=1&p=156204&sc=1&u=A67F380D-5739-4F34-9320-78030CEE7CBB&rs=3&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156204&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.199.150.85 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 946fca3834122da27d870ea4baae4040183c10a875cddc4e60c583444f823102

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 29 Jan 2024 20:50:23 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame B67D
Redirect Chain

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
https://usersync.gumgum.com/usersync?b=apn&i=983861297989771225

35 B
250 B

859ms
238ms

Image
image/gif

54.238.120.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=apn&i=983861297989771225
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol: HTTP/1.1
Server: 54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Mon, 29 Jan 2024 20:50:23 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 20:50:23 GMT
an-x-request-uuid: 40ca8870-94f7-43f8-a2d1-bf8b4b1eec6b
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://usersync.gumgum.com/usersync?b=apn&i=983861297989771225
x-proxy-origin: 103.75.11.107; 103.75.11.107; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame B67D 43 B
235 B 266ms
214ms Image
image/gif 35.213.12.39
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_8e639607-c083-4681-a1c9-14d0375c0f7b&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 39.12.213.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 29 Jan 2024 20:50:23 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame B67D
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://usersync.gumgum.com/usersync?b=opx&i=14fa5110-6366-4174-8521-e9a57663e903

35 B
250 B

780ms
231ms

Image
image/gif

54.238.120.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=opx&i=14fa5110-6366-4174-8521-e9a57663e903
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol: HTTP/1.1
Server: 54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Mon, 29 Jan 2024 20:50:24 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

date: Mon, 29 Jan 2024 20:50:23 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://usersync.gumgum.com/usersync?b=opx&i=14fa5110-6366-4174-8521-e9a57663e903
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame B67D
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
https://qvdt3feo.com/sync?nid=1&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sta&i=0-3f034712-633b-5c9e-600d-bf13af836540$ip$103.75.11.107

35 B
250 B

234ms
233ms

Image
image/gif

54.238.120.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sta&i=0-3f034712-633b-5c9e-600d-bf13af836540$ip$103.75.11.107
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol: HTTP/1.1
Server: 54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Mon, 29 Jan 2024 20:50:24 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=sta&i=0-3f034712-633b-5c9e-600d-bf13af836540$ip$103.75.11.107
date: Mon, 29 Jan 2024 20:50:24 GMT
content-length: 127
content-type: text/html; charset=utf-8

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame B67D
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=oth&i=y-Imm6ag5E2pdeD1RHwBEauOSnGOKgsrBqYonm~A

35 B
250 B

661ms
235ms

Image
image/gif

54.238.120.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=oth&i=y-Imm6ag5E2pdeD1RHwBEauOSnGOKgsrBqYonm~A
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol: HTTP/1.1
Server: 54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Mon, 29 Jan 2024 20:50:24 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

date: Mon, 29 Jan 2024 20:50:23 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://usersync.gumgum.com/usersync?b=oth&i=y-Imm6ag5E2pdeD1RHwBEauOSnGOKgsrBqYonm~A
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame B67D
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync...
https://usersync.gumgum.com/usersync?b=vnt&i=013492e7-3182-4594-a1b9-0e05c56efc3f

35 B
250 B

315ms
238ms

Image
image/gif

54.238.120.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=vnt&i=013492e7-3182-4594-a1b9-0e05c56efc3f
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol: HTTP/1.1
Server: 54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Mon, 29 Jan 2024 20:50:24 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=vnt&i=013492e7-3182-4594-a1b9-0e05c56efc3f
Date: Mon, 29 Jan 2024 20:50:23 GMT
Connection: keep-alive
X-CI-RTID: 74994b3a-a9ba-4ccc-b801-379fc78ffaa2
Content-Length: 108
Content-Type: text/html; charset=utf-8

GET
H2 200 142
match.deepintent.com/usersync/ Frame B67D 0
44 B 803ms
230ms Image
text/plain 8.18.47.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.18.47.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 29 Jan 2024 20:50:23 GMT
content-length: 0
server: b

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame B67D
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=a_8e639607-c083-4681-a1c9-14d0375c0f7b&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=a_8e639607-c083-4681-a1c9-14d0375c0f7b&s=2&us_privacy=
https://usersync.gumgum.com/usersync?b=zem&i=C8qDO33Mo-ZerRQuGhw0&gdpr=0

35 B
250 B

235ms
235ms

Image
image/gif

54.238.120.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=zem&i=C8qDO33Mo-ZerRQuGhw0&gdpr=0
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol: HTTP/1.1
Server: 54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Mon, 29 Jan 2024 20:50:24 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 29 Jan 2024 20:50:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/html; charset=utf-8
Location: https://usersync.gumgum.com/usersync?b=zem&i=C8qDO33Mo-ZerRQuGhw0&gdpr=0
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 103
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1

400

usersync
usersync.gumgum.com/ Frame B67D
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://usersync.gumgum.com/usersync?b=pln&i=ZnbPqM40z0xa&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355

0
0

233ms
232ms

Image
text/html

54.238.120.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=pln&i=ZnbPqM40z0xa&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol: HTTP/1.1
Server: 54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Redirect headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: en-NZ
location: https://usersync.gumgum.com/usersync?b=pln&i=ZnbPqM40z0xa&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-75cb9dc7bc-br5lb
expires: -1

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame B67D
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sad&i=2159908696878776871

35 B
250 B

718ms
235ms

Image
image/gif

54.238.120.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sad&i=2159908696878776871
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol: HTTP/1.1
Server: 54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Mon, 29 Jan 2024 20:50:24 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=sad&i=2159908696878776871
date: Mon, 29 Jan 2024 20:50:23 GMT
content-length: 0

GET
H/1.1 200
OK match
s.pubmine.com/ Frame B67D 43 B
965 B 469ms
168ms Image
image/gif 184.169.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.pubmine.com/match?bidder_id=25&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=a_8e639607-c083-4681-a1c9-14d0375c0f7b
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.169.159.105 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-184-169-159-105.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 29 Jan 2024 20:50:23 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame B6F9
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=

35 B
499 B

190ms
190ms

Document
image/gif

185.84.60.20
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=

Requested by

Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Mon, 29 Jan 2024 20:50:23 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Mon, 29 Jan 2024 20:50:23 GMT
expires: -1
location: https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

pixel Show response
cm.g.doubleclick.net/ Frame 5F56
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV84ZTYzOTYwNy1jMDgzLTQ2ODEtYTFjOS0xNGQwMzc1YzBmN2I=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersyn...
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV84ZTYzOTYwNy1jMDgzLTQ2ODEtYTFjOS0xNGQwMzc1YzBmN2I=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersyn...

170 B
243 B

169ms
169ms

Document
image/png

172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV84ZTYzOTYwNy1jMDgzLTQ2ODEtYTFjOS0xNGQwMzc1YzBmN2I=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv&google_tc=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 170
content-type: image/png
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 20:50:23 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 436
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 20:50:23 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV84ZTYzOTYwNy1jMDgzLTQ2ODEtYTFjOS0xNGQwMzc1YzBmN2I=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv&google_tc=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 42CE 16 KB
6 KB 69ms
69ms Document
text/html 23.198.59.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.198.59.89 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-198-59-89.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=25477
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Mon, 29 Jan 2024 20:50:23 GMT
expires: Tue, 30 Jan 2024 03:55:00 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 438C
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=ttd&i=84aafd0b-0af4-4d9d-8b79-676c6031532d

35 B
250 B

605ms
234ms

Document
image/gif

54.238.120.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=ttd&i=84aafd0b-0af4-4d9d-8b79-676c6031532d
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Mon, 29 Jan 2024 20:50:23 GMT
Expires: 0
Pragma: no-cache

Redirect headers

content-length: 193
date: Mon, 29 Jan 2024 20:50:23 GMT
location: https://usersync.gumgum.com/usersync?b=ttd&i=84aafd0b-0af4-4d9d-8b79-676c6031532d
server: Kestrel

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 5F6C
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://usersync.gumgum.com/usersync?b=sus&i=ZbgPj8Co5ugAAGUQoXAAAAAA

35 B
250 B

296ms
234ms

Document
image/gif

54.238.120.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=sus&i=ZbgPj8Co5ugAAGUQoXAAAAAA
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Mon, 29 Jan 2024 20:50:23 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Cache-Control: private
Connection: keep-alive
Content-Length: 0
Date: Mon, 29 Jan 2024 20:50:23 GMT
Location: https://usersync.gumgum.com/usersync?b=sus&i=ZbgPj8Co5ugAAGUQoXAAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
Server: nginx
X-SO-Ads-Time: 2
X-SO-Cluster-ID: 0
X-SO-HostName: a-ad40036.dc2p.scaleout.jp
X-SO-IP: 103.75.11.107
X-SO-Key: ZbgPj8Co5ugAAGUQoXAAAAAA
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"103.75.11.107","key":"ZbgPj8Co5ugAAGUQoXAAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40036"}
X-SO-LB-Hostname: a-tgng40017.dc2p.scaleout.jp
X-SO-Upstream-ID: a-ad40036

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 3364
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://creativecdn.com/cm-notify?pi=gumgum&tc=1
https://usersync.gumgum.com/usersync?b=rth&i=s2EP478xQhhTsFMTfaJP4Q605rU-9RipGOe9CawUtbA&pi=gumgum&tc=1

35 B
250 B

235ms
235ms

Document
image/gif

54.238.120.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=rth&i=s2EP478xQhhTsFMTfaJP4Q605rU-9RipGOe9CawUtbA&pi=gumgum&tc=1
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Mon, 29 Jan 2024 20:50:24 GMT
Expires: 0
Pragma: no-cache

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Mon, 29 Jan 2024 20:50:24 GMT Mon, 29 Jan 2024 20:50:24 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://usersync.gumgum.com/usersync?b=rth&i=s2EP478xQhhTsFMTfaJP4Q605rU-9RipGOe9CawUtbA&pi=gumgum&tc=1
pragma: no-cache

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 45ED
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
https://eus.rubiconproject.com/usync.html?p=gumgum

281 B
554 B

68ms
68ms

Document
text/html

23.204.65.234
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.65.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-204-65-234.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 29 Jan 2024 20:50:23 GMT
ETag: "20524-119-60b38417c4040"
Last-Modified: Tue, 28 Nov 2023 15:41:45 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Mon, 29 Jan 2024 20:50:23 GMT
location: https://eus.rubiconproject.com/usync.html?p=gumgum
server: AkamaiGHost

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 81FB 43 B
235 B 231ms
213ms Image
image/gif 35.213.12.39
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
Requested by: Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 39.12.213.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://sync.go.sonobi.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 29 Jan 2024 20:50:23 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame 81FB
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=&gdpr=0&gdpr_consent=
https://sync.go.sonobi.com/us.gif?nw=td&nuid=84aafd0b-0af4-4d9d-8b79-676c6031532d&pubid=

49 B
881 B

186ms
186ms

Image
image/gif

72.34.250.75
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=td&nuid=84aafd0b-0af4-4d9d-8b79-676c6031532d&pubid=

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?

Protocol

HTTP/1.1

Server

72.34.250.75 Hemet, United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://sync.go.sonobi.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Pragma: no-cache
Date: Mon, 29 Jan 2024 20:50:23 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-lax-1-5-33
Content-Type: image/gif
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://sync.go.sonobi.com/us.gif?nw=td&nuid=84aafd0b-0af4-4d9d-8b79-676c6031532d&pubid=
date: Mon, 29 Jan 2024 20:50:23 GMT
server: Kestrel
content-length: 207

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame 81FB
Redirect Chain

https://p.rfihub.com/cm?pub=35683&in=1
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=4545175990075894257

49 B
864 B

186ms
186ms

Image
image/gif

72.34.250.75
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=zt&nuid=4545175990075894257

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?

Protocol

HTTP/1.1

Server

72.34.250.75 Hemet, United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://sync.go.sonobi.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Pragma: no-cache
Date: Mon, 29 Jan 2024 20:50:23 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-lax-1-5-38
Content-Type: image/gif
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: https://sync.go.sonobi.com/us.gif?nw=zt&nuid=4545175990075894257
Date: Mon, 29 Jan 2024 20:50:23 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame 81FB
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=286
https://qvdt3feo.com/sync?nid=286
https://sync.go.sonobi.com/us.gif?nw=st&nuid=PwNHEmM7XJ5gDb8Tr4NlQGdLC2s

49 B
872 B

186ms
186ms

Image
image/gif

72.34.250.75
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=st&nuid=PwNHEmM7XJ5gDb8Tr4NlQGdLC2s

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?

Protocol

HTTP/1.1

Server

72.34.250.75 Hemet, United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://sync.go.sonobi.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Pragma: no-cache
Date: Mon, 29 Jan 2024 20:50:24 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-lax-1-5-28
Content-Type: image/gif
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://sync.go.sonobi.com/us.gif?nw=st&nuid=PwNHEmM7XJ5gDb8Tr4NlQGdLC2s
date: Mon, 29 Jan 2024 20:50:24 GMT
content-length: 99
content-type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 81FB
Redirect Chain

https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=5d7bb849-d82a-4a41-a827-2b0111b53556&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=eVlLT2lxUm1iMHZRR29mRm5BamkyZw&gdpr=&gdpr_consent=

170 B
188 B

164ms
164ms

Image
image/png

172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=eVlLT2lxUm1iMHZRR29mRm5BamkyZw&gdpr=&gdpr_consent=

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?

Protocol

Server

172.217.24.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://sync.go.sonobi.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 20:50:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: en-NZ
location: https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=eVlLT2lxUm1iMHZRR29mRm5BamkyZw&gdpr=&gdpr_consent=
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-75cb9dc7bc-dtr4f
expires: -1

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame 81FB
Redirect Chain

https://creativecdn.com/cm-notify?pi=sonobi
https://creativecdn.com/cm-notify?pi=sonobi&tc=1
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=s2EP478xQhhTsFMTfaJP4Q605rU-9RipGOe9CawUtbA&pi=sonobi&tc=1

49 B
888 B

186ms
186ms

Image
image/gif

72.34.250.75
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=rh&nuid=s2EP478xQhhTsFMTfaJP4Q605rU-9RipGOe9CawUtbA&pi=sonobi&tc=1

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?

Protocol

HTTP/1.1

Server

72.34.250.75 Hemet, United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://sync.go.sonobi.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Pragma: no-cache
Date: Mon, 29 Jan 2024 20:50:24 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-lax-1-5-22
Content-Type: image/gif
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://sync.go.sonobi.com/us.gif?nw=rh&nuid=s2EP478xQhhTsFMTfaJP4Q605rU-9RipGOe9CawUtbA&pi=sonobi&tc=1
pragma: no-cache
date: Mon, 29 Jan 2024 20:50:24 GMT, Mon, 29 Jan 2024 20:50:24 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame 81FB
Redirect Chain

https://t.adx.opera.com/pub/sync?pubid=pub9935550313792
https://sync.go.sonobi.com/us.gif?nuid=OPUd03a567f3c0142a6bf47f959f0620909&nw=oa

49 B
880 B

186ms
186ms

Image
image/gif

72.34.250.75
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nuid=OPUd03a567f3c0142a6bf47f959f0620909&nw=oa

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?

Protocol

HTTP/1.1

Server

72.34.250.75 Hemet, United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://sync.go.sonobi.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Pragma: no-cache
Date: Mon, 29 Jan 2024 20:50:24 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-lax-1-5-95
Content-Type: image/gif
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 20:50:23 GMT
server: Tengine
access-control-allow-methods: POST, GET
content-type: text/html; charset=utf-8
access-control-allow-origin: *
location: https://sync.go.sonobi.com/us.gif?nuid=OPUd03a567f3c0142a6bf47f959f0620909&nw=oa
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 107
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame 81FB
Redirect Chain

https://dpm.demdex.net/ibs:dpid=87880&dpuuid=5d7bb849-d82a-4a41-a827-2b0111b53556
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=5d7bb849-d82a-4a41-a827-2b0111b53556

42 B
716 B

233ms
232ms

Image
image/gif

54.145.188.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=5d7bb849-d82a-4a41-a827-2b0111b53556

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?

Protocol

Server

54.145.188.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-145-188-191.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://sync.go.sonobi.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

dcs: dcs-prod-va6-2-v053-01d8071db.edge-va6.demdex.com 4 ms
pragma: no-cache
date: Mon, 29 Jan 2024 20:50:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: d2o7EPeQSZM=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-va6-1-v053-0daa6e31c.edge-va6.demdex.com 0 ms
pragma: no-cache
date: Mon, 29 Jan 2024 20:50:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: PcWYB5wzR6c=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=5d7bb849-d82a-4a41-a827-2b0111b53556
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame 81FB
Redirect Chain

https://ib.adnxs.com/getuid?https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID
https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=4618620154437102574

49 B
864 B

189ms
188ms

Image
image/gif

72.34.250.75
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=4618620154437102574

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?

Protocol

HTTP/1.1

Server

72.34.250.75 Hemet, United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://sync.go.sonobi.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Pragma: no-cache
Date: Mon, 29 Jan 2024 20:50:23 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-lax-1-5-22
Content-Type: image/gif
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 20:50:23 GMT
an-x-request-uuid: 4ce2b902-6acf-4b05-8c1d-11f72672e820
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=4618620154437102574
x-proxy-origin: 103.75.11.107; 103.75.11.107; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

usg.gif
sync.go.sonobi.com/ Frame 81FB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=NWQ3YmI4NDktZDgyYS00YTQxLWE4MjctMmIwMTExYjUzNTU2
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm=&google_hm=NWQ3YmI4NDktZDgyYS00YTQxLWE4MjctMmIwMTExYjUzNTU2&google_tc=
https://sync.go.sonobi.com/usg.gif?google_error=3

49 B
446 B

186ms
186ms

Image
image/gif

72.34.250.75
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usg.gif?google_error=3

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?

Protocol

HTTP/1.1

Server

72.34.250.75 Hemet, United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://sync.go.sonobi.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Pragma: no-cache
Date: Mon, 29 Jan 2024 20:50:23 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-lax-1-5-27
Content-Type: image/gif
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 20:50:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.go.sonobi.com/usg.gif?google_error=3
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 246
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame D853 7 B
778 B 640ms
159ms XHR
application/json 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: d335433bbbe0efeac67146df47932f6f
Expires: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 45ED 39 KB
11 KB 76ms
76ms Script
text/html 23.204.65.234
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.65.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-204-65-234.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b88bc818f09d63feaa1a980f7a5c59ef6afab11e7e426623b620fc50f1edf231

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 29 Jan 2024 20:50:23 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Jan 2024 05:22:09 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=30699
Connection: keep-alive
Content-Length: 10901
Expires: Tue, 30 Jan 2024 05:22:02 GMT

GET
H2 200 cl_partner.html Show response
ads.pubmatic.com/AdServer/js/ Frame 963B 1 KB
1 KB 70ms
70ms Document
text/html 23.198.59.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3DA67F380D-5739-4F34-9320-78030CEE7CBB%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID
Requested by: Host: simage4.pubmatic.com
URL: https://simage4.pubmatic.com/AdServer/SPug?o=1&p=156204&sc=1&u=A67F380D-5739-4F34-9320-78030CEE7CBB&rs=3&gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.198.59.89 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-198-59-89.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 4454d9d3961cb38ef425de34b4e6173fe6d284f8625c74c6d125aec648a25d08

Request headers

Referer: https://simage4.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=80369
content-encoding: gzip
content-length: 878
content-type: text/html
date: Mon, 29 Jan 2024 20:50:23 GMT
expires: Tue, 30 Jan 2024 19:09:52 GMT
last-modified: Wed, 08 Feb 2023 05:37:50 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 cl_partner.html Show response
ads.pubmatic.com/AdServer/js/ Frame 4840 1 KB
1 KB 70ms
70ms Document
text/html 23.198.59.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3DA67F380D-5739-4F34-9320-78030CEE7CBB%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID
Requested by: Host: simage4.pubmatic.com
URL: https://simage4.pubmatic.com/AdServer/SPug?o=1&p=156204&sc=1&u=A67F380D-5739-4F34-9320-78030CEE7CBB&rs=3&gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.198.59.89 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-198-59-89.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 4454d9d3961cb38ef425de34b4e6173fe6d284f8625c74c6d125aec648a25d08

Request headers

Referer: https://simage4.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=80369
content-encoding: gzip
content-length: 878
content-type: text/html
date: Mon, 29 Jan 2024 20:50:23 GMT
expires: Tue, 30 Jan 2024 19:09:52 GMT
last-modified: Wed, 08 Feb 2023 05:37:50 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame B9C0
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=

281 B
554 B

76ms
75ms

Document
text/html

23.204.65.234
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.65.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-204-65-234.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 29 Jan 2024 20:50:23 GMT
ETag: "20524-119-60b38417c4040"
Last-Modified: Tue, 28 Nov 2023 15:41:45 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Mon, 29 Jan 2024 20:50:23 GMT
location: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server: AkamaiGHost

GET
H3

200

cm Show response
us-u.openx.net/w/1.0/ Frame A34A
Redirect Chain

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1706561423498.6&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c...
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D...
https://us-u.openx.net/w/1.0/cm?cc=1&id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_priva...

373 B
282 B

166ms
166ms

Document
text/html

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 57782ba861b1a75737715f4186c774e1a5dac2ab514d63c51c74a72c5a613b9d

Request headers

Referer: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 266
content-type: text/html
date: Mon, 29 Jan 2024 20:50:24 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 29 Jan 2024 20:50:23 GMT
location: https://us-u.openx.net/w/1.0/cm?cc=1&id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
via: 1.1 google

GET
H/1.1

200
OK

match
s.pubmine.com/ Frame E8D0
Redirect Chain

https://ssc-cms.33across.com/ps/?_=1706561423498.&ri=zzz000000000002zzz&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3D4435b34d-7403-...
https://s.pubmine.com/match?bidder_id=24&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=212441188476780

43 B
1005 B

170ms
169ms

Image
image/gif

184.169.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.pubmine.com/match?bidder_id=24&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=212441188476780
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
Protocol: HTTP/1.1
Server: 184.169.159.105 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-184-169-159-105.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 29 Jan 2024 20:50:23 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 20:50:22 GMT
referrer-policy: unsafe-url
server: 33XP019
x-33x-status: 100000000008200000A
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://s.pubmine.com/match?bidder_id=24&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=212441188476780
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H2

200

sync
odr.mookie1.com/t/v2/ Frame E8D0
Redirect Chain

https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=bf5f6494-5e64-4d36-97ff-caa5a872fb1d&ssp=the33across&gdpr=&gdpr_consent=

42 B
204 B

356ms
205ms

Image
image/gif

34.111.79.67
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=bf5f6494-5e64-4d36-97ff-caa5a872fb1d&ssp=the33across&gdpr=&gdpr_consent=
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
Protocol: H2
Server: 34.111.79.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 67.79.111.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 29 Jan 2024 20:50:24 GMT
via: 1.1 google
last-modified: Thu, 19 Oct 2023 06:07:48 GMT
server: nginx
etag: "6530c7b4-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

Location: //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=bf5f6494-5e64-4d36-97ff-caa5a872fb1d&ssp=the33across&gdpr=&gdpr_consent=
Date: Mon, 29 Jan 2024 20:50:23 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
events-ssc.33across.com/ Frame E8D0
Redirect Chain

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1706561423498.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fe...
https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=557365b8-0f90-4600-b06e-cd18794bd505

68 B
117 B

209ms
208ms

Image
image/png

34.117.239.71
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=557365b8-0f90-4600-b06e-cd18794bd505
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
Protocol: H2
Server: 34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 29 Jan 2024 20:50:24 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

Redirect headers

Date: Mon, 29 Jan 2024 20:50:24 GMT
Server: MT3 1451 1934b03 master ord ord-pixel-x12 config_version:"539"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=557365b8-0f90-4600-b06e-cd18794bd505
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 29 Jan 2024 20:50:23 GMT

GET
H2

204

pixelSync
pixel-sync.sitescout.com/dmp/ Frame E8D0
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D

0
187 B

304ms
304ms

Image
text/plain

98.98.134.242
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
Protocol: H2
Server: 98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Mon, 29 Jan 2024 20:50:24 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location: https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D
date: Mon, 29 Jan 2024 20:50:23 GMT
server: A
content-length: 0

GET
H2

200

match
events-ssc.33across.com/ Frame E8D0
Redirect Chain

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1706561423498.7&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253...
https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=4618620154437102574

68 B
216 B

357ms
209ms

Image
image/png

34.117.239.71
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=4618620154437102574
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
Protocol: H2
Server: 34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 29 Jan 2024 20:50:24 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 20:50:23 GMT
an-x-request-uuid: d16e823b-83af-449f-8ded-7c81b581774b
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=4618620154437102574
x-proxy-origin: 103.75.11.107; 103.75.11.107; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame B9C0 39 KB
11 KB 76ms
76ms Script
text/html 23.204.65.234
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.65.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-204-65-234.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b88bc818f09d63feaa1a980f7a5c59ef6afab11e7e426623b620fc50f1edf231

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 29 Jan 2024 20:50:23 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Jan 2024 05:22:09 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=30699
Connection: keep-alive
Content-Length: 10901
Expires: Tue, 30 Jan 2024 05:22:02 GMT

GET
H/1.1

200
OK

match
s.pubmine.com/ Frame 0D81
Redirect Chain

https://ssc-cms.33across.com/ps/?_=1706561423724.&ri=0010b00002CphGRAAZ&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSER...
https://s.pubmine.com/match?bidder_id=6&external_user_id=212441188476780&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&gdpr=0&gdpr_consent=&us_privacy=

43 B
1005 B

170ms
170ms

Image
image/gif

184.169.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.pubmine.com/match?bidder_id=6&external_user_id=212441188476780&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D&b=1
Protocol: HTTP/1.1
Server: 184.169.159.105 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-184-169-159-105.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D&b=1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 29 Jan 2024 20:50:24 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 20:50:22 GMT
referrer-policy: unsafe-url
server: 33XP015
x-33x-status: 100000000008200000A
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://s.pubmine.com/match?bidder_id=6&external_user_id=212441188476780&ssp_data=4435b34d-7403-44d2-a649-cc1135ee9408&rid=&gdpr=0&gdpr_consent=&us_privacy=
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H3

200

receive
pixel.tapad.com/idsync/ex/ Frame 0D81
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=FtT2L2W4D48tP33rW0QwCw%3D%3D&us_privacy=&random=1706561423724.2&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=FtT2L2W4D48tP33rW0QwCw%3D%3D&us_privacy=&random=1706561423724.2&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%...
https://dpm.demdex.net/ibs:dpid=540&dpuuid=285b4cda-b805-4183-a162-ce66ebe721f5&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D...
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=10958277533995031381769522495878219098&pt=285b4cda-b805-4183-a162-ce66ebe721f5%2C%2C

95 B
124 B

205ms
205ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=10958277533995031381769522495878219098&pt=285b4cda-b805-4183-a162-ce66ebe721f5%2C%2C

Requested by

Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D&b=1

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D&b=1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 29 Jan 2024 20:50:24 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

dcs: dcs-prod-va6-1-v053-0f5c2c728.edge-va6.demdex.com 6 ms
pragma: no-cache
date: Mon, 29 Jan 2024 20:50:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: CLtG8GdHTLw=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=10958277533995031381769522495878219098&pt=285b4cda-b805-4183-a162-ce66ebe721f5%2C%2C
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

mapuid
secure.adnxs.com/ Frame 0D81
Redirect Chain

https://dp1.33across.com/ps/?pid=669&uid=FtT2L2W4D48tP33rW0QwCw%3D%3D&us_privacy=&random=1706561423724.3&pu=https%3A%2F%2Fref-lek-ti-one-rom-val.blog%2F
https://secure.adnxs.com/mapuid?t=2&member=1001&user=212441188476780&seg_code=33x&random=1706561424

43 B
788 B

155ms
154ms

Image
image/gif

103.43.90.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/mapuid?t=2&member=1001&user=212441188476780&seg_code=33x&random=1706561424

Requested by

Protocol

Server

103.43.90.21 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D&b=1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 20:50:24 GMT
an-x-request-uuid: 87c9d816-1eb7-40a5-a67f-3c1038b51348
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 103.75.11.107; 103.75.11.107; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 20:50:24 GMT
referrer-policy: unsafe-url
server: 33XP016
x-33x-status: 402044000A
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://secure.adnxs.com/mapuid?t=2&member=1001&user=212441188476780&seg_code=33x&random=1706561424
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame D853
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/6mPaZd8b7NWef6KUzyiU2Mn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-AhSWFGpE2oLndBqQRTUsMtrwgeFEy2tuTrKqOQ--~A

42 B
872 B

381ms
158ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-AhSWFGpE2oLndBqQRTUsMtrwgeFEy2tuTrKqOQ--~A
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: HTTP/1.1
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: f60a7260b0ebb7a40a81234af4a9e826
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Mon, 29 Jan 2024 20:50:24 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-AhSWFGpE2oLndBqQRTUsMtrwgeFEy2tuTrKqOQ--~A
content-length: 0

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame D853 170 B
188 B 168ms
165ms Image
image/png 172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc

Requested by

Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.24.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 20:50:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame D853
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=g7-8lNTrSOa4ib_7C3X8wQ&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=g7-8lNTrSOa4ib_7C3X8wQ

43 B
479 B

317ms
317ms

Image
image/gif

52.95.125.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=g7-8lNTrSOa4ib_7C3X8wQ

Protocol

HTTP/1.1

Server

52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Pragma: no-cache
Date: Mon, 29 Jan 2024 20:50:25 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: CP1K6N82AY36AVH0GMR6
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=g7-8lNTrSOa4ib_7C3X8wQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: d335433bbbe0efeac67146df47932f6f
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame D853
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRZELXZX-1T-FYJI

0
538 B

453ms
368ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRZELXZX-1T-FYJI
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 29 Jan 2024 20:50:24 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 3BE676185D4D408B916D919EF89DA01E Ref B: AKL30EDGE0218 Ref C: 2024-01-29T20:50:24Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-source-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQG8uAGmY87WY+cTHEYA==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRZELXZX-1T-FYJI
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: dedf7fc216a5bbc739a54325e875a79f
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D853
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODJlYjE5YjhlNTRjMjM1ZGVkYjI3YTZhMWM0OTAwOTUyMWVhOTAwOA

170 B
188 B

165ms
165ms

Image
image/png

172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODJlYjE5YjhlNTRjMjM1ZGVkYjI3YTZhMWM0OTAwOTUyMWVhOTAwOA

Requested by

Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/

Protocol

Server

172.217.24.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 20:50:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODJlYjE5YjhlNTRjMjM1ZGVkYjI3YTZhMWM0OTAwOTUyMWVhOTAwOA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 7d5ff5cea86970f029093dfe0a29d015
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D853
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFJaRUxYWlgtMVQtRllKSQ==

170 B
188 B

165ms
165ms

Image
image/png

172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFJaRUxYWlgtMVQtRllKSQ==

Requested by

Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/

Protocol

Server

172.217.24.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 20:50:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFJaRUxYWlgtMVQtRllKSQ==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: d264e84c9dc1a645a3048554992c5d82
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame D853
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=84aafd0b-0af4-4d9d-8b79-676c6031532d&gdpr=0&gdpr_consent=&expires=30

42 B
872 B

251ms
159ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=84aafd0b-0af4-4d9d-8b79-676c6031532d&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: HTTP/1.1
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 7d5ff5cea86970f029093dfe0a29d015
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=84aafd0b-0af4-4d9d-8b79-676c6031532d&gdpr=0&gdpr_consent=&expires=30
date: Mon, 29 Jan 2024 20:50:23 GMT
server: Kestrel
content-length: 289

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame D853
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
https://s.amazon-adsystem.com/ecm3?id=LRZELXZX-1T-FYJI&ex=d-rubiconproject.com&status=ok

43 B
479 B

689ms
233ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=LRZELXZX-1T-FYJI&ex=d-rubiconproject.com&status=ok

Requested by

Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Pragma: no-cache
Date: Mon, 29 Jan 2024 20:50:24 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: ZYNF51TK9NES2C1HAEFC
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://s.amazon-adsystem.com/ecm3?id=LRZELXZX-1T-FYJI&ex=d-rubiconproject.com&status=ok
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 7d5ff5cea86970f029093dfe0a29d015
Expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame D853
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=g2z-BDA-RcWd1QEZk2_fUw&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=g2z-BDA-RcWd1QEZk2_fUw

43 B
479 B

235ms
235ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=g2z-BDA-RcWd1QEZk2_fUw

Requested by

Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Pragma: no-cache
Date: Mon, 29 Jan 2024 20:50:25 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: RS88NKWJD367ADCCYDR0
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=g2z-BDA-RcWd1QEZk2_fUw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 808ed95536e7f55d8adbcb9fc76d309d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame D853
Redirect Chain

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACjsk7LcB8AABQ90hT_OQ&expires=30

42 B
872 B

159ms
159ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACjsk7LcB8AABQ90hT_OQ&expires=30
Protocol: HTTP/1.1
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 4290507b7388fb86809e552482e2fff0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACjsk7LcB8AABQ90hT_OQ&expires=30
Date: Mon, 29 Jan 2024 20:50:24 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H3

200

receive
pixel.tapad.com/idsync/ex/ Frame D853
Redirect Chain

https://token.rubiconproject.com/token?pid=37556&a=1
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LRZELXZX-1T-FYJI

95 B
124 B

204ms
204ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LRZELXZX-1T-FYJI

Requested by

Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 29 Jan 2024 20:50:24 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

Location: https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LRZELXZX-1T-FYJI
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6690dc791bf02dde8c4051a04cfd7bb8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame D853
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=6adbf343-fb6d-4f1f-a3f2-a1c749cd108d&expires=30

42 B
872 B

226ms
158ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=6adbf343-fb6d-4f1f-a3f2-a1c749cd108d&expires=30
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: HTTP/1.1
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=6adbf343-fb6d-4f1f-a3f2-a1c749cd108d&expires=30
Date: Mon, 29 Jan 2024 20:50:24 GMT
Connection: keep-alive
X-CI-RTID: a8f4ea41-8a34-4aa2-8fec-b4c2a411db4b
Content-Length: 144
Content-Type: text/html; charset=utf-8

GET
H2

200

v1
match.sharethrough.com/sync/ Frame D853
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=18694
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LRZELXZX-1T-FYJI

68 B
280 B

493ms
161ms

Image
image/png

52.76.134.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LRZELXZX-1T-FYJI
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: H2
Server: 52.76.134.18 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-134-18.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 29 Jan 2024 20:50:25 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LRZELXZX-1T-FYJI
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: dedf7fc216a5bbc739a54325e875a79f
Expires: 0

GET
H2

200

pixel
capi.connatix.com/us/ Frame D853
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=19564
https://capi.connatix.com/us/pixel?puid=LRZELXZX-1T-FYJI&pId=11&gdpr=&gdpr_consent=&us_privacy=
https://capi.connatix.com/us/pixel?puid=LRZELXZX-1T-FYJI&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true

82 B
82 B

207ms
207ms

Image
image/gif

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/us/pixel?puid=LRZELXZX-1T-FYJI&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Protocol: H2
Server: 172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 29 Jan 2024 20:50:25 GMT
cf-cache-status: DYNAMIC
server: cloudflare
surrogate-control: no-cache, no-store, must-revalidate, max-age=0
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 84d458eabb381c51-AKL
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Mon, 29 Jan 2024 20:50:25 GMT
cf-cache-status: DYNAMIC
server: cloudflare
location: https://capi.connatix.com/us/pixel?puid=LRZELXZX-1T-FYJI&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 84d458e958891c51-AKL
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2

200

setuid
ib.adnxs.com/prebid/ Frame D853
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LRZELXZX-1T-FYJI

43 B
1 KB

165ms
164ms

Image
image/gif

103.43.90.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LRZELXZX-1T-FYJI

Requested by

Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/

Protocol

Server

103.43.90.53 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 20:50:24 GMT
an-x-request-uuid: 4d5df73f-5e01-4012-a44a-d8a0a26afc63
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 103.75.11.107; 103.75.11.107; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LRZELXZX-1T-FYJI
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 7d5ff5cea86970f029093dfe0a29d015
Expires: 0

GET
H2

200

cksync
hb.yahoo.net/ Frame D853
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LRZELXZX-1T-FYJI&redir=true
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LRZELXZX-1T-FYJI&redir=true
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1GOV9XMnM1RTJ1R0c5d0NZQldIa1hvQlJJQl9BeS5nTn5B&ovsid=LRZELXZX-1T-FYJI&dpid=58160

58 B
614 B

334ms
95ms

Image
image/gif

23.1.240.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hb.yahoo.net/cksync?cs=63&axid_e=eS1GOV9XMnM1RTJ1R0c5d0NZQldIa1hvQlJJQl9BeS5nTn5B&ovsid=LRZELXZX-1T-FYJI&dpid=58160

Protocol

Server

23.1.240.138 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-1-240-138.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

55967e8b48ca861fd270485e79457039512b1a4dbdb3a572741c0aa737bca814

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Mon, 29 Jan 2024 20:50:25 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 58
x-mnet-hl2: E
expires: Mon, 29 Jan 2024 20:50:25 GMT

Redirect headers

location: https://hb.yahoo.net/cksync?cs=63&axid_e=eS1GOV9XMnM1RTJ1R0c5d0NZQldIa1hvQlJJQl9BeS5nTn5B&ovsid=LRZELXZX-1T-FYJI&dpid=58160
date: Mon, 29 Jan 2024 20:50:25 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 45ED 7 B
778 B 288ms
160ms XHR
application/json 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?khaos=LRZELXZX-1T-FYJI
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: c80248407eff6cf595ce43a76c04e23f
Expires: 0

GET
H2 200 match
events-ssc.33across.com/ Frame A34A 68 B
117 B 208ms
208ms Image
image/png 34.117.239.71
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=70&external_user_id=393d3822-bded-4a05-8557-45f9d9075d8b
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 29 Jan 2024 20:50:24 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 45ED
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LRZELXZX-1T-FYJI
https://usersync.gumgum.com/usersync?b=mag&i=LRZELXZX-1T-FYJI

35 B
250 B

236ms
235ms

Image
image/gif

54.238.120.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=mag&i=LRZELXZX-1T-FYJI
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3D4435b34d-7403-44d2-a649-cc1135ee9408%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol: HTTP/1.1
Server: 54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Mon, 29 Jan 2024 20:50:24 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://usersync.gumgum.com/usersync?b=mag&i=LRZELXZX-1T-FYJI
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e2b6b837307e4a2cb84d126fbaf2cea2
Expires: 0

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame B9C0 7 B
778 B 172ms
158ms XHR
application/json 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?khaos=LRZELXZX-1T-FYJI
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 94869a3d6d62a785bc2a9351b08a70bb
Expires: 0

GET
H3

200

match
events-ssc.33across.com/ Frame B9C0
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=LRZELXZX-1T-FYJI
https://ssc-cms.33across.com/ps/?xi=1&xu=LRZELXZX-1T-FYJI
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LRZELXZX-1T-FYJI&ts=1706561425&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

68 B
82 B

208ms
208ms

Image
image/png

34.117.239.71
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LRZELXZX-1T-FYJI&ts=1706561425&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Protocol: H3
Server: 34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 29 Jan 2024 20:50:25 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 20:50:25 GMT
referrer-policy: unsafe-url
server: 33XP004
x-33x-status: 8000000008200000A
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LRZELXZX-1T-FYJI&ts=1706561425&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H/1.1 200
OK 725X1342.skimlinks.js Show response
s.skimresources.com/js/ 49 KB
19 KB 220ms
72ms Script
application/octet-stream 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://s.skimresources.com/js/725X1342.skimlinks.js
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 2d13d054dec619ab84fd414a83959ab61fb660553b23ba9aaf43f7c4940e5b96

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 29 Jan 2024 20:50:25 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jun 2023 14:20:51 GMT
Server: AmazonS3
x-amz-request-id: WEPQ0CW4GVQZYM7K
ETag: "097f613b5f29b5c85630927229ac793b"
X-HW: 1706561425.cds201.sy2.hn,1706561425.cds209.sy2.c
Content-Type: application/octet-stream
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18888
x-amz-id-2: CR2TWNHFm7QMW3Nxh/4zmVnzzWJjgFici2295fmzm7bT53Ijcak1qCzxSncs59TQoDP13saUIQo=

GET
H3 200 actionbar.css
s0.wp.com/wp-content/mu-plugins/actionbar/ 15 KB
4 KB 69ms
69ms Stylesheet
text/css 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/mu-plugins/actionbar/actionbar.css?v=20240115
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: c1e62caa83381d8a3c58be2a17f28bff4176e8ddcd882bb923f3152852c06df9

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-minify-cache: hit
date: Mon, 29 Jan 2024 20:50:25 GMT
content-encoding: br
x-ac: 2.syd _bur MISS
x-minify: t
alt-svc: h3=":443"; ma=86400
x-nc: HIT syd 2
server: nginx
etag: W/18324-1705283922309.2102
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Tue, 14 Jan 2025 01:58:55 GMT

GET
H3 200 actionbar.js Show response
s0.wp.com/wp-content/mu-plugins/actionbar/ 8 KB
3 KB 69ms
69ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/mu-plugins/actionbar/actionbar.js?v=20231122
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: a6dc271cbdaa05e97c5144483628df9e30b68326e5b04a5fef3322af1c0f22e0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-minify-cache: hit
date: Mon, 29 Jan 2024 20:50:25 GMT
content-encoding: br
x-ac: 2.syd _bur MISS
x-minify: t
alt-svc: h3=":443"; ma=86400
x-nc: HIT syd 2
server: nginx
etag: W/15307-1700657605824.8071
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Thu, 21 Nov 2024 12:53:36 GMT

GET
H2 206 robots.txt
t.skimresources.com/api/v2/ Frame C87F 0
123 B 310ms
164ms Image
text/plain 35.201.67.47
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.5644972220771327
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 47.67.201.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 29 Jan 2024 20:50:25 GMT
via: 1.1 google
cache-control: private, no-store
server: nginx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain

POST
H2 200 / Show response
r.skimresources.com/api/ 150 B
374 B 314ms
167ms XHR
application/json 35.190.59.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r.skimresources.com/api/

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/725X1342.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

101.59.190.35.bc.googleusercontent.com

Software

openresty/1.19.9.1 /

Resource Hash

221d05ad70ffcff2baa6543953b57372b7096ab0b403f9106c8750996ec7b9ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 29 Jan 2024 20:50:25 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: openresty/1.19.9.1
via: 1.1 google
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ref-lek-ti-one-rom-val.blog
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 / Show response
r.skimresources.com/api/ 150 B
188 B 166ms
166ms XHR
application/json 35.190.59.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r.skimresources.com/api/

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/725X1342.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

101.59.190.35.bc.googleusercontent.com

Software

openresty/1.19.9.1 /

Resource Hash

221d05ad70ffcff2baa6543953b57372b7096ab0b403f9106c8750996ec7b9ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 29 Jan 2024 20:50:25 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: openresty/1.19.9.1
via: 1.1 google
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ref-lek-ti-one-rom-val.blog
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 page Show response
t.skimresources.com/api/v2/ 22 B
359 B 173ms
173ms XHR
application/javascript 35.201.67.47
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/v2/page

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/725X1342.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

47.67.201.35.bc.googleusercontent.com

Software

Python/3.11 aiohttp/3.8.6 /

Resource Hash

fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 20:50:25 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.11 aiohttp/3.8.6
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8, application/javascript
access-control-allow-origin: https://ref-lek-ti-one-rom-val.blog
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
content-length: 22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Verdicts & Comments Add Verdict or Comment

120 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

85 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ref-lek-ti-one-rom-val.blog/	1970-01-21 03:38:41	Name: __utma Value: 1.1332862310.1706561421.1706561421.1706561421.1
ref-lek-ti-one-rom-val.blog/	1969-12-31 23:59:59	Name: __utmc Value: 1
ref-lek-ti-one-rom-val.blog/	1970-01-20 22:25:29	Name: __utmz Value: 1.1706561421.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
ref-lek-ti-one-rom-val.blog/	1970-01-20 18:02:42	Name: __utmt Value: 1
ref-lek-ti-one-rom-val.blog/	1970-01-20 18:02:43	Name: __utmb Value: 1.1.10.1706561421
.ref-lek-ti-one-rom-val.blog/	1970-01-20 18:04:07	Name: ccpa_applies Value: false
.ref-lek-ti-one-rom-val.blog/	1970-01-20 18:04:07	Name: usprivacy Value: 1---
ref-lek-ti-one-rom-val.blog/	1970-01-21 03:38:41	Name: __ATA_tuuid Value: 4435b34d-7403-44d2-a649-cc1135ee9408
.technoratimedia.com/	1970-01-20 18:02:45	Name: tads_ipv6 Value: 2404:f780:5:def::c2e
.casalemedia.com/	1970-01-21 02:48:17	Name: CMID Value: ZbgPjgpYEZM.KiyI4welaAAA
.casalemedia.com/	1970-01-20 20:12:17	Name: CMPS Value: 4745
.casalemedia.com/	1970-01-20 20:12:17	Name: CMPRO Value: 4745
.3lift.com/	1970-01-20 20:12:17	Name: tluid Value: 603368634042752454944
.yahoo.com/	1970-01-21 02:48:39	Name: A3 Value: d=AQABBI4PuGUCEEjxU7Se8m_C72rofAdHx9gFEgEBAQFhuWXBZQ0CxyMA_eMAAA&S=AQAAArPh-YFunzMDBSqrh4pk69Q
.smaato.net/	1970-01-20 18:32:55	Name: SCM Value: e0208b8364
.smaato.net/	1970-01-20 18:32:55	Name: SCMp Value: e0208b8364
.omnitagjs.com/	1970-01-20 18:45:53	Name: ayl_visitor Value: 53ae31b4630b4509b188d93fcbe10a57
.33across.com/	1970-01-21 02:48:17	Name: 33x_ps Value: u%3D212441188476780%3As1%3D1706561422830%3Ats%3D1706561422830
.gumgum.com/	1970-01-21 02:48:17	Name: vst Value: a_8e639607-c083-4681-a1c9-14d0375c0f7b
.go.sonobi.com/	1970-01-20 18:02:48	Name: __uqc Value: 1
.go.sonobi.com/	1970-01-20 18:45:53	Name: __uis Value: 4d30d4a0-0316-4953-b820-f61396106e9a
.bidswitch.net/	1970-01-21 02:48:17	Name: c Value: 1706561422
.bidswitch.net/	1970-01-21 02:48:17	Name: tuuid_lu Value: 1706561422
.bidswitch.net/	1970-01-21 02:48:17	Name: tuuid Value: bf5f6494-5e64-4d36-97ff-caa5a872fb1d
.bidswitch.net/	1970-01-20 18:02:41	Name: ssp_data Value: 4435b34d-7403-44d2-a649-cc1135ee9408
.adnxs.com/	1970-01-20 20:12:17	Name: uuid2 Value: 4618620154437102574
.adsrvr.org/	1970-01-21 02:49:43	Name: TDID Value: 84aafd0b-0af4-4d9d-8b79-676c6031532d
.technoratimedia.com/	1970-01-21 03:38:41	Name: tads_uid Value: GDPR
.go.sonobi.com/	1970-01-20 18:49:29	Name: __uir_an Value: 146143228717380734
.go.sonobi.com/	1970-01-21 02:48:17	Name: __uin_an Value: 4618620154437102574
.doubleclick.net/	1970-01-20 18:02:42	Name: test_cookie Value: CheckForPermission
.id5-sync.com/	1970-01-20 20:12:17	Name: id5 Value: 80799d1a-8dd6-7fac-ac7a-c3270411bd34#1706561422225#3
.id5-sync.com/	1970-01-20 20:12:17	Name: 3pi Value:
.go.sonobi.com/	1970-01-20 20:12:17	Name: __uir_td Value: 146143233012348031
.go.sonobi.com/	1970-01-21 02:48:17	Name: __uin_td Value: 84aafd0b-0af4-4d9d-8b79-676c6031532d
.rubiconproject.com/	1970-01-20 20:12:17	Name: receive-cookie-deprecation Value: 1
.smartadserver.com/	1970-01-21 03:32:55	Name: pid Value: 2159908696878776871
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjE1MTU0N7W0NDAwN7WwNDEyNRfiM9Q1yEw1SDRNsswuc_QHAJf835YlAAAA
.rfihub.com/	1970-01-21 03:24:17	Name: rud Value: H4sIAAAAAAAA_-MSNjE1MTU0N7W0NDAwN7WwNDEyNRfiM9Q1yEw1SDRNsswuc_QHAJf835YlAAAA
.rfihub.com/	1970-01-21 03:24:17	Name: eud Value: H4sIAAAAAAAA_1slymtobmBmamZoYmRsamAMACCcvqkQAAAA
.tynt.com/	1970-01-21 02:48:17	Name: uid Value: FtT2L2W4D48tP33rW0QwCw==
.socdm.com/	1970-01-21 03:38:41	Name: SOC Value: ZbgPj8Co5ugAAGUQoXAAAAAA
.demdex.net/	1970-01-20 22:21:53	Name: demdex Value: 10958277533995031381769522495878219098
.go.sonobi.com/	1970-01-20 18:49:29	Name: __uir_zt Value: 146143228717380734
.go.sonobi.com/	1970-01-21 02:48:17	Name: __uin_zt Value: 4545175990075894257
.rubiconproject.com/	1970-01-21 02:48:17	Name: khaos Value: LRZELXZX-1T-FYJI
.tynt.com/	1970-01-20 20:12:17	Name: pids Value: %5B%7B%22p%22%3A%22fcb82aaae3%22%2C%22f%22%3A1%2C%22ts%22%3A1706561423724%7D%2C%7B%22p%22%3A%223bfd58deb3%22%2C%22f%22%3A1%2C%22ts%22%3A1706561423498%7D%2C%7B%22p%22%3A%227912d88d74%22%2C%22f%22%3A1%2C%22ts%22%3A1706561423498%7D%2C%7B%22p%22%3A%22002f98d420%22%2C%22f%22%3A1%2C%22ts%22%3A1706561423724%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1706561423498%7D%2C%7B%22p%22%3A%22bac1bc34e2%22%2C%22f%22%3A1%2C%22ts%22%3A1706561423498%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1706561423498%7D%2C%7B%22p%22%3A%22008c314e8f%22%2C%22f%22%3A1%2C%22ts%22%3A1706561423498%7D%5D
.creativecdn.com/	1970-01-21 02:48:17	Name: ts Value: 1706561423
.creativecdn.com/	1970-01-21 02:48:17	Name: g Value: ylKAJRYlxA6z9JbHvJyc_1706561423791
.adsrvr.org/	1970-01-21 02:49:43	Name: TDCPM Value: CAESFgoHcnViaWNvbhILCJiN2qm-xdA8EAUYASACKAIyCwiE45zS1MXQPBAFOAFaBzhoOXUxMWhgAg..
.dpm.demdex.net/	1970-01-20 22:21:53	Name: dpm Value: 10958277533995031381769522495878219098
.contextweb.com/	1970-01-21 02:41:05	Name: V Value: ZnbPqM40z0xa
.contextweb.com/	1970-01-21 02:48:17	Name: pb_rtb_ev Value: 3-1pef\|7bq.0.1
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 77b609ec6b86a685
.adx.opera.com/	1970-01-21 02:48:17	Name: UID Value: OPUd03a567f3c0142a6bf47f959f0620909
.ipredictive.com/	1970-01-21 02:48:17	Name: cu Value: 6adbf343-fb6d-4f1f-a3f2-a1c749cd108d\|1706561424029
.tapad.com/	1970-01-20 19:29:05	Name: TapAd_TS Value: 1706561424094
.tapad.com/	1970-01-20 19:29:05	Name: TapAd_DID Value: 285b4cda-b805-4183-a162-ce66ebe721f5
.go.sonobi.com/	1970-01-20 18:49:29	Name: __uir_oa Value: 146143233012348031
.go.sonobi.com/	1970-01-21 02:48:17	Name: __uin_oa Value: OPUd03a567f3c0142a6bf47f959f0620909
.go.sonobi.com/	1970-01-20 18:49:29	Name: __uir_rh Value: 146143237307315328
.go.sonobi.com/	1970-01-21 02:48:17	Name: __uin_rh Value: s2EP478xQhhTsFMTfaJP4Q605rU-9RipGOe9CawUtbA
.zemanta.com/	1970-01-21 02:48:17	Name: zuid Value: C8qDO33Mo-ZerRQuGhw0
qvdt3feo.com/	1970-01-21 02:48:17	Name: sa-user-id Value: s%3A0-3f034712-633b-5c9e-600d-bf13af836540.tfNysuxc3auERrxEaQe6H%2FrMfEEIniZhNOG5OoOjKKE
.qvdt3feo.com/	1970-01-21 02:48:17	Name: sa-user-id Value: s%3A0-3f034712-633b-5c9e-600d-bf13af836540.tfNysuxc3auERrxEaQe6H%2FrMfEEIniZhNOG5OoOjKKE
qvdt3feo.com/	1970-01-21 02:48:17	Name: sa-user-id-v2 Value: s%3APwNHEmM7XJ5gDb8Tr4NlQGdLC2s.IYYpBGkwCVfGocsMNAnd5p6imbuLHi0tIgBoBKGIXhY
.qvdt3feo.com/	1970-01-21 02:48:17	Name: sa-user-id-v2 Value: s%3APwNHEmM7XJ5gDb8Tr4NlQGdLC2s.IYYpBGkwCVfGocsMNAnd5p6imbuLHi0tIgBoBKGIXhY
qvdt3feo.com/	1970-01-21 02:48:17	Name: sa-user-id-v3 Value: s%3AAQAKIIrklDoTwO_HvkkyEUPoSqV7_vDlD6IWwSV3jTzLsEtQEL0BGAQgkJ_grQYwAToEWZd3AkIEgkep_g.4G6aNkQmpSHPXrYQdl0%2Fvd75J04dVMZU6WgpQKKTcFs
.qvdt3feo.com/	1970-01-21 02:48:17	Name: sa-user-id-v3 Value: s%3AAQAKIIrklDoTwO_HvkkyEUPoSqV7_vDlD6IWwSV3jTzLsEtQEL0BGAQgkJ_grQYwAToEWZd3AkIEgkep_g.4G6aNkQmpSHPXrYQdl0%2Fvd75J04dVMZU6WgpQKKTcFs
.mathtag.com/	1970-01-21 03:28:36	Name: uuid Value: 557365b8-0f90-4600-b06e-cd18794bd505
.go.sonobi.com/	1970-01-20 18:49:29	Name: __uir_st Value: 146143233012348031
.go.sonobi.com/	1970-01-21 02:48:17	Name: __uin_st Value: PwNHEmM7XJ5gDb8Tr4NlQGdLC2s
.linkedin.com/	1970-01-21 02:48:17	Name: bcookie Value: "v=2&629a6a62-7777-4f54-8887-d791876030b4"
.linkedin.com/	1970-01-20 18:04:07	Name: lidc Value: "b=OGST06:s=O:r=O:a=O:p=O:g=2849:u=1:x=1:i=1706561424:t=1706647824:v=2:sig=AQGaT1OFo4E3DIeAP6G-ewNAFpgvsrSx"
.amazon-adsystem.com/	1970-01-21 03:38:41	Name: ad-privacy Value: 0
.tapad.com/	1970-01-20 19:29:05	Name: TapAd_3WAY_SYNCS Value: 3!716
.adnxs.com/	1970-01-20 20:12:17	Name: anj Value: dTM7k!M4/YCxrEQF']wIg2GTrmlxRI!]tbP6j2F-.aDabByFnKcfGTUjP+So9N!s_k1KJt?iiOC$Ee!@qF1`b^WY(VBE>
.adnxs.com/	1970-01-20 20:12:17	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxSWkVMWFpYLTFULUZZSkkiLCJleHBpcmVzIjoiMjAyNC0wNC0yOFQyMDo1MDoyNFoifX0sImJpcnRoZGF5IjoiMjAyNC0wMS0yOVQyMDo1MDoyNFoifQ==
.connatix.com/	1970-01-20 18:45:53	Name: cnx_userId Value: aa24691f63a3424b814fa9eb2ba56e6f
.bidr.io/	1970-01-21 03:31:11	Name: bito Value: AACjsk7LcB8AABQ90hT_OQ
.bidr.io/	1970-01-21 03:31:11	Name: bitoIsSecure Value: ok
.analytics.yahoo.com/	1970-01-21 02:48:17	Name: IDSYNC Value: "199m~2ggk:18vk~2ggk:19e0~2ggk"
.sharethrough.com/	1970-01-20 18:45:53	Name: stx_user_id Value: 809bb382-fab2-4154-ad4e-1c3d87410480
.amazon-adsystem.com/	1970-01-20 23:56:55	Name: ad-id Value: Az-03KoLPEV_plCaVFLqbjk
.rubiconproject.com/	1970-01-21 02:48:17	Name: audit Value: 1\|F2E/esa10mFgdzs5Mw9IVcxzcup3ull+UVc10pm952weObUSX1xGaGHtJK781xB/aH0q78M3Ia/qFTrNE4+z9qDrxqInxg513OlDu/ORdD8=

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://id5-sync.com/k/264.gif?puid=84aafd0b-0af4-4d9d-8b79-676c6031532d&ttl=%%TTL%% Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://usersync.gumgum.com/usersync?b=pln&i=ZnbPqM40z0xa&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355 Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-cdn.technoratimedia.com
ads.pubmatic.com
b1sync.zemanta.com
bh.contextweb.com
c0.pubmine.com
c1.adform.net
capi.connatix.com
ced.sascdn.com
cm.g.doubleclick.net
contextual.media.net
creativecdn.com
de.tynt.com
dp1.33across.com
dpm.demdex.net
eb2.3lift.com
eus.rubiconproject.com
events-ssc.33across.com
fonts-api.wp.com
fonts.wp.com
hb.yahoo.net
hde.tynt.com
ib.adnxs.com
ic.tynt.com
id5-sync.com
image6.pubmatic.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
odr.mookie1.com
p.rfihub.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
pixel.wp.com
pr-bh.ybp.yahoo.com
public-api.wordpress.com
px.ads.linkedin.com
qvdt3feo.com
r-login.wordpress.com
r.skimresources.com
ref-lek-ti-one-rom-val.blog
rtb-csync.smartadserver.com
rtb.gumgum.com
s.ad.smaato.net
s.amazon-adsystem.com
s.pubmine.com
s.skimresources.com
s0.wp.com
secure-assets.rubiconproject.com
secure.adnxs.com
simage4.pubmatic.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssl.google-analytics.com
ssum-sec.casalemedia.com
stats.wp.com
sync.go.sonobi.com
sync.inmobi.com
sync.ipredictive.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.teads.tv
sync.technoratimedia.com
t.adx.opera.com
t.skimresources.com
tg.socdm.com
token.rubiconproject.com
u.openx.net
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
ut.pubmatic.com
visitor.omnitagjs.com
x.bidswitch.net
103.43.90.21
103.43.90.53
104.68.31.231
13.115.174.0
13.228.126.19
141.95.98.65
15.197.193.217
151.101.1.108
151.139.128.10
172.217.24.34
172.64.146.152
172.64.151.101
184.169.159.105
185.184.8.90
185.84.60.20
192.0.76.3
192.0.77.32
192.0.77.38
192.0.78.19
192.0.78.22
192.0.78.25
198.8.71.131
20.127.253.7
207.65.33.83
211.120.53.202
216.200.232.253
23.1.240.138
23.106.127.164
23.106.127.38
23.106.127.56
23.198.59.89
23.204.64.24
23.204.65.234
23.204.65.54
23.55.38.27
2404:6800:4006:809::2008
2406:da18:929:5a01:91d6:7dd1:d2a5:7023
2600:9000:2083:cc00:1b:5138:8a40:93a1
2603:c020:400d:3000:b5b3:7157:5b47:80e4
2606:2800:10c:84af:88cd:a4c9:e204:b71d
2620:1ec:21::14
3.213.224.25
34.111.113.62
34.111.79.67
34.117.239.71
34.215.225.192
35.190.59.101
35.201.67.47
35.213.12.39
35.244.159.8
35.71.178.8
52.46.128.147
52.71.215.193
52.76.134.18
52.95.125.22
54.145.188.191
54.156.106.93
54.238.120.71
54.95.222.155
64.202.112.127
67.199.150.80
67.199.150.85
67.202.105.22
67.202.105.24
67.202.105.31
67.202.105.33
69.173.158.64
72.34.250.75
74.214.196.131
8.18.47.7
8.43.72.97
82.145.213.8
98.98.134.242
02f9d88f20a2389ec219ac0d59cf9748d8f8f552a16d592494018a21a04efa70
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1284252c0fbd4c05cf335d0e9694befe652a1fee9b55433c14a7014ab9754950
132f31fc74c7d18884c7c9163058e34a1d37acc7631232ea21baee9c3b90beaf
1b3ca133575b7b4eaba1afdd8eacb98be8605603d323360ae79b094d90710277
202089342de87a37bfe8232e213d337b276253b318f9ffce0fc5f9fecf3f7020
221d05ad70ffcff2baa6543953b57372b7096ab0b403f9106c8750996ec7b9ea
28725bb710c49bdbc2c33ae596fbd6d897715d2a8283c768f7ea29819406d9f9
28f17848c3b64ee19d529aa7caeedd1e2a389837e1310fb74e6175a7ce5cb185
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2bd27fb4cdd30b9b0c730e44a8ec482a49dbf95eaa5c3f399c816dfef9990beb
2d13d054dec619ab84fd414a83959ab61fb660553b23ba9aaf43f7c4940e5b96
35dfb3e21acbb626befad4937c1162b219c250ed0f863fa65d9fb2c9f9c1dabe
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4454d9d3961cb38ef425de34b4e6173fe6d284f8625c74c6d125aec648a25d08
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
482557e9a36abd333794bc970936371d1e516a179f73fb5765f67af03c854e98
492e3360fd48e4ecce938c07d1c35d06b129661bd0be387adda08e077b64c77a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55967e8b48ca861fd270485e79457039512b1a4dbdb3a572741c0aa737bca814
57782ba861b1a75737715f4186c774e1a5dac2ab514d63c51c74a72c5a613b9d
5e2a013bec81adba8c4fa7ae3e4ff0d238a34b0e8ebe301d8b3866d1cdcbb326
5f789ccae156b160492d89a6146b1974d15128790b74abb995d8e89fa44cde5e
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6550610a8b8c68c259d1b261e9d8eec342fbb65a1f8c74ba40a995aea363e4a5
667bf42b6718c05fa0121720bc1d20d73e2a0e33a7d4df9c9255e0bc95beda86
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
716a727e47216ad28191f60fb09d59015b1bcb3df8cc32b5bb94f73d534a5732
71df132c94f689f31822d47f4c4651b3639b7eb548a20bac80d9f30f686312a3
79674b01741c3978417b6b9b4b98d125755e7bb468979d5cd593eac4b94cdb91
820499f827121023aaa9f93a0abb0bea4c3a318737bd14689bb9c81cbc4afb2a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8664f6b61a5bdf0f339c1ef04532e924a52f6b77003c6fb47da16ab4a779d008
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
906f18075913738d5463a9d00bade872fd6aa0e7a6994a79b4447b0b14626ea7
946fca3834122da27d870ea4baae4040183c10a875cddc4e60c583444f823102
947d703f577549cbb0b1a4143f3b363ec9c7cf309587d5b12b87f0e64ff99db4
963ef2b3b0a8b5db60d69df5814239c385bc4e8e8781c6c24bc7390457e1e6dc
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a900c75ff4b94ebc8ba82768df4345bb01390ef53ed59b933cae77d6cbd351f
9b09fce25bd8c396410d60a125123e72e75042ce6a2637c23d647a26d47d10c3
9c83b89ab9d2677980617afacb833a74da3050a2d3d711176b500d7922e49ab5
9da68a2041121bd70ba1224bd2240dea9ef6ca2e8a07d500c4d74d731c127f13
9ee6202a67a5fb72b72d7f98eeec222cccbe7da0cc58ebf3f15326653ea24608
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a6dc271cbdaa05e97c5144483628df9e30b68326e5b04a5fef3322af1c0f22e0
a7aa369071e3a50369a4511c4258ca53d1f041884bbeab829121914842ff60f2
a914ebd8267f0641e0ebd8333aa52a13ec9635160335147b7d90aed18c6db017
aea0ca7e2cf658b802e1dfa9c69b17fc6b701f22935c8d323382458b1798288a
b32ac08ac704f56f164eca7ed8dbc4ff2c50dff8f9e3527d2c52c93081672b02
b88bc818f09d63feaa1a980f7a5c59ef6afab11e7e426623b620fc50f1edf231
b958d10b8b3d47942c376576786aefa35104a54cb3470766386b5763eb63b1ce
c0e93b5ebf107af77d9e7d101d186b3b93e9d5ad4fbb6a74e2dea60173cc04f8
c1e19fc3e6904501de37c171da1f3747ed0dfccf0e02277e9f50e1153e4a6277
c1e62caa83381d8a3c58be2a17f28bff4176e8ddcd882bb923f3152852c06df9
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3a5165ca7cfe2156bdf923a180ee73fa4fe0ed030334ee1d688dedf53876600
c6f921178c04e85a2499b306b750c3404727a71e251c88d8d4b905aba13545ee
cda692c4f59ce9eccdff074cdee62a9fb02477d7bae319bbc3d3544606562e4a
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e
de87ef766937eaf5107ea3e9a2a378f39aa123abfc451de76e011f887be28b39
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

ref-lek-ti-one-rom-val.blog Open in urlscan Pro 192.0.78.25 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

146 Requests

64 %HTTPS

8 %IPv6

51 Domains

79 Subdomains

47 IPs

9 Countries

1206 kBTransfer

2444 kBSize

85 Cookies

9 Outgoing links

Page URL History

Redirected requests

146 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ref-lek-ti-one-rom-val.blog Open in urlscan Pro
192.0.78.25 Public Scan

Screenshot
Live screenshot

Full Image

146
Requests

64 %
HTTPS

8 %
IPv6

51
Domains

79
Subdomains

47
IPs

9
Countries

1206 kB
Transfer

2444 kB
Size

85
Cookies

146 HTTP transactions
1 data transactions