ref-lek-ti-one-rom-val.blog Open in urlscan Pro
192.0.78.24 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.ref-lek-ti-one-rom-val.blog/
Effective URL:
https://ref-lek-ti-one-rom-val.blog/
Submission Tags: @phish_report
Submission: On January 29 via api (January 29th 2024, 8:58:27 pm UTC) from FI — Scanned from NZ

Summary HTTP 154 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 47 IPs in 10 countries across 55 domains to perform 154 HTTP transactions. The main IP is 192.0.78.24, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is ref-lek-ti-one-rom-val.blog.
TLS certificate: Issued by R3 on January 29th 2024. Valid for: 3 months.

This is the only time ref-lek-ti-one-rom-val.blog was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 3	192.0.78.24 192.0.78.24	2635 (AUTOMATTIC) (AUTOMATTIC)
18	192.0.77.32 192.0.77.32	2635 (AUTOMATTIC) (AUTOMATTIC)
1	104.99.59.34 104.99.59.34	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
23	54.215.152.213 54.215.152.213	16509 (AMAZON-02) (AMAZON-02)
3	2404:6800:400... 2404:6800:4006:804::2008	15169 (GOOGLE) (GOOGLE)
1	192.0.78.23 192.0.78.23	2635 (AUTOMATTIC) (AUTOMATTIC)
6 7	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
8	23.198.59.89 23.198.59.89	16625 (AKAMAI-AS) (AKAMAI-AS)
1	192.0.78.19 192.0.78.19	2635 (AUTOMATTIC) (AUTOMATTIC)
1	67.199.150.80 67.199.150.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	192.0.77.38 192.0.77.38	2635 (AUTOMATTIC) (AUTOMATTIC)
1 9	72.34.250.75 72.34.250.75	27630 (AS-XFERNET) (AS-XFERNET)
6 6	18.143.106.89 18.143.106.89	16509 (AMAZON-02) (AMAZON-02)
1 1	23.106.127.53 23.106.127.53	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
1 2	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13 13	67.202.105.24 67.202.105.24	32748 (STEADFAST) (STEADFAST)
1 3	67.202.105.33 67.202.105.33	32748 (STEADFAST) (STEADFAST)
1	2606:2800:10c... 2606:2800:10c:84af:88cd:a4c9:e204:b71d	15133 (EDGECAST) (EDGECAST)
1 1	44.236.119.85 44.236.119.85	16509 (AMAZON-02) (AMAZON-02)
1 1	20.127.253.7 20.127.253.7	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
9 10	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
1 1	2600:9000:208... 2600:9000:2083:5000:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	57.180.149.130 57.180.149.130	16509 (AMAZON-02) (AMAZON-02)
1	151.101.1.108 151.101.1.108	54113 (FASTLY) (FASTLY)
8	23.204.65.234 23.204.65.234	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.204.64.24 23.204.64.24	16625 (AKAMAI-AS) (AKAMAI-AS)
5 8	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	23.204.65.54 23.204.65.54	16625 (AKAMAI-AS) (AKAMAI-AS)
14 22	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	52.223.2.229 52.223.2.229	16509 (AMAZON-02) (AMAZON-02)
5 6	103.43.90.53 103.43.90.53	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	23.106.127.57 23.106.127.57	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
7 7	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2 2	119.9.108.191 119.9.108.191	45187 (RACKSPACE...) (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong)
2 2	54.153.211.209 54.153.211.209	16509 (AMAZON-02) (AMAZON-02)
2 4	185.84.60.23 185.84.60.23	198622 (ADFORM) (ADFORM)
1	67.199.150.81 67.199.150.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 3	103.43.90.179 103.43.90.179	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	2603:c020:400... 2603:c020:400d:3000:f50:982a:7877:65bd	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
2	207.65.33.76 207.65.33.76	62713 (AS-PUBMATIC) (AS-PUBMATIC)
12	52.38.203.118 52.38.203.118	16509 (AMAZON-02) (AMAZON-02)
1	34.111.79.67 34.111.79.67	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	54.204.112.220 54.204.112.220	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.86.75.60 52.86.75.60	14618 (AMAZON-AES) (AMAZON-AES)
2 2	2406:da18:929... 2406:da18:929:5a01:dcfb:166e:80ad:dfdd	16509 (AMAZON-02) (AMAZON-02)
2 2	54.146.3.211 54.146.3.211	14618 (AMAZON-AES) (AMAZON-AES)
1	169.197.150.7 169.197.150.7	398989 (DEEPINTENT) (DEEPINTENT)
2 2	64.202.112.127 64.202.112.127	23352 (SERVERCEN...) (SERVERCENTRAL)
2 2	74.214.196.131 74.214.196.131	19189 (PULSEPOINT) (PULSEPOINT)
1 1	23.106.127.39 23.106.127.39	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
4 10	172.217.24.34 172.217.24.34	15169 (GOOGLE) (GOOGLE)
1 1	124.146.153.161 124.146.153.161	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
4 4	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
3 3	104.68.31.231 104.68.31.231	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	198.8.71.130 198.8.71.130	54312 (ROCKETFUEL) (ROCKETFUEL)
1 1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
1 2	34.193.170.224 34.193.170.224	14618 (AMAZON-AES) (AMAZON-AES)
9	34.117.239.71 34.117.239.71	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	74.121.140.211 74.121.140.211	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 4	98.98.134.243 98.98.134.243	21859 (ZEN-ECN) (ZEN-ECN)
1 1	2620:116:800e... 2620:116:800e:21:46d:7e81:55ff:4c12	16509 (AMAZON-02) (AMAZON-02)
2 3	54.239.38.253 54.239.38.253	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 4	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
2 2	44.240.244.248 44.240.244.248	16509 (AMAZON-02) (AMAZON-02)
1	52.220.70.131 52.220.70.131	16509 (AMAZON-02) (AMAZON-02)
1 2	172.64.146.152 172.64.146.152	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.72.70.27 104.72.70.27	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2600:9000:243... 2600:9000:243a:d200:1a:5235:f980:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	13.35.147.78 13.35.147.78	16509 (AMAZON-02) (AMAZON-02)
1 1	8.43.72.97 8.43.72.97	26667 (RUBICONPR...) (RUBICONPROJECT)
1	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
2	35.201.67.47 35.201.67.47	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.190.59.101 35.190.59.101	15169 (GOOGLE) (GOOGLE)
154	47

3 192.0.78.24 (San Francisco, United States) 2 redirects

ASN2635 (AUTOMATTIC, US)

www.ref-lek-ti-one-rom-val.blog	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ref-lek-ti-one-rom-val.blog	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 192.0.77.32 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

s0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts-api.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.99.59.34 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-99-59-34.deploy.static.akamaitechnologies.com

ced.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 54.215.152.213 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-215-152-213.us-west-1.compute.amazonaws.com

s.pubmine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4006:804::2008 (Sydney, Australia)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.23 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

public-api.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 162.19.138.119 (Frankfurt am Main, Germany) 6 redirects

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.198.59.89 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-198-59-89.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.19 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

r-login.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.199.150.80 (Singapore, Singapore)

ASN62713 (AS-PUBMATIC, US)

ut.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.38 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

c0.pubmine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 72.34.250.75 (Hemet, United States) 1 redirects

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.143.106.89 (Singapore, Singapore) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-143-106-89.ap-southeast-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.106.127.53 (Singapore, Singapore) 1 redirects

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

ssbsync-global.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.151.101 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 67.202.105.24 (Chicago, United States) 13 redirects

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.202.105.33 (Chicago, United States) 1 redirects

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:10c:84af:88cd:a4c9:e204:b71d (United States)

ASN15133 (EDGECAST, US)

ad-cdn.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.236.119.85 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-236-119-85.us-west-2.compute.amazonaws.com

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.127.253.7 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sync.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 35.213.12.39 (Tokyo, Japan) 9 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2083:5000:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 57.180.149.130 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-57-180-149-130.ap-northeast-1.compute.amazonaws.com

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.204.65.234 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-204-65-234.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.204.64.24 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-204-64-24.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.244.159.8 (Kansas City, United States) 5 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.204.65.54 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-204-65-54.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 69.173.158.64 (Singapore, Singapore) 14 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.2.229 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 103.43.90.53 (Singapore, Singapore) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.106.127.57 (Singapore, Singapore) 1 redirects

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.223.40.198 (United States) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 119.9.108.191 (Hong Kong) 2 redirects

ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.153.211.209 (Sydney, Australia) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-153-211-209.ap-southeast-2.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.84.60.23 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.199.150.81 (Singapore, Singapore)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 103.43.90.179 (Singapore, Singapore) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2603:c020:400d:3000:f50:982a:7877:65bd (Ashburn, United States) 1 redirects

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 207.65.33.76 (United States)

ASN62713 (AS-PUBMATIC, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.38.203.118 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-38-203-118.us-west-2.compute.amazonaws.com

usersync.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.79.67 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 67.79.111.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.204.112.220 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-112-220.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.86.75.60 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-75-60.compute-1.amazonaws.com

qvdt3feo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:da18:929:5a01:dcfb:166e:80ad:dfdd (Singapore, Singapore) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.146.3.211 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-3-211.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.127 (United States) 2 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.214.196.131 (Sunnyvale, United States) 2 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.106.127.39 (Singapore, Singapore) 1 redirects

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.217.24.34 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: syd15s20-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.153.161 (Miyado, Japan) 1 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.184.8.90 (Amsterdam, Netherlands) 4 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.68.31.231 (Sydney, Australia) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-68-31-231.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.8.71.130 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway) 1 redirects

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.193.170.224 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-170-224.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 34.117.239.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.239.117.34.bc.googleusercontent.com

events-ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.121.140.211 (Reston, United States) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 98.98.134.243 (United States) 2 redirects

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800e:21:46d:7e81:55ff:4c12 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.239.38.253 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.46.130.91 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.240.244.248 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-244-248.us-west-2.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.220.70.131 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-70-131.ap-southeast-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.146.152 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.72.70.27 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-72-70-27.deploy.static.akamaitechnologies.com

hb.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:243a:d200:1a:5235:f980:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

live.primis.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.35.147.78 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-78.syd1.r.cloudfront.net

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync1.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.97 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

s.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.67.47 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 47.67.201.35.bc.googleusercontent.com

t.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com

r.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	rubiconproject.com 18 redirects eus.rubiconproject.com — Cisco Umbrella Rank: 579 pixel.rubiconproject.com — Cisco Umbrella Rank: 381 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 967 token.rubiconproject.com — Cisco Umbrella Rank: 477 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1274	67 KB
24	pubmine.com s.pubmine.com — Cisco Umbrella Rank: 16700 c0.pubmine.com — Cisco Umbrella Rank: 35567	76 KB
23	wp.com s0.wp.com — Cisco Umbrella Rank: 8186 fonts-api.wp.com — Cisco Umbrella Rank: 16464 stats.wp.com — Cisco Umbrella Rank: 2723 fonts.wp.com — Cisco Umbrella Rank: 17444 pixel.wp.com — Cisco Umbrella Rank: 2679	776 KB
22	33across.com 13 redirects ssc-cms.33across.com — Cisco Umbrella Rank: 901 events-ssc.33across.com — Cisco Umbrella Rank: 1615	9 KB
13	gumgum.com rtb.gumgum.com — Cisco Umbrella Rank: 1478 usersync.gumgum.com — Cisco Umbrella Rank: 1988	4 KB
12	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 535 ut.pubmatic.com — Cisco Umbrella Rank: 7383 image6.pubmatic.com — Cisco Umbrella Rank: 805 simage4.pubmatic.com — Cisco Umbrella Rank: 1277	169 KB
10	doubleclick.net 4 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 260	2 KB
10	adnxs.com 7 redirects acdn.adnxs.com — Cisco Umbrella Rank: 598 ib.adnxs.com — Cisco Umbrella Rank: 253 secure.adnxs.com — Cisco Umbrella Rank: 490	8 KB
10	bidswitch.net 9 redirects x.bidswitch.net — Cisco Umbrella Rank: 373	6 KB
9	sonobi.com 1 redirects sync.go.sonobi.com — Cisco Umbrella Rank: 976	8 KB
8	openx.net 5 redirects u.openx.net — Cisco Umbrella Rank: 683 us-u.openx.net — Cisco Umbrella Rank: 524	1 KB
8	yahoo.com 8 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 358 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495	3 KB
7	amazon-adsystem.com 4 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 801 s.amazon-adsystem.com — Cisco Umbrella Rank: 326	5 KB
7	adsrvr.org 7 redirects match.adsrvr.org — Cisco Umbrella Rank: 357	3 KB
7	id5-sync.com 6 redirects id5-sync.com — Cisco Umbrella Rank: 425	9 KB
5	skimresources.com s.skimresources.com — Cisco Umbrella Rank: 4213 t.skimresources.com — Cisco Umbrella Rank: 4334 r.skimresources.com — Cisco Umbrella Rank: 4122	20 KB
4	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 722	1 KB
4	creativecdn.com 4 redirects creativecdn.com — Cisco Umbrella Rank: 564	1 KB
4	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 583	2 KB
3	tynt.com 1 redirects de.tynt.com — Cisco Umbrella Rank: 1526 ic.tynt.com — Cisco Umbrella Rank: 11236	7 KB
3	smartadserver.com 3 redirects ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1724 rtb-csync.smartadserver.com — Cisco Umbrella Rank: 669 ssbsync.smartadserver.com — Cisco Umbrella Rank: 742	1 KB
3	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 570	17 KB
3	ref-lek-ti-one-rom-val.blog 2 redirects www.ref-lek-ti-one-rom-val.blog ref-lek-ti-one-rom-val.blog	22 KB
2	intentiq.com 1 redirects sync.intentiq.com — Cisco Umbrella Rank: 880 sync1.intentiq.com — Cisco Umbrella Rank: 3054	2 KB
2	connatix.com 1 redirects capi.connatix.com — Cisco Umbrella Rank: 1105	522 B
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 555	1 KB
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 1331	1 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 239	1 KB
2	contextweb.com 2 redirects bh.contextweb.com — Cisco Umbrella Rank: 523	2 KB
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 626	1 KB
2	ipredictive.com 2 redirects sync.ipredictive.com — Cisco Umbrella Rank: 906	958 B
2	qvdt3feo.com 2 redirects qvdt3feo.com — Cisco Umbrella Rank: 4307	3 KB
2	stackadapt.com 2 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 730	395 B
2	eyeota.net 2 redirects ps.eyeota.net — Cisco Umbrella Rank: 1074	1 KB
2	semasio.net 2 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1382	1 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 412	888 B
2	technoratimedia.com 1 redirects ad-cdn.technoratimedia.com — Cisco Umbrella Rank: 5647 sync.technoratimedia.com — Cisco Umbrella Rank: 1913	7 KB
2	casalemedia.com 1 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 497	2 KB
2	wordpress.com public-api.wordpress.com — Cisco Umbrella Rank: 9533 r-login.wordpress.com — Cisco Umbrella Rank: 27867	821 B
1	primis.tech 1 redirects live.primis.tech — Cisco Umbrella Rank: 1495	537 B
1	yahoo.net hb.yahoo.net — Cisco Umbrella Rank: 773	612 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 508	281 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 349	515 B
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 764	454 B
1	opera.com 1 redirects t.adx.opera.com — Cisco Umbrella Rank: 1217	505 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 841	736 B
1	socdm.com 1 redirects tg.socdm.com — Cisco Umbrella Rank: 1525	834 B
1	deepintent.com match.deepintent.com — Cisco Umbrella Rank: 1026	44 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1375	204 B
1	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1376	305 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 709	12 KB
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 662	495 B
1	inmobi.com 1 redirects sync.inmobi.com — Cisco Umbrella Rank: 1482	713 B
1	omnitagjs.com 1 redirects visitor.omnitagjs.com — Cisco Umbrella Rank: 731	460 B
1	sascdn.com ced.sascdn.com — Cisco Umbrella Rank: 10545	37 KB
154	55

	Domain	Requested by
23	s.pubmine.com	ref-lek-ti-one-rom-val.blog c0.pubmine.com ssum-sec.casalemedia.com rtb.gumgum.com de.tynt.com
14	s0.wp.com	ref-lek-ti-one-rom-val.blog
13	pixel.rubiconproject.com	9 redirects ref-lek-ti-one-rom-val.blog
13	ssc-cms.33across.com	13 redirects
12	usersync.gumgum.com	rtb.gumgum.com
10	cm.g.doubleclick.net	4 redirects rtb.gumgum.com sync.go.sonobi.com ref-lek-ti-one-rom-val.blog
10	x.bidswitch.net	9 redirects c0.pubmine.com
9	events-ssc.33across.com	de.tynt.com us-u.openx.net ref-lek-ti-one-rom-val.blog
9	token.rubiconproject.com	5 redirects eus.rubiconproject.com
9	sync.go.sonobi.com	1 redirects c0.pubmine.com sync.go.sonobi.com
8	eus.rubiconproject.com	c0.pubmine.com eus.rubiconproject.com rtb.gumgum.com de.tynt.com
8	ads.pubmatic.com	s0.wp.com ads.pubmatic.com c0.pubmine.com rtb.gumgum.com simage4.pubmatic.com
7	match.adsrvr.org	7 redirects
7	id5-sync.com	6 redirects ced.sascdn.com
6	us-u.openx.net	4 redirects de.tynt.com
6	ib.adnxs.com	5 redirects ref-lek-ti-one-rom-val.blog
6	ups.analytics.yahoo.com	6 redirects
4	s.amazon-adsystem.com	2 redirects ref-lek-ti-one-rom-val.blog
4	pixel-sync.sitescout.com	2 redirects de.tynt.com
4	creativecdn.com	4 redirects
4	c1.adform.net	2 redirects ref-lek-ti-one-rom-val.blog rtb.gumgum.com
4	pixel.wp.com	ref-lek-ti-one-rom-val.blog
3	aax-eu.amazon-adsystem.com	2 redirects ref-lek-ti-one-rom-val.blog
3	secure-assets.rubiconproject.com	3 redirects
3	secure.adnxs.com	2 redirects ref-lek-ti-one-rom-val.blog
3	fonts.wp.com	fonts-api.wp.com
3	ssl.google-analytics.com	ref-lek-ti-one-rom-val.blog ssl.google-analytics.com
2	r.skimresources.com	s.skimresources.com
2	t.skimresources.com	s.skimresources.com
2	capi.connatix.com	1 redirects ref-lek-ti-one-rom-val.blog
2	match.prod.bidr.io	2 redirects
2	sync.mathtag.com	2 redirects
2	dpm.demdex.net	1 redirects sync.go.sonobi.com
2	bh.contextweb.com	2 redirects
2	b1sync.zemanta.com	2 redirects
2	sync.ipredictive.com	2 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	qvdt3feo.com	2 redirects
2	sync.srv.stackadapt.com	2 redirects
2	simage4.pubmatic.com	ads.pubmatic.com
2	ps.eyeota.net	2 redirects
2	uipglob.semasio.net	2 redirects
2	eb2.3lift.com	2 redirects
2	u.openx.net	1 redirects c0.pubmine.com
2	de.tynt.com	c0.pubmine.com
2	ssum-sec.casalemedia.com	1 redirects c0.pubmine.com
2	www.ref-lek-ti-one-rom-val.blog	2 redirects
1	s.skimresources.com	c0.pubmine.com
1	pixel-us-east.rubiconproject.com	1 redirects
1	sync1.intentiq.com	ref-lek-ti-one-rom-val.blog
1	sync.intentiq.com	1 redirects
1	live.primis.tech	1 redirects
1	hb.yahoo.net	ref-lek-ti-one-rom-val.blog
1	match.sharethrough.com	ref-lek-ti-one-rom-val.blog
1	px.ads.linkedin.com	ref-lek-ti-one-rom-val.blog
1	cms.quantserve.com	1 redirects
1	t.adx.opera.com	1 redirects
1	p.rfihub.com	1 redirects
1	tg.socdm.com	1 redirects
1	ssbsync.smartadserver.com	1 redirects
1	match.deepintent.com	rtb.gumgum.com
1	odr.mookie1.com	rtb.gumgum.com
1	sync.technoratimedia.com	1 redirects
1	image6.pubmatic.com	ads.pubmatic.com
1	rtb-csync.smartadserver.com	1 redirects
1	sync.teads.tv	c0.pubmine.com
1	contextual.media.net	c0.pubmine.com
1	acdn.adnxs.com	c0.pubmine.com
1	rtb.gumgum.com	c0.pubmine.com
1	s.ad.smaato.net	1 redirects
1	sync.inmobi.com	1 redirects
1	visitor.omnitagjs.com	1 redirects
1	ic.tynt.com	1 redirects
1	ad-cdn.technoratimedia.com	c0.pubmine.com
1	ssbsync-global.smartadserver.com	1 redirects
1	c0.pubmine.com	ref-lek-ti-one-rom-val.blog
1	ut.pubmatic.com	ads.pubmatic.com
1	r-login.wordpress.com	ref-lek-ti-one-rom-val.blog
1	public-api.wordpress.com	ref-lek-ti-one-rom-val.blog
1	stats.wp.com	ref-lek-ti-one-rom-val.blog
1	ced.sascdn.com	ref-lek-ti-one-rom-val.blog
1	fonts-api.wp.com	ref-lek-ti-one-rom-val.blog
1	ref-lek-ti-one-rom-val.blog
154	83

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
wordpress.com
reflektioneromval.wordpress.com
en.wordpress.com
subscribe.wordpress.com
automattic.com

Subject Issuer	Validity	Valid
tls.automattic.com R3	`2024-01-29` - `2024-04-28`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
*.sascdn.com DigiCert TLS RSA SHA256 2020 CA1	`2023-07-14` - `2024-07-17`	a year	crt.sh
s.pubmine.com Sectigo RSA Domain Validation Secure Server CA	`2023-10-02` - `2024-10-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.wordpress.com Sectigo ECC Domain Validation Secure Server CA	`2023-12-05` - `2025-01-04`	a year	crt.sh
*.id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-26` - `2024-11-26`	a year	crt.sh
c0.pubmine.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-04` - `2024-05-04`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2023-12-07` - `2025-01-07`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-05` - `2024-09-30`	a year	crt.sh
*.technoratimedia.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-16` - `2024-09-15`	a year	crt.sh
jp-ad-exch-prd-two-eks.prd.eks.jp.adexchange.gumgum.com Amazon RSA 2048 M01	`2023-08-31` - `2024-09-28`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-21` - `2024-12-21`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
teads.tv R3	`2024-01-22` - `2024-04-21`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2023-12-01` - `2025-01-01`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.ad-server.k8s.or.ggops.com Amazon RSA 2048 M02	`2023-04-17` - `2024-05-16`	a year	crt.sh
events-ssc.33across.com GTS CA 1D4	`2023-12-22` - `2024-03-21`	3 months	crt.sh
*.skimresources.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-11-07`	a year	crt.sh

This page contains 41 frames:

Primary Page: https://ref-lek-ti-one-rom-val.blog/
Frame ID: 552A36D96D3BBF37D8608402962F30DB
Requests: 52 HTTP requests in this frame

Frame: https://r-login.wordpress.com/remote-login.php?wpcom_remote_login=key&origin=aHR0cHM6Ly9yZWYtbGVrLXRpLW9uZS1yb20tdmFsLmJsb2c%3D&wpcomid=116229836&time=1706561894
Frame ID: BB96D67011E64464362E17B20298B444
Requests: 1 HTTP requests in this frame

Frame: https://s.pubmine.com/match?bidder_id=13&external_user_id=c8d2749f-d403-474e-b836-a7f694dc9fb7&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=
Frame ID: FF2D0213C686816F748C5E6DEC87553D
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html
Frame ID: E092EA28F2BFAA8B3B7C95BB5DC46C39
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D11%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Frame ID: DA3E50EEDA827B1EDB2B968F9CFE187A
Requests: 1 HTTP requests in this frame

Frame: https://s.pubmine.com/match?bidder_id=27&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&external_user_id=y-zhLHBrNE2uGSg5vYTwP5wqucO8v1PO3aavi9tGI-~A&gdpr=0
Frame ID: F03218853788182584BB69B27AB36359
Requests: 1 HTTP requests in this frame

Frame: https://s.pubmine.com/match?bidder_id=23&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=6734133632593332779
Frame ID: A00A3782B8BC98D30BA2F405F2BF3598
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D21%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D&gdpr=0&gdpr_consent=&s=197465&us_privacy=&C=1
Frame ID: 70B18D2F4D4A68A0EAA62B3F08631514
Requests: 2 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D
Frame ID: DB5CCB66675FC970B2E2F0D8B06DDE5E
Requests: 6 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?cb=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D30%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D%5BUSER_ID%5D
Frame ID: 96BD0DC5A4F396DAA6F0D4BC3FD880C4
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D26%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Frame ID: EF531AE3FDBD5BAA6F0FA0EEF60681A4
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
Frame ID: 297D7E2A624088C855163DB7EF53AD9C
Requests: 6 HTTP requests in this frame

Frame: https://s.pubmine.com/match?bidder_id=22&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=f92916907b1d12017859e3b85781bf35
Frame ID: BE1AB41479FD1F5F070FF1219A2C61C2
Requests: 1 HTTP requests in this frame

Frame: https://s.pubmine.com/match?bidder_id=20&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=ID5-6e33yLx9amxYuXRSNSzVW39eEY__DBOY1uwdEsaxCA
Frame ID: 07C385581D972527C530B60913D9F052
Requests: 1 HTTP requests in this frame

Frame: https://s.pubmine.com/match?bidder_id=18&external_user_id=&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=
Frame ID: B12BA5FAC7A49BEA917DD5E622190B56
Requests: 1 HTTP requests in this frame

Frame: https://s.pubmine.com/match?bidder_id=29&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=921f890dca
Frame ID: 7116C1E869105C54578F5A0134E7D4C1
Requests: 1 HTTP requests in this frame

Frame: https://s.pubmine.com/match?bidder_id=15&external_user_id=y-t5imU1VE2uGuIPIQPNKiBogxvYOlSXYleD8lojM-~A&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516
Frame ID: A304786806F5E3B20CADBFC61159E3EE
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Frame ID: 2F1197C2D817E2B4074672B1B474FEC7
Requests: 12 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 735742306220D66FAB58ADF3DF8A2DE2
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156204&gdpr=0&gdpr_consent=
Frame ID: 917A1DDD800345495F07D79BDB069271
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: DB3AC5158A0B1BE16AE511BD33956010
Requests: 19 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?cid=8CU8HDVRS&cs=13
Frame ID: 90E02DC10300BBE82251040CC1A985A1
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?cc=1
Frame ID: 841F8C71665E3956D0F0F7A8F1321C56
Requests: 1 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe
Frame ID: ADB44ACBB2AB3FB1EB7E59A3410DA07E
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?ssp=themediagrid&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: C39FDBAFFA573BD99D43C42B02ACCDE9
Requests: 1 HTTP requests in this frame

Frame: https://simage4.pubmatic.com/AdServer/SPug?o=1&p=156204&sc=1&u=735ED72E-AE86-49E4-A999-A2CE3D4C8400&rs=3&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: B167DB12D6BD2985BAA033741A2AD446
Requests: 1 HTTP requests in this frame

Frame: https://simage4.pubmatic.com/AdServer/SPug?o=1&p=156204&sc=1&u=735ED72E-AE86-49E4-A999-A2CE3D4C8400&rs=3&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 2DB89CD36955F9541D2AE45F0F3D1EEE
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=
Frame ID: 057F4EDFC4CB214069A14AED985BB3A1
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV9hMTRkZGQ0NC1hYTFiLTQ4MjctOTYxNS1mOWMzYjU2YTAxNDE=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv&google_tc=
Frame ID: 13E17C1E372817CB16D31E3537D2AB40
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: F8B8F1427315B773F9C50144046D50D7
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=43a4982c-151d-422a-9f30-e68972fa9133
Frame ID: 0215E8FEF7ABB6331E31FAC4B1F20666
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZbgRacCo8YAAAMYPOMwAAAAA
Frame ID: 98759EF58BDE920E036D0CB6D3B4753A
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=6-m-AlUpbKtQUxlVUyGGSB0-3NqsrceanbMu1_wucDA&pi=gumgum&tc=1
Frame ID: 5D48021F3220E77408A5B7D89700E009
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 7EF8824CF25CEA894F941D469D9EC57B
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: 3264F5EAB9B895F2E9A1B2CA37EAF7D2
Requests: 4 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?cc=1&id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Frame ID: 63CAED1DE3FCAC46D9C66A7BD056B2D1
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: DAE11974C7D78B3FC71B80C7F3600C9A
Requests: 3 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?cc=1&id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Frame ID: 11FF4BCC0591B27AE9D2C1D41271338B
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3D735ED72E-AE86-49E4-A999-A2CE3D4C8400%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID
Frame ID: D2B3E7B3D742B771DB9E7D710853E158
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3D735ED72E-AE86-49E4-A999-A2CE3D4C8400%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID
Frame ID: 8B5131E03B91FDAFE967886836D9227C
Requests: 1 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.3531928030663236
Frame ID: 06D5487F5E0AFF301F8853F77A108559
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

På nya äventyr – En resa genom främmande land

Page URL History Show full URLs

http://www.ref-lek-ti-one-rom-val.blog/ HTTP 301
https://www.ref-lek-ti-one-rom-val.blog/ HTTP 301
https://ref-lek-ti-one-rom-val.blog/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+s\d+\.wp\.com
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

154
Requests

63 %
HTTPS

11 %
IPv6

55
Domains

83
Subdomains

47
IPs

10
Countries

1221 kB
Transfer

2485 kB
Size

91
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/watch?v=7zrGSAWyERM
Title: How to be a Great Game Master – 5 Secrets To Making an Awesome Adventure.

Search URL Search Domain Scan URL

URL: https://wordpress.com/?ref=footer_website
Title: Skapa en gratis webbplats eller blogg på WordPress.com.

Search URL Search Domain Scan URL

URL: https://wordpress.com/log-in?redirect_to=https%3A%2F%2Fr-login.wordpress.com%2Fremote-login.php%3Faction%3Dlink%26back%3Dhttps%253A%252F%252Fref-lek-ti-one-rom-val.blog%252F2020%252F08%252F01%252Fgoblin-kungen%252F
Title: Logga in nu.

Search URL Search Domain Scan URL

URL: https://reflektioneromval.wordpress.com/wp-admin/customize.php?url=https%3A%2F%2Freflektioneromval.wordpress.com%2F
Title: Anpassa

Search URL Search Domain Scan URL

URL: https://wordpress.com/start/
Title: Registrera

Search URL Search Domain Scan URL

URL: http://en.wordpress.com/abuse/?report_url=https://ref-lek-ti-one-rom-val.blog
Title: Rapportera detta innehåll

Search URL Search Domain Scan URL

URL: https://wordpress.com/read/feeds/95181640
Title: Visa webbplats i Inläggsvyn

Search URL Search Domain Scan URL

URL: https://subscribe.wordpress.com/
Title: Hantera prenumerationer

Search URL Search Domain Scan URL

URL: https://automattic.com/cookies/
Title: Cookie-policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.ref-lek-ti-one-rom-val.blog/ HTTP 301
https://www.ref-lek-ti-one-rom-val.blog/ HTTP 301
https://ref-lek-ti-one-rom-val.blog/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D13%26external_user_id%3D%5BUID%5D%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://s.pubmine.com/match?bidder_id=13&external_user_id=c8d2749f-d403-474e-b836-a7f694dc9fb7&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=

Request Chain 36

https://ups.analytics.yahoo.com/ups/58666/occ?uid=e9656c5a-7d53-4058-9c9e-294d65744516&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58666/occ?uid=e9656c5a-7d53-4058-9c9e-294d65744516&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://s.pubmine.com/match?bidder_id=27&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&external_user_id=y-zhLHBrNE2uGSg5vYTwP5wqucO8v1PO3aavi9tGI-~A&gdpr=0

Request Chain 37

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&US_privacy=&redirectUri=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D23%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D[ssb_sync_pid] HTTP 302
https://s.pubmine.com/match?bidder_id=23&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=6734133632593332779

Request Chain 38

https://ssum-sec.casalemedia.com/usermatch?s=197465&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D21%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D21%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D&gdpr=0&gdpr_consent=&s=197465&us_privacy=&C=1

Request Chain 39

https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D HTTP 302
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D

Request Chain 42

https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz HTTP 307
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz

Request Chain 43

https://visitor.omnitagjs.com/visitor/bsync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=0&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D22%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D[BUYER_USERID] HTTP 307
https://s.pubmine.com/match?bidder_id=22&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=f92916907b1d12017859e3b85781bf35

Request Chain 44

https://sync.inmobi.com/prebid?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D20%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&us_privacy=&callback=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D20%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D%7BID5UID%7D HTTP 302
https://s.pubmine.com/match?bidder_id=20&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=ID5-6e33yLx9amxYuXRSNSzVW39eEY__DBOY1uwdEsaxCA

Request Chain 45

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D18%26external_user_id%3D%24%7BBSW_UUID%7D%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://s.pubmine.com/match?bidder_id=18&external_user_id=&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=

Request Chain 46

https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D29%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D%24UID HTTP 302
https://s.pubmine.com/match?bidder_id=29&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=921f890dca

Request Chain 47

https://ups.analytics.yahoo.com/ups/58366/occ?uid=e9656c5a-7d53-4058-9c9e-294d65744516 HTTP 302
https://ups.analytics.yahoo.com/ups/58366/occ?uid=e9656c5a-7d53-4058-9c9e-294d65744516&verify=true HTTP 302
https://s.pubmine.com/match?bidder_id=15&external_user_id=y-t5imU1VE2uGuIPIQPNKiBogxvYOlSXYleD8lojM-~A&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516

Request Chain 53

https://u.openx.net/w/1.0/pd HTTP 302
https://u.openx.net/w/1.0/pd?cc=1

Request Chain 58

https://pixel.rubiconproject.com/exchange/sync.php?p=18894&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://s.pubmine.com/match?bidder_id=14&external_user_id=LRZEW3ES-P-TH4&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&gdpr=0

Request Chain 59

https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D12%26external_user_id%3D%24UID%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D12%26external_user_id%3D%24UID%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://s.pubmine.com/match?bidder_id=12&external_user_id=1952969358335973430116&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=

Request Chain 60

https://ib.adnxs.com/getuid?https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D10%26external_user_id%3D%24UID%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.pubmine.com%252Fmatch%253Fbidder_id%253D10%2526external_user_id%253D%2524UID%2526ssp_data%253De9656c5a-7d53-4058-9c9e-294d65744516%2526rid%253D%2526us_privacy%253D%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
https://s.pubmine.com/match?bidder_id=10&external_user_id=390099430234994453&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=

Request Chain 61

https://x.bidswitch.net/sync?ssp=wordpress&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&user_id=e9656c5a-7d53-4058-9c9e-294d65744516&gdpr=0&gdpr_consent= HTTP 302
https://s.pubmine.com/match?bidder_id=1&external_user_id=&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&gdpr=0&gdpr_consent=

Request Chain 62

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D1%26external_user_id%3D%24%7BBSW_UUID%7D%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D HTTP 302
https://s.pubmine.com/match?bidder_id=1&external_user_id=&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 63

https://ssc-cms.33across.com/ps/?ri=0010b00002CphGRAAZ&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://s.pubmine.com/match?bidder_id=6&external_user_id=212441020506510&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=

Request Chain 65

https://id5-sync.com/i/102/8.gif?id5id=ID5*07Qxuu-8NOdV7aI6gMm92TErmKjv-h27cs_0Mb_oLxeALTi9lvn4lAp_7B9wCstCgC7xo9txmfoDxNgB2x_Gdg&o=api&gdpr_consent=undefined&gdpr=0 HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-6e33yLx9amxYuXRSNSzVW39eEY__DBOY1uwdEsaxCA&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F7%2F2.gif%3Fpuid%3DSMART_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/102/102/7/2.gif?puid=107412159050058478&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/k/264.gif?puid=43a4982c-151d-422a-9f30-e68972fa9133&ttl=%%TTL%% HTTP 302
https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F5%2F4.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F5%2F4.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/102/112/5/4.gif?puid=EDEB08B18D447FC&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F4%2F5.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://ps.eyeota.net/match/bounce/?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F4%2F5.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/102/123/4/5.gif?puid=18d57040cbb-f780000010d421f&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F10%2F3%2F6.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F10%2F3%2F6.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0

Request Chain 67

https://secure.adnxs.com/async_usersync?cbfn=AN_async_load HTTP 307
https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load

Request Chain 71

https://sync.technoratimedia.com/services?cb=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D30%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D%5BUSER_ID%5D&srv=cs&att=99 HTTP 307
https://s.pubmine.com/match?bidder_id=30&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=GDPR

Request Chain 75

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://usersync.gumgum.com/usersync?b=apn&i=390099430234994453

Request Chain 76

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_a14ddd44-aa1b-4827-9615-f9c3b56a0141&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=b545d74e-e7cc-4e07-b487-8f5952d3a59f&ssp=gumgum2&gdpr=0&gdpr_consent=

Request Chain 77

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=opx&i=3d9058ad-f013-408a-9558-280d63545279

Request Chain 78

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
https://qvdt3feo.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sta&i=0-3f034712-633b-5c9e-600d-bf13af836540$ip$103.75.11.107

Request Chain 79

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=oth&i=y-7.tUK2BE2pd56PBQ8GCFQ5pxcIW3wK9OFvZB~A

Request Chain 80

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=vnt&i=19446123-c6b0-4547-a915-82d7244ec1ab

Request Chain 82

https://b1sync.zemanta.com/usersync/gumgum/?puid=a_a14ddd44-aa1b-4827-9615-f9c3b56a0141&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=a_a14ddd44-aa1b-4827-9615-f9c3b56a0141&s=2&us_privacy= HTTP 302
https://usersync.gumgum.com/usersync?b=zem&i=wRzZcf6xp5O2ShlVIzxa&gdpr=0

Request Chain 83

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://usersync.gumgum.com/usersync?b=pln&i=3GaNu3pmOEWg&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355

Request Chain 84

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sad&i=3671503422885759718

Request Chain 86

https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=

Request Chain 87

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV9hMTRkZGQ0NC1hYTFiLTQ4MjctOTYxNS1mOWMzYjU2YTAxNDE=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV9hMTRkZGQ0NC1hYTFiLTQ4MjctOTYxNS1mOWMzYjU2YTAxNDE=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv&google_tc=

Request Chain 89

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=ttd&i=43a4982c-151d-422a-9f30-e68972fa9133

Request Chain 90

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://usersync.gumgum.com/usersync?b=sus&i=ZbgRacCo8YAAAMYPOMwAAAAA

Request Chain 91

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://usersync.gumgum.com/usersync?b=rth&i=6-m-AlUpbKtQUxlVUyGGSB0-3NqsrceanbMu1_wucDA&pi=gumgum&tc=1

Request Chain 92

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
https://eus.rubiconproject.com/usync.html?p=gumgum

Request Chain 93

https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=b545d74e-e7cc-4e07-b487-8f5952d3a59f&google_hm=YjU0NWQ3NGUtZTdjYy00ZTA3LWI0ODctOGY1OTUyZDNhNTlm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm=&google_sc=&ssp=sonobi&bsw_param=b545d74e-e7cc-4e07-b487-8f5952d3a59f&google_hm=YjU0NWQ3NGUtZTdjYy00ZTA3LWI0ODctOGY1OTUyZDNhNTlm&google_tc=

Request Chain 94

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=&gdpr=0&gdpr_consent= HTTP 302
https://sync.go.sonobi.com/us.gif?nw=td&nuid=9ee3b15a-9c6e-49de-b000-23cb147cd44e&pubid=

Request Chain 95

https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=4545175990075894257

Request Chain 96

https://sync.srv.stackadapt.com/sync?nid=286 HTTP 302
https://qvdt3feo.com/sync?nid=286 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=st&nuid=PwNHEmM7XJ5gDb8Tr4NlQGdLC2s

Request Chain 97

https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=1fceaeba-7de2-4dcd-8065-2a0d811b49a3&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=aEMweE5FVWFKeldXcnpoMzZ3UnFNZw&gdpr=&gdpr_consent=

Request Chain 98

https://creativecdn.com/cm-notify?pi=sonobi HTTP 302
https://creativecdn.com/cm-notify?pi=sonobi&tc=1 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=6-m-AlUpbKtQUxlVUyGGSB0-3NqsrceanbMu1_wucDA&pi=sonobi&tc=1

Request Chain 99

https://t.adx.opera.com/pub/sync?pubid=pub9935550313792 HTTP 302
https://sync.go.sonobi.com/us.gif?nuid=OPUe72c199cbe28429b911f3f869734bd61&nw=oa

Request Chain 100

https://ib.adnxs.com/getuid?https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID HTTP 302
https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=390099430234994453

Request Chain 101

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=MWZjZWFlYmEtN2RlMi00ZGNkLTgwNjUtMmEwZDgxMWI0OWEz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm=&google_hm=MWZjZWFlYmEtN2RlMi00ZGNkLTgwNjUtMmEwZDgxMWI0OWEz&google_tc= HTTP 302
https://sync.go.sonobi.com/usg.gif?google_error=3

Request Chain 102

https://dpm.demdex.net/ibs:dpid=87880&dpuuid=1fceaeba-7de2-4dcd-8065-2a0d811b49a3 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=1fceaeba-7de2-4dcd-8065-2a0d811b49a3

Request Chain 104

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=

Request Chain 105

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1706561897504.6&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c87ac3c8%26us_privacy%3D%24%7BUS_PRIVACY%7D%26r%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D70%2526external_user_id%253D HTTP 302
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D

Request Chain 106

https://ssc-cms.33across.com/ps/?_=1706561897504.&ri=zzz000000000002zzz&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X HTTP 302
https://s.pubmine.com/match?bidder_id=24&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=212441020506510

Request Chain 107

https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=the33across&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=93&user_id=43a4982c-151d-422a-9f30-e68972fa9133&expires=30&ssp=the33across&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21} HTTP 302
https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=b545d74e-e7cc-4e07-b487-8f5952d3a59f HTTP 302
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=b545d74e-e7cc-4e07-b487-8f5952d3a59f&ts=1706561898&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 108

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1706561897504.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=a15765b8-116a-4a00-be10-f4e25a95d27a

Request Chain 109

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D

Request Chain 110

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1706561897504.7&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D90%2526external_user_id%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID HTTP 302
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=390099430234994453

Request Chain 111

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=

Request Chain 112

https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=the33across&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=the33across&gdpr=0&user_id=xo8lA8GLcVrdiSFZk45qCcKLIg_d2HMCldxvWzbN HTTP 302
https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=b545d74e-e7cc-4e07-b487-8f5952d3a59f HTTP 302
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=b545d74e-e7cc-4e07-b487-8f5952d3a59f&ts=1706561898&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 113

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1706561897504.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=a5f565b8-116a-4f00-a9cd-8e0bdba55718

Request Chain 114

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D

Request Chain 115

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1706561897504.6&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c87ac3c8%26us_privacy%3D%24%7BUS_PRIVACY%7D%26r%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D70%2526external_user_id%253D HTTP 302
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D

Request Chain 116

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1706561897504.7&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D90%2526external_user_id%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID HTTP 302
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=390099430234994453

Request Chain 117

https://ssc-cms.33across.com/ps/?_=1706561897504.&ri=0010b00002CphGRAAZ&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D HTTP 302
https://s.pubmine.com/match?bidder_id=6&external_user_id=212441020506510&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 125

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=sh0XIb3GRbCZkPGeJW82Gg&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=sh0XIb3GRbCZkPGeJW82Gg

Request Chain 126

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRZEW3ES-P-TH4

Request Chain 127

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjNjOTc4NmYwY2ZkOGRkOThmMjAxNTJhZDJhMGJlYjM3ZmYwOTU5OQ

Request Chain 128

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
https://s.amazon-adsystem.com/ecm3?id=LRZEW3ES-P-TH4&ex=d-rubiconproject.com&status=ok

Request Chain 129

https://match.adsrvr.org/track/cmf/rubicon HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=43a4982c-151d-422a-9f30-e68972fa9133&gdpr=0&gdpr_consent=&expires=30

Request Chain 130

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/ZXQhJBvEXSOrOi8AeZlu9Q?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-cFcuGs5E2oI3nQke2gd_y316iPnnjwDM9.aXNQ--~A

Request Chain 131

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFJaRVczRVMtUC1USDQ=

Request Chain 132

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=2oITQoqRR2mgCl1kbRFYbg&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=2oITQoqRR2mgCl1kbRFYbg

Request Chain 134

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAPVh07LcCMAABRUfEOdMg&expires=30

Request Chain 135

https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LRZEW3ES-P-TH4

Request Chain 136

https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
https://capi.connatix.com/us/pixel?puid=LRZEW3ES-P-TH4&pId=11&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://capi.connatix.com/us/pixel?puid=LRZEW3ES-P-TH4&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true

Request Chain 137

https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=19446123-c6b0-4547-a915-82d7244ec1ab&expires=30

Request Chain 138

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LRZEW3ES-P-TH4&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LRZEW3ES-P-TH4&redir=true HTTP 302
https://hb.yahoo.net/cksync?cs=63&axid_e=eS11MTRienpoRTJ1R0guX2dOQjAwUWYuX0dDSElvdm93R35B&ovsid=LRZEW3ES-P-TH4&dpid=58160

Request Chain 139

https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LRZEW3ES-P-TH4 HTTP 301
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRZEW3ES-P-TH4 HTTP 302
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRZEW3ES-P-TH4&ckls=true&ci=1U5BGGCG4J&nc=false&trid=1216361359

Request Chain 140

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LRZEW3ES-P-TH4

Request Chain 144

https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LRZEW3ES-P-TH4 HTTP 302
https://usersync.gumgum.com/usersync?b=mag&i=LRZEW3ES-P-TH4

Request Chain 145

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=LRZEW3ES-P-TH4 HTTP 302
https://ssc-cms.33across.com/ps/?xi=1&xu=LRZEW3ES-P-TH4 HTTP 302
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LRZEW3ES-P-TH4&ts=1706561899&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

154 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ref-lek-ti-one-rom-val.blog/
Redirect Chain

http://www.ref-lek-ti-one-rom-val.blog/
https://www.ref-lek-ti-one-rom-val.blog/
https://ref-lek-ti-one-rom-val.blog/

76 KB
22 KB

618ms
476ms

Document
text/html

192.0.78.24
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://ref-lek-ti-one-rom-val.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.24 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9f62772ae302196cd11367ab5a09595d70c0e5ef14e6d0ea038318b25ee85f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 29 Jan 2024 20:58:15 GMT
host-header: WordPress.com
link: <https://wp.me/7RGGM>; rel=shortlink
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding accept, content-type, cookie
x-ac: 2.syd _bur EXPIRED
x-hacker: Want root? Visit join.a8c.com/hacker and mention this header.

Redirect headers

alt-svc: h3=":443"; ma=86400
content-length: 162
content-type: text/html
date: Mon, 29 Jan 2024 20:58:14 GMT
location: https://ref-lek-ti-one-rom-val.blog/
server: nginx
strict-transport-security: max-age=31536000
x-ac: 2.syd _bur MISS

GET
H2 200 /
s0.wp.com/_static/ 5 KB
2 KB 217ms
71ms Stylesheet
text/css 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/_static/??-eJyFjcsOQiEMRH9IrGjiY2H8ll5oCFoouS0h/r24ugsXbs+cmYHRXJBqVA0WluQa95SrwpA1YlQXGFVJIejGtOBq+0l28KcOiWVB/nFL38wcE5kC9ZnKK5NjHGBUGqPNY7U303fgUe7+cjj748nfrs8PkPxEqg==&cssminify=yes
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 02f9d88f20a2389ec219ac0d59cf9748d8f8f552a16d592494018a21a04efa70

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Origin: https://ref-lek-ti-one-rom-val.blog
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-nc: HIT syd 1
date: Mon, 29 Jan 2024 20:58:15 GMT
content-encoding: br
x-ac: 2.syd _bur BYPASS
last-modified: Wed, 24 Jan 2024 19:06:56 GMT
server: nginx
etag: W/"65b15fd0-15a8"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
expires: Thu, 23 Jan 2025 19:07:23 GMT

GET
H2 200 style.css
s0.wp.com/wp-content/plugins/gutenberg-core/v17.5.2/build/block-library/ 110 KB
15 KB 216ms
71ms Stylesheet
text/css 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/plugins/gutenberg-core/v17.5.2/build/block-library/style.css?m=1706122120i&cssminify=yes
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 9a900c75ff4b94ebc8ba82768df4345bb01390ef53ed59b933cae77d6cbd351f

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Origin: https://ref-lek-ti-one-rom-val.blog
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-minify-cache: hit
date: Mon, 29 Jan 2024 20:58:15 GMT
content-encoding: br
x-ac: 2.syd _bur BYPASS
x-minify: t
alt-svc: h3=":443"; ma=86400
x-nc: HIT syd 1
server: nginx
etag: W/113055-1706122140251.149
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Thu, 23 Jan 2025 22:34:32 GMT

GET
H2 200 /
s0.wp.com/_static/ 159 KB
17 KB 216ms
70ms Stylesheet
text/css 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/_static/??-eJyVjV0OwiAQBi8kEKrR+mA8C4UN2br8hAVNby8mprEvGh8n+82semSB0VJzwGpmFcChAYIAsW4gk1mgCAJv7CIDRmmZd+qb3m+fvJFsivW1ydQ8Rla+dZygeDFRsrceg5qNvYn+NrUqfEGnuC4E/yeKqRg9/9BtemuD1KPUgjFkAlHgLg/KIdd1IdbQNVz0cdTjfhjOp/kJMmh7kg==&cssminify=yes
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 71df132c94f689f31822d47f4c4651b3639b7eb548a20bac80d9f30f686312a3

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Origin: https://ref-lek-ti-one-rom-val.blog
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-nc: HIT syd 1
date: Mon, 29 Jan 2024 20:58:15 GMT
content-encoding: br
x-ac: 2.syd _bur BYPASS
last-modified: Fri, 19 May 2023 01:53:10 GMT
server: nginx
etag: W/"6466d686-27db3"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
expires: Tue, 22 Oct 2024 20:49:48 GMT

GET
H2 200 /
s0.wp.com/_static/ 369 B
677 B 214ms
69ms Stylesheet
text/css 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/_static/??/wp-content/mu-plugins/core-compat/wp-mediaelement.css,/wp-content/mu-plugins/wpcom-bbpress-premium-themes.css?m=1432920480j&cssminify=yes
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 9c83b89ab9d2677980617afacb833a74da3050a2d3d711176b500d7922e49ab5

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Origin: https://ref-lek-ti-one-rom-val.blog
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-nc: HIT syd 1
date: Mon, 29 Jan 2024 20:58:15 GMT
x-ac: 2.syd _bur BYPASS
last-modified: Fri, 19 May 2023 01:54:16 GMT
server: nginx
etag: "6466d6c8-171"
access-control-allow-methods: GET, HEAD
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 369
expires: Sat, 09 Nov 2024 15:24:25 GMT

GET
H2 200 /
s0.wp.com/_static/ 47 KB
10 KB 214ms
69ms Stylesheet
text/css 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/_static/??/wp-content/themes/pub/affinity/style.css,/wp-content/themes/pub/affinity/blocks.css?m=1566337076j&cssminify=yes
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 6550610a8b8c68c259d1b261e9d8eec342fbb65a1f8c74ba40a995aea363e4a5

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Origin: https://ref-lek-ti-one-rom-val.blog
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-nc: HIT syd 1
date: Mon, 29 Jan 2024 20:58:15 GMT
content-encoding: br
x-ac: 2.syd _bur BYPASS
last-modified: Fri, 19 May 2023 01:57:38 GMT
server: nginx
etag: W/"6466d792-bbd7"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Oct 2024 22:17:34 GMT

GET
H2 200 css
fonts-api.wp.com/ 13 KB
1 KB 424ms
279ms Stylesheet
text/css 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts-api.wp.com/css?family=Raleway%3A400%2C400italic%2C700%2C700italic%7CLora%3A400%2C400italic%2C700%2C700italic&subset=latin%2Clatin-ext

Requested by

Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b958d10b8b3d47942c376576786aefa35104a54cb3470766386b5763eb63b1ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-nc: BYPASS syd 2
date: Mon, 29 Jan 2024 20:58:15 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0

GET
H2 200 /
s0.wp.com/_static/ 32 KB
17 KB 214ms
70ms Stylesheet
text/css 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/_static/??-eJx9jsEKwjAQRH/IuFRa0YP4KZKGbdya7IZmQ+nfm4KHgOJtHswbBtZknLAiK8RiUiieOMOMmqx7fRiiCMOD2IFHxoWqkX/Ho8v5AM2oPjFihlRGsNNETLrBPpR1C2jW5CR+Oc0Rj2KCOKtUH7RgpmBp+acuOAbxNXqorQZ36R5v3fkydKdr3/fzG1ivYgo=&cssminify=yes
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 35dfb3e21acbb626befad4937c1162b219c250ed0f863fa65d9fb2c9f9c1dabe

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Origin: https://ref-lek-ti-one-rom-val.blog
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-nc: HIT syd 1
date: Mon, 29 Jan 2024 20:58:15 GMT
content-encoding: br
x-ac: 2.syd _bur BYPASS
last-modified: Fri, 26 May 2023 19:31:02 GMT
server: nginx
etag: W/"647108f6-7e55"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
expires: Wed, 29 May 2024 18:39:38 GMT

GET
H2 200 global.css
s0.wp.com/wp-content/themes/h4/ 311 B
605 B 214ms
70ms Stylesheet
text/css 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/themes/h4/global.css?m=1420737423i&cssminify=yes
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 947d703f577549cbb0b1a4143f3b363ec9c7cf309587d5b12b87f0e64ff99db4

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Origin: https://ref-lek-ti-one-rom-val.blog
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-minify-cache: hit
x-nc: HIT syd 1
date: Mon, 29 Jan 2024 20:58:15 GMT
x-ac: 2.syd _bur BYPASS
server: nginx
x-minify: t
etag: W/471-1684461226194.0437
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 311
expires: Thu, 30 May 2024 20:22:45 GMT

GET
H2 200 / Show response
s0.wp.com/_static/ 128 KB
43 KB 215ms
71ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/_static/??-eJyFjs1OAzEMhF8IN1skVHFAPArKjxt5m9jBcbb07bsV3Qq4cBp55rPH7twgChuyubm7KoEKwuioPq8eEB9lN/cn95vTYtBUvi5bRhzLSNhv4fw5UC932VXifyGolNUb/oS3tjqglZGJ1x205uPpPq/PCm/ex4KcRJ0fJtWbUXzQCyWUpti7C4NKcoWCMzkhQ1BKGf82hiL50XkWTT51iMX3/v16rM0tzzcBFoacmq4n3uvb/jBN02H/8jrNV6qmgC4=
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 1284252c0fbd4c05cf335d0e9694befe652a1fee9b55433c14a7014ab9754950

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Origin: https://ref-lek-ti-one-rom-val.blog
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-nc: HIT syd 1
date: Mon, 29 Jan 2024 20:58:15 GMT
content-encoding: br
x-ac: 2.syd _bur BYPASS
last-modified: Wed, 15 Nov 2023 18:06:44 GMT
server: nginx
etag: W/"655508b4-2018d"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
expires: Thu, 02 Jan 2025 08:32:30 GMT

GET
BLOB 200
OK f138348b-b54e-4bef-bb3a-11dadbce607c
https://ref-lek-ti-one-rom-val.blog/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ref-lek-ti-one-rom-val.blog/f138348b-b54e-4bef-bb3a-11dadbce607c
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H3 200 wpcom-gray-white.png
s0.wp.com/i/logo/ 8 KB
8 KB 209ms
69ms Image
image/png 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s0.wp.com/i/logo/wpcom-gray-white.png
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: c0e93b5ebf107af77d9e7d101d186b3b93e9d5ad4fbb6a74e2dea60173cc04f8

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-nc: HIT syd 2
date: Mon, 29 Jan 2024 20:58:15 GMT
x-ac: 2.syd _bur MISS
last-modified: Fri, 19 May 2023 02:57:50 GMT
server: nginx
etag: "6466e5ae-200b"
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 8203
expires: Sat, 09 Nov 2024 15:08:24 GMT

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/3905/ 107 KB
37 KB 234ms
75ms Script
application/javascript 104.99.59.34
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/3905/smart.js
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.99.59.34 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-99-59-34.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 28725bb710c49bdbc2c33ae596fbd6d897715d2a8283c768f7ea29819406d9f9

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 29 Jan 2024 20:58:15 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=7200
Connection: keep-alive
Content-Length: 37097
Expires: Mon, 29 Jan 2024 22:58:15 GMT

GET
H2 200 / Show response
s0.wp.com/_static/ 68 KB
20 KB 131ms
130ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/_static/??-eJyVjsFOAzEMRH+I1C1CRRwQ3+ImTvBu4kRrh6V/T9oKtao40OvMvJmBtTlfxUgMDrkm13JPLAprXQIGdT6jKilMV0kLLraZ9Alu4NKvKIdEpkB9uHVmchlXMCoto9Gdft9jn1RGpvUDYIwsbEc4PbDzhbiMWMNEvxiLzz1c/nEZhuaKgcKmsPyVKahVluOt/c/lLt64ij6GCX5xwhP4GKczN5dZZher7+oif4+Cj/K+e93udy/Pb/vt9AMBPqYd
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: c1e19fc3e6904501de37c171da1f3747ed0dfccf0e02277e9f50e1153e4a6277

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Origin: https://ref-lek-ti-one-rom-val.blog
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-nc: HIT syd 1
date: Mon, 29 Jan 2024 20:58:15 GMT
content-encoding: br
x-ac: 2.syd _bur BYPASS
last-modified: Thu, 25 Jan 2024 00:36:08 GMT
server: nginx
etag: W/"65b1acf8-110fc"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
expires: Sat, 25 Jan 2025 04:01:36 GMT

GET
H2 200 w.js Show response
stats.wp.com/ 12 KB
5 KB 212ms
68ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/w.js?67
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 79674b01741c3978417b6b9b4b98d125755e7bb468979d5cd593eac4b94cdb91

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-minify-cache: miss
x-nc: HIT syd
date: Mon, 29 Jan 2024 20:58:15 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/12827-1705538370071.9917
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
expires: Fri, 17 Jan 2025 00:39:37 GMT

GET
H/1.1 200
OK conf Show response
s.pubmine.com/ 8 KB
3 KB 672ms
171ms Script
text/javascript 54.215.152.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pubmine.com/conf?gdpr=0&pp.pt=0&pp.ht=0&pp.tn=affinity&pp.uloggedin=0&pp.amp=false&pp.consent=0&pp.gdpr_applies=false&pp.ad.label.text=Annonser&pp.ad.reportAd.text=Rapportera%20denna%20annons&pp.siteid=8982&pp.blogid=116229836&rid=1971926685019&ref=https%3A%2F%2Fref-lek-ti-one-rom-val.blog%2F&vp=1600x1200&cb=callback__lrzew23x_1
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.215.152.213 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-215-152-213.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b2d0e2ede6aaacb8d95f4c09d086faa1360e9f521f1c60da9ac0fadea0171e2b

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 29 Jan 2024 20:58:16 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 554ms
152ms Script
text/javascript 2404:6800:4006:804::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:804::2008 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 29 Jan 2024 19:33:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5108
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Mon, 29 Jan 2024 21:33:08 GMT

GET
H3 200 autumn.jpg
s0.wp.com/wp-content/themes/pub/affinity/assets/img/ 507 KB
507 KB 188ms
70ms Image
image/jpeg 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s0.wp.com/wp-content/themes/pub/affinity/assets/img/autumn.jpg
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 482557e9a36abd333794bc970936371d1e516a179f73fb5765f67af03c854e98

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-nc: HIT syd 2
date: Mon, 29 Jan 2024 20:58:15 GMT
x-ac: 2.syd _bur MISS
last-modified: Mon, 06 Dec 2021 06:44:47 GMT
server: nginx
etag: "61adb15f-7eb07"
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 518919
expires: Sun, 14 Apr 2024 13:50:56 GMT

GET
H2 200 0QIvMX1D_JOuMwr7I_FMl_E.woff2
fonts.wp.com/s/lora/v32/ 35 KB
35 KB 72ms
69ms Font
font/woff2 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.wp.com/s/lora/v32/0QIvMX1D_JOuMwr7I_FMl_E.woff2

Requested by

Host: fonts-api.wp.com
URL: https://fonts-api.wp.com/css?family=Raleway%3A400%2C400italic%2C700%2C700italic%7CLora%3A400%2C400italic%2C700%2C700italic&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

963ef2b3b0a8b5db60d69df5814239c385bc4e8e8781c6c24bc7390457e1e6dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts-api.wp.com/
Origin: https://ref-lek-ti-one-rom-val.blog
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-nc: HIT syd 1
date: Mon, 29 Jan 2024 20:58:15 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Feb 2023 21:46:02 GMT
server: nginx
age: 76167
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 36036
x-xss-protection: 0

GET
H2 200 1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
fonts.wp.com/s/raleway/v29/ 42 KB
43 KB 73ms
70ms Font
font/woff2 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.wp.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2

Requested by

Host: fonts-api.wp.com
URL: https://fonts-api.wp.com/css?family=Raleway%3A400%2C400italic%2C700%2C700italic%7CLora%3A400%2C400italic%2C700%2C700italic&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

de87ef766937eaf5107ea3e9a2a378f39aa123abfc451de76e011f887be28b39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts-api.wp.com/
Origin: https://ref-lek-ti-one-rom-val.blog
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-nc: HIT syd 1
date: Mon, 29 Jan 2024 20:58:15 GMT
x-content-type-options: nosniff
last-modified: Thu, 14 Sep 2023 00:53:11 GMT
server: nginx
age: 14026
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 43448
x-xss-protection: 0

GET
H2 200 0QIhMX1D_JOuMw_LIftLtfOm8w.woff2
fonts.wp.com/s/lora/v32/ 38 KB
39 KB 72ms
69ms Font
font/woff2 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.wp.com/s/lora/v32/0QIhMX1D_JOuMw_LIftLtfOm8w.woff2

Requested by

Host: fonts-api.wp.com
URL: https://fonts-api.wp.com/css?family=Raleway%3A400%2C400italic%2C700%2C700italic%7CLora%3A400%2C400italic%2C700%2C700italic&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

9da68a2041121bd70ba1224bd2240dea9ef6ca2e8a07d500c4d74d731c127f13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts-api.wp.com/
Origin: https://ref-lek-ti-one-rom-val.blog
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-nc: HIT syd 1
date: Mon, 29 Jan 2024 20:58:15 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Feb 2023 21:46:04 GMT
server: nginx
age: 73032
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 39380
x-xss-protection: 0

GET
H2 200 g.gif
pixel.wp.com/ 50 B
178 B 210ms
68ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=wpcom-no-pv&x_mobile_platforms=iphone&x_mobile_devices=iphone&baba=0.42534988456065714
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin: *
date: Mon, 29 Jan 2024 20:58:15 GMT
cache-control: no-cache
server: nginx
alt-svc: h3=":443"; ma=86400
content-length: 50
content-type: image/gif

GET
H2 200 g.gif
pixel.wp.com/ 50 B
177 B 69ms
68ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.8423508648238216
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin: *
date: Mon, 29 Jan 2024 20:58:15 GMT
cache-control: no-cache
server: nginx
alt-svc: h3=":443"; ma=86400
content-length: 50
content-type: image/gif

GET
H2 200 g.gif
pixel.wp.com/ 50 B
177 B 69ms
69ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?blog=116229836&v=wpcom&tz=1&user_id=0&subd=reflektioneromval&host=ref-lek-ti-one-rom-val.blog&ref=&rand=0.1522266407263979
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin: *
date: Mon, 29 Jan 2024 20:58:15 GMT
cache-control: no-cache
server: nginx
alt-svc: h3=":443"; ma=86400
content-length: 50
content-type: image/gif

GET
H2 200 g.gif
pixel.wp.com/ 50 B
177 B 70ms
69ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?crypt=UE5XaGUuOTlwaD85flAmcm1mcmZsaDhkV11YdWtpP0NsWnVkPS9sL0ViLndld3BmVVV5STAyWFEzVzJXZDcyU1V3aUFpRnkzJnhubFtPZUJ8TmJnOE9kWm9DWVQuY1FiaWkuUkVpMGNOSzh2OGVOLFYxZnV4RkFOUj1IZjVfaD9uenlXamMmOHRsVFp6Z1NRbTl4L2hVW0lSekIzQ25LYnZUNzFpS1tEejksfEZXSW90cS10bkpiUTYzMC1yZzE9W0ZJX3B8XV1fU2tJW3FQRUdKMjNXYnJ%2BMWksT0VQbmtESFMvLy0yJi9baXYzZnBldyw0RH5kcyZFJmMyUitLRVBLJXlwZ2ZmYjNxL1ozLGNdLkorb19TeVg1YnRSVjJLNDVn&v=wpcom-no-pv&rand=0.2327396621853266
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin: *
date: Mon, 29 Jan 2024 20:58:15 GMT
cache-control: no-cache
server: nginx
alt-svc: h3=":443"; ma=86400
content-length: 50
content-type: image/gif

GET
H3 200 wp-emoji-release.min.js Show response
s0.wp.com/wp-includes/js/ 18 KB
5 KB 70ms
70ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-includes/js/wp-emoji-release.min.js?m=1677072837i&ver=6.5-alpha-57321
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-nc: HIT syd 2
date: Mon, 29 Jan 2024 20:58:15 GMT
content-encoding: br
x-ac: 2.syd _bur MISS
last-modified: Fri, 19 May 2023 02:58:04 GMT
server: nginx
etag: W/"6466e5bc-4904"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
expires: Tue, 28 Jan 2025 14:56:32 GMT

GET
H2 200 / Show response
public-api.wordpress.com/geo/ 136 B
367 B 363ms
218ms XHR
application/json 192.0.78.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://public-api.wordpress.com/geo/

Requested by

Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9b09fce25bd8c396410d60a125123e72e75042ce6a2637c23d647a26d47d10c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-hacker: Want root? Visit join.a8c.com/hacker and mention this header.
date: Mon, 29 Jan 2024 20:58:16 GMT
content-encoding: br
x-ac: 1.syd _bur BYPASS
strict-transport-security: max-age=31536000
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
host-header: WordPress.com
alt-svc: h3=":443"; ma=86400

POST
H2 200 102.json Show response
id5-sync.com/g/v2/ 630 B
1 KB 971ms
323ms XHR
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/102.json

Requested by

Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/3905/smart.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

fcc9567961da5127e60cd297fc75a6ec891577c58d3e27dd50d1d886b83a5d16

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ref-lek-ti-one-rom-val.blog
date: Mon, 29 Jan 2024 20:58:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
p3p: CP="CAO PSA OUR"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/164116/11712/ 438 KB
141 KB 217ms
69ms Script
application/javascript 23.198.59.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/164116/11712/pwt.js
Requested by: Host: s0.wp.com
URL: https://s0.wp.com/_static/??-eJyVjsFOAzEMRH+I1C1CRRwQ3+ImTvBu4kRrh6V/T9oKtao40OvMvJmBtTlfxUgMDrkm13JPLAprXQIGdT6jKilMV0kLLraZ9Alu4NKvKIdEpkB9uHVmchlXMCoto9Gdft9jn1RGpvUDYIwsbEc4PbDzhbiMWMNEvxiLzz1c/nEZhuaKgcKmsPyVKahVluOt/c/lLt64ij6GCX5xwhP4GKczN5dZZher7+oif4+Cj/K+e93udy/Pb/vt9AMBPqYd
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.198.59.89 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-198-59-89.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8664f6b61a5bdf0f339c1ef04532e924a52f6b77003c6fb47da16ab4a779d008

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 29 Jan 2024 20:58:16 GMT
content-encoding: gzip
last-modified: Tue, 23 Jan 2024 18:00:56 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=110393
accept-ranges: bytes
content-length: 144238
expires: Wed, 31 Jan 2024 03:38:09 GMT

GET
H2 200 remote-login.php Show response
r-login.wordpress.com/ Frame BB96 229 B
454 B 398ms
253ms Document
text/html 192.0.78.19
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://r-login.wordpress.com/remote-login.php?wpcom_remote_login=key&origin=aHR0cHM6Ly9yZWYtbGVrLXRpLW9uZS1yb20tdmFsLmJsb2c%3D&wpcomid=116229836&time=1706561894

Requested by

Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.19 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

1b3ca133575b7b4eaba1afdd8eacb98be8605603d323360ae79b094d90710277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, must-revalidate, max-age=0
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 29 Jan 2024 20:58:16 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding Cookie
x-ac: 1.syd _dfw MISS

POST
H2 200 __utm.gif Show response
ssl.google-analytics.com/j/ 1 B
215 B 250ms
249ms XHR
text/plain 2404:6800:4006:804::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/j/__utm.gif?utmwv=5.7.2&utms=1&utmn=34917146&utmhn=ref-lek-ti-one-rom-val.blog&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=P%C3%A5%20nya%20%C3%A4ventyr%20%E2%80%93%20En%20resa%20genom%20fr%C3%A4mmande%20land&utmhid=32367435&utmr=-&utmp=%2F&utmht=1706561896211&utmac=UA-52447-2&utmcc=__utma%3D1.1249882200.1706561896.1706561896.1706561896.1%3B%2B__utmz%3D1.1706561896.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&aip=1&utmjid=1310177554&utmredir=1&utmu=uhQAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: ssl.google-analytics.com
URL: https://ssl.google-analytics.com/ga.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:804::2008 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 20:58:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ref-lek-ti-one-rom-val.blog
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 floors.json Show response
ads.pubmatic.com/AdServer/js/pwt/floors/164116/11712/ 186 B
566 B 209ms
69ms Fetch
application/json 23.198.59.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/floors/164116/11712/floors.json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/164116/11712/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.198.59.89 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-198-59-89.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 28f17848c3b64ee19d529aa7caeedd1e2a389837e1310fb74e6175a7ce5cb185

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
content-type: text/plain

Response headers

date: Mon, 29 Jan 2024 20:58:16 GMT
content-encoding: gzip
last-modified: Fri, 15 Dec 2023 16:05:33 GMT
server: Apache
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: *
content-type: application/json
cache-control: public, max-age=12079
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 159
expires: Tue, 30 Jan 2024 00:19:35 GMT

GET
H2 200 geo Show response
ut.pubmatic.com/ 12 B
93 B 470ms
153ms Fetch
application/json 67.199.150.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://ut.pubmatic.com/geo?pubid=164116
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/164116/11712/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.199.150.80 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 667bf42b6718c05fa0121720bc1d20d73e2a0e33a7d4df9c9255e0bc95beda86

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Mon, 29 Jan 2024 20:54:55 GMT
cache-control: max-age=172800
content-length: 12
content-type: application/json

GET
H2 200 ata.js Show response
c0.pubmine.com/2.39.01695837358837/ 216 KB
58 KB 213ms
68ms Script
text/javascript 192.0.77.38
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.pubmine.com/2.39.01695837358837/ata.js

Requested by

Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.38 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

c6f921178c04e85a2499b306b750c3404727a71e251c88d8d4b905aba13545ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-nc: HIT syd 2
date: Mon, 29 Jan 2024 20:58:16 GMT
content-encoding: gzip
strict-transport-security: max-age=15552000
last-modified: Wed, 27 Sep 2023 18:00:45 GMT
server: nginx
x-amz-cf-pop: LAX53-P1
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400

GET
H/1.1

200
OK

match Show response
s.pubmine.com/ Frame FF2D
Redirect Chain

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D13%26external_user_id%3D%5BUID%5D%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%...
https://s.pubmine.com/match?bidder_id=13&external_user_id=c8d2749f-d403-474e-b836-a7f694dc9fb7&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=

43 B
785 B

303ms
169ms

Document
image/gif

54.215.152.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pubmine.com/match?bidder_id=13&external_user_id=c8d2749f-d403-474e-b836-a7f694dc9fb7&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.215.152.213 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-215-152-213.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: image/gif
Date: Mon, 29 Jan 2024 20:58:17 GMT
Server: nginx
Transfer-Encoding: chunked

Redirect headers

Cache-Control: no-cache, no-store, private
Content-Length: 0
Content-Type: text/plain; charset=utf8
Date: Mon, 29 Jan 2024 20:58:17 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://s.pubmine.com/match?bidder_id=13&external_user_id=c8d2749f-d403-474e-b836-a7f694dc9fb7&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Server: sonobi-go
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: go-lax-1-5-96
X-Xss-Protection: 0

GET
H/1.1 200
OK uc.html Show response
sync.go.sonobi.com/ Frame E092 1 KB
1 KB 776ms
186ms Document
text/html 72.34.250.75
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?

Requested by

Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

72.34.250.75 Hemet, United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

0c1825f2e791ed1abf30a4cb7773f980fb6bbb256b40eec26dce50ff77ed005c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, private
Content-Encoding: gzip
Content-Length: 613
Content-Type: text/html
Date: Mon, 29 Jan 2024 20:58:17 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Server: sonobi-go
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: go-lax-1-5-73
X-Xss-Protection: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame DA3E 16 KB
6 KB 99ms
69ms Document
text/html 23.198.59.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D11%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.198.59.89 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-198-59-89.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=25004
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Mon, 29 Jan 2024 20:58:16 GMT
expires: Tue, 30 Jan 2024 03:55:00 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1

200
OK

match Show response
s.pubmine.com/ Frame F032
Redirect Chain

https://ups.analytics.yahoo.com/ups/58666/occ?uid=e9656c5a-7d53-4058-9c9e-294d65744516&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58666/occ?uid=e9656c5a-7d53-4058-9c9e-294d65744516&gdpr=0&gdpr_consent=&verify=true
https://s.pubmine.com/match?bidder_id=27&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&external_user_id=y-zhLHBrNE2uGSg5vYTwP5wqucO8v1PO3aavi9tGI-~A&gdpr=0

43 B
677 B

221ms
169ms

Document
image/gif

54.215.152.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pubmine.com/match?bidder_id=27&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&external_user_id=y-zhLHBrNE2uGSg5vYTwP5wqucO8v1PO3aavi9tGI-~A&gdpr=0
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.215.152.213 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-215-152-213.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: image/gif
Date: Mon, 29 Jan 2024 20:58:17 GMT
Server: nginx
Transfer-Encoding: chunked

Redirect headers

age: 0
content-length: 0
date: Mon, 29 Jan 2024 20:58:17 GMT
location: https://s.pubmine.com/match?bidder_id=27&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&external_user_id=y-zhLHBrNE2uGSg5vYTwP5wqucO8v1PO3aavi9tGI-~A&gdpr=0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.10.94
strict-transport-security: max-age=31536000

GET
H/1.1

200
OK

match Show response
s.pubmine.com/ Frame A00A
Redirect Chain

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&US_privacy=&redirectUri=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D23%26ssp_data%3De9656c5a-7d53-4058-9c9e-2...
https://s.pubmine.com/match?bidder_id=23&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=6734133632593332779

43 B
942 B

192ms
169ms

Document
image/gif

54.215.152.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pubmine.com/match?bidder_id=23&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=6734133632593332779
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.215.152.213 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-215-152-213.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: image/gif
Date: Mon, 29 Jan 2024 20:58:17 GMT
Server: nginx
Transfer-Encoding: chunked

Redirect headers

content-length: 0
date: Mon, 29 Jan 2024 20:58:16 GMT
location: https://s.pubmine.com/match?bidder_id=23&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=6734133632593332779

GET
H2

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 70B1
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=197465&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D21%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%...
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D21%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_conse...

295 B
499 B

174ms
173ms

Document
text/html

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D21%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D&gdpr=0&gdpr_consent=&s=197465&us_privacy=&C=1
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0438890c8404143b19a3c0d2f7c9df390a24ac84ab3d4a63f4a65363afe6202

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 84d464703cd11c4e-AKL
content-encoding: br
content-type: text/html
date: Mon, 29 Jan 2024 20:58:17 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pd8rLWrIUjFMOtHCJvHi0q1r8bhwhwbyWqAxjcWkzgyDAfJMQJPaSBgouF0YGNHNaWWxH%2FaX8hm3qwofsqfTnunVj3JCBIlsSVeAI1halJdpMXNUTp7jPPi1XNz5rz9jNUZXc5sAwtXcuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 84d4646f2ad11c4e-AKL
content-length: 0
date: Mon, 29 Jan 2024 20:58:16 GMT
expires: 0
location: /usermatch?cb=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D21%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D&gdpr=0&gdpr_consent=&s=197465&us_privacy=&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tJyaCbhTkGuMX0Q9e%2B8t9SKex2l7T8E35exEs271ydklm%2Bav6TX187eF%2BhYWgOuFxfpQ3%2F%2FIrxwMM3LoEGNwpQh7Ph3%2BG00tp%2BFCgUVOLylU4F9ezmd4tVdP4raDmmxcNA8UerYNE9rZjg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2

200

/ Show response
de.tynt.com/deb/ Frame DB5C
Redirect Chain

https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3De9656c5a-7d5...
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3De9656c5a-7d53-4058-9...

2 KB
3 KB

225ms
222ms

Document
text/html

67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: 14786da2802101a31abad86bcc381b730162ca140c5b7eb0fcf00f7956382718

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length: 2241
content-type: text/html
date: Mon, 29 Jan 2024 20:58:17 GMT
expires: Sat, 26 Jul 1997 05:00:00 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy: unsafe-url

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-length: 0
date: Mon, 29 Jan 2024 20:58:16 GMT
expires: Thu, 01-Jan-70 00:00:01 GMT
location: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma: no-cache
referrer-policy: unsafe-url
server: 33XP019
x-33x-status: 8340000C

GET
H2 200 usersync.html Show response
ad-cdn.technoratimedia.com/html/ Frame 96BD 17 KB
7 KB 271ms
62ms Document
text/html 2606:2800:10c:84af:88cd:a4c9:e204:b71d
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ad-cdn.technoratimedia.com/html/usersync.html?cb=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D30%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D%5BUSER_ID%5D
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:10c:84af:88cd:a4c9:e204:b71d , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nwa/E799) /
Resource Hash: 2bd27fb4cdd30b9b0c730e44a8ec482a49dbf95eaa5c3f399c816dfef9990beb

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,date,etag,opc-client-info,opc-request-id,x-api-id
age: 369
cache-control: max-age=900
content-encoding: gzip
content-length: 6048
content-md5: jpm9v92eYnJZrYEV0creyA==
content-type: text/html; charset=utf-8
date: Mon, 29 Jan 2024 20:58:16 GMT
etag: 84d4a6e5-3860-4103-9387-92737002d50d
expires: Mon, 29 Jan 2024 21:13:16 GMT
last-modified: Wed, 16 Aug 2023 20:56:04 GMT
opc-request-id: iad-1:p-VIDAprGxbAskHkIWH06usDOoq0yvzIEpACDbbP0789mwsb8KTUl6XICz98ABNM
server: ECAcc (nwa/E799)
storage-tier: Standard
vary: Accept-Encoding
version-id: ff6bccb1-2ffd-4aa2-bd14-9776592cc90b
x-api-id: native
x-cache: HIT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame EF53 16 KB
6 KB 93ms
72ms Document
text/html 23.198.59.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D26%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.198.59.89 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-198-59-89.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=25004
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Mon, 29 Jan 2024 20:58:16 GMT
expires: Tue, 30 Jan 2024 03:55:00 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2

200

/ Show response
de.tynt.com/deb/ Frame 297D
Redirect Chain

https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privac...
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_priva...

2 KB
3 KB

226ms
221ms

Document
text/html

67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: 8014475579114c0ee1badd45256bd1063920124d618afe6a6bfee3854d268903

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length: 2242
content-type: text/html
date: Mon, 29 Jan 2024 20:58:16 GMT
expires: Sat, 26 Jul 1997 05:00:00 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy: unsafe-url

Redirect headers

accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
content-length: 171
content-type: text/html; charset=utf-8
date: Mon, 29 Jan 2024 20:58:17 GMT
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
location: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server: nginx/1.16.1

GET
H/1.1

200
OK

match Show response
s.pubmine.com/ Frame BE1A
Redirect Chain

https://visitor.omnitagjs.com/visitor/bsync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=0&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D22%26ssp_da...
https://s.pubmine.com/match?bidder_id=22&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=f92916907b1d12017859e3b85781bf35

43 B
619 B

280ms
168ms

Document
image/gif

54.215.152.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pubmine.com/match?bidder_id=22&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=f92916907b1d12017859e3b85781bf35
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.215.152.213 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-215-152-213.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: image/gif
Date: Mon, 29 Jan 2024 20:58:17 GMT
Server: nginx
Transfer-Encoding: chunked

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 29 Jan 2024 20:58:17 GMT
expires: 0
location: https://s.pubmine.com/match?bidder_id=22&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=f92916907b1d12017859e3b85781bf35
p3p: CP="CAO PSA OUR"
pragma: no-cache
vary: Accept-Encoding
via: kong/2.8.3
x-content-type-options: nosniff
x-kong-proxy-latency: 0
x-kong-upstream-latency: 8

GET
H/1.1

200
OK

match Show response
s.pubmine.com/ Frame 07C3
Redirect Chain

https://sync.inmobi.com/prebid?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D20%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy...
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&us_privacy=&callback=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D20%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_priva...
https://s.pubmine.com/match?bidder_id=20&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=ID5-6e33yLx9amxYuXRSNSzVW39eEY__DBOY1uwdEsaxCA

43 B
1016 B

203ms
169ms

Document
image/gif

54.215.152.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pubmine.com/match?bidder_id=20&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=ID5-6e33yLx9amxYuXRSNSzVW39eEY__DBOY1uwdEsaxCA
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.215.152.213 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-215-152-213.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: image/gif
Date: Mon, 29 Jan 2024 20:58:17 GMT
Server: nginx
Transfer-Encoding: chunked

Redirect headers

date: Mon, 29 Jan 2024 20:58:16 GMT
location: https://s.pubmine.com/match?bidder_id=20&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=ID5-6e33yLx9amxYuXRSNSzVW39eEY__DBOY1uwdEsaxCA
p3p: CP="CAO PSA OUR"
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H/1.1

200
OK

match Show response
s.pubmine.com/ Frame B12B
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D18%26external_user_id%3D%24%7BBSW_UUID%7D%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privac...
https://s.pubmine.com/match?bidder_id=18&external_user_id=&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=

43 B
286 B

336ms
168ms

Document
image/gif

54.215.152.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pubmine.com/match?bidder_id=18&external_user_id=&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.215.152.213 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-215-152-213.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: image/gif
Date: Mon, 29 Jan 2024 20:58:17 GMT
Server: nginx
Transfer-Encoding: chunked

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Mon, 29 Jan 2024 20:58:17 GMT
Location: https://s.pubmine.com/match?bidder_id=18&external_user_id=&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=
Server: nginx

GET
H/1.1

200
OK

match Show response
s.pubmine.com/ Frame 7116
Redirect Chain

https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D29%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent...
https://s.pubmine.com/match?bidder_id=29&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=921f890dca

43 B
573 B

169ms
169ms

Document
image/gif

54.215.152.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pubmine.com/match?bidder_id=29&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=921f890dca
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.215.152.213 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-215-152-213.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: image/gif
Date: Mon, 29 Jan 2024 20:58:17 GMT
Server: nginx
Transfer-Encoding: chunked

Redirect headers

cache-control: no-cache, must-revalidate
content-length: 0
date: Mon, 29 Jan 2024 20:58:17 GMT
location: https://s.pubmine.com/match?bidder_id=29&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=921f890dca
server: CloudFront
via: 1.1 359a113ca166631b42f31a0f2e6a1aaa.cloudfront.net (CloudFront)
x-amz-cf-id: 9G4XU7HLIuhXms1bGTv2FtT31Ngq7NDyttltbfffbb29JCW5953OqA==
x-amz-cf-pop: SYD1-C1
x-cache: Miss from cloudfront

GET
H/1.1

200
OK

match Show response
s.pubmine.com/ Frame A304
Redirect Chain

https://ups.analytics.yahoo.com/ups/58366/occ?uid=e9656c5a-7d53-4058-9c9e-294d65744516
https://ups.analytics.yahoo.com/ups/58366/occ?uid=e9656c5a-7d53-4058-9c9e-294d65744516&verify=true
https://s.pubmine.com/match?bidder_id=15&external_user_id=y-t5imU1VE2uGuIPIQPNKiBogxvYOlSXYleD8lojM-~A&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516

43 B
735 B

279ms
170ms

Document
image/gif

54.215.152.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pubmine.com/match?bidder_id=15&external_user_id=y-t5imU1VE2uGuIPIQPNKiBogxvYOlSXYleD8lojM-~A&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.215.152.213 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-215-152-213.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: image/gif
Date: Mon, 29 Jan 2024 20:58:17 GMT
Server: nginx
Transfer-Encoding: chunked

Redirect headers

age: 0
content-length: 0
date: Mon, 29 Jan 2024 20:58:17 GMT
location: https://s.pubmine.com/match?bidder_id=15&external_user_id=y-t5imU1VE2uGuIPIQPNKiBogxvYOlSXYleD8lojM-~A&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.10.94
strict-transport-security: max-age=31536000

GET
H2 200 prbds2s Show response
rtb.gumgum.com/usync/ Frame 2F11 3 KB
1 KB 710ms
232ms Document
text/html 57.180.149.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 57.180.149.130 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-57-180-149-130.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: abee457af55d5e958ad774ec565fb94143487f860500437439a2d208e35058f8

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Mon, 29 Jan 2024 20:58:17 GMT
etag: W/"0ff1881b775af5b55f3da02a17e4d414f"
server: nginx
timing-allow-origin: *

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/ib/static/usersync/v3/ Frame 7357 995 B
1 KB 120ms
35ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 17535310
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 506
Content-Type: text/html
Date: Mon, 29 Jan 2024 20:58:16 GMT
ETag: W/"573e714d-3e3"
Expires: Tue, 09 Jul 2024 22:03:08 GMT
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 5765, 2245
X-Served-By: cache-lga21923-LGA, cache-akl10328-AKL
X-Timer: S1706561897.820397,VS0,VE0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 917A 16 KB
6 KB 79ms
70ms Document
text/html 23.198.59.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156204&gdpr=0&gdpr_consent=
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.198.59.89 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-198-59-89.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=25004
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Mon, 29 Jan 2024 20:58:16 GMT
expires: Tue, 30 Jan 2024 03:55:00 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame DB3A 281 B
554 B 208ms
66ms Document
text/html 23.204.65.234
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.65.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-204-65-234.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 29 Jan 2024 20:58:16 GMT
ETag: "20524-119-60b38417c4040"
Last-Modified: Tue, 28 Nov 2023 15:41:45 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 90E0 36 KB
12 KB 249ms
107ms Document
text/html 23.204.64.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?cid=8CU8HDVRS&cs=13

Requested by

Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.64.24 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-64-24.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

906f18075913738d5463a9d00bade872fd6aa0e7a6994a79b4447b0b14626ea7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=93600
cache-control: max-age=172800
content-encoding: gzip
content-length: 11880
content-type: text/html; charset=UTF-8
date: Mon, 29 Jan 2024 20:58:16 GMT
expires: Wed, 31 Jan 2024 20:58:16 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2

200

pd Show response
u.openx.net/w/1.0/ Frame 841F
Redirect Chain

https://u.openx.net/w/1.0/pd
https://u.openx.net/w/1.0/pd?cc=1

199 B
235 B

166ms
165ms

Document
text/html

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd?cc=1
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 151
content-type: text/html
date: Mon, 29 Jan 2024 20:58:17 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 29 Jan 2024 20:58:16 GMT
location: https://u.openx.net/w/1.0/pd?cc=1
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
via: 1.1 google

GET
H2 200 iframe Show response
sync.teads.tv/ Frame ADB4 153 B
305 B 443ms
216ms Document
text/html 23.204.65.54
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.teads.tv/iframe
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.65.54 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-204-65-54.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 716a727e47216ad28191f60fb09d59015b1bcb3df8cc32b5bb94f73d534a5732

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-length: 153
content-type: text/html; charset=UTF-8
date: Mon, 29 Jan 2024 20:58:17 GMT
expires: Mon, 29 Jan 2024 20:58:17 GMT
pragma: no-cache
server: pekko-http/1.0.0

GET
H/1.1 200
OK sync Show response
x.bidswitch.net/ Frame C39F 43 B
748 B 680ms
212ms Document
image/gif 35.213.12.39
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://x.bidswitch.net/sync?ssp=themediagrid&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 39.12.213.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Mon, 29 Jan 2024 20:58:17 GMT
Server: nginx

GET
DATA 200
OK truncated
/ 135 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a914ebd8267f0641e0ebd8333aa52a13ec9635160335147b7d90aed18c6db017

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK pixel
s.pubmine.com/ 43 B
286 B 173ms
169ms Image
image/gif 54.215.152.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.pubmine.com/pixel?id=15&type=img
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.215.152.213 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-215-152-213.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 29 Jan 2024 20:58:16 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H/1.1

200
OK

match
s.pubmine.com/
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=18894&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&gdpr=0&gdpr_consent=&us_privacy=
https://s.pubmine.com/match?bidder_id=14&external_user_id=LRZEW3ES-P-TH4&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&gdpr=0

43 B
881 B

480ms
169ms

Image
image/gif

54.215.152.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.pubmine.com/match?bidder_id=14&external_user_id=LRZEW3ES-P-TH4&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&gdpr=0
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: HTTP/1.1
Server: 54.215.152.213 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-215-152-213.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 29 Jan 2024 20:58:17 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://s.pubmine.com/match?bidder_id=14&external_user_id=LRZEW3ES-P-TH4&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: da1c8a4a3f9301c03fbeb7a6212a0a54
Expires: 0

GET
H/1.1

200
OK

match
s.pubmine.com/
Redirect Chain

https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D12%26external_user_id%3D%24UID%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26ri...
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D12%26external_user_id%3D%24UID%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516...
https://s.pubmine.com/match?bidder_id=12&external_user_id=1952969358335973430116&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=

43 B
821 B

459ms
170ms

Image
image/gif

54.215.152.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.pubmine.com/match?bidder_id=12&external_user_id=1952969358335973430116&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: HTTP/1.1
Server: 54.215.152.213 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-215-152-213.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 29 Jan 2024 20:58:17 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

location: https://s.pubmine.com/match?bidder_id=12&external_user_id=1952969358335973430116&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=
date: Mon, 29 Jan 2024 20:58:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

match
s.pubmine.com/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D10%26external_user_id%3D%24UID%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.pubmine.com%252Fmatch%253Fbidder_id%253D10%2526external_user_id%253D%2524UID%2526ssp_data%253De9656c5a-7d53-4058-9c9e-294d65744516%2526...
https://s.pubmine.com/match?bidder_id=10&external_user_id=390099430234994453&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=

43 B
853 B

491ms
169ms

Image
image/gif

54.215.152.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.pubmine.com/match?bidder_id=10&external_user_id=390099430234994453&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: HTTP/1.1
Server: 54.215.152.213 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-215-152-213.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 29 Jan 2024 20:58:17 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 20:58:17 GMT
an-x-request-uuid: 32a678de-286f-4549-893c-3d5f6b15ab93
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://s.pubmine.com/match?bidder_id=10&external_user_id=390099430234994453&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=
x-proxy-origin: 103.75.11.107; 103.75.11.107; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

match
s.pubmine.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=wordpress&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&user_id=e9656c5a-7d53-4058-9c9e-294d65744516&gdpr=0&gdpr_consent=
https://s.pubmine.com/match?bidder_id=1&external_user_id=&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&gdpr=0&gdpr_consent=

43 B
286 B

496ms
168ms

Image
image/gif

54.215.152.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.pubmine.com/match?bidder_id=1&external_user_id=&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&gdpr=0&gdpr_consent=
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: HTTP/1.1
Server: 54.215.152.213 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-215-152-213.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 29 Jan 2024 20:58:17 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

Location: //s.pubmine.com/match?bidder_id=1&external_user_id=&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&gdpr=0&gdpr_consent=
Date: Mon, 29 Jan 2024 20:58:17 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

match
s.pubmine.com/
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D1%26external_user_id%3D%24%7BBSW_UUID%7D%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26gdpr%3D0%2...
https://s.pubmine.com/match?bidder_id=1&external_user_id=&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&gdpr=0&gdpr_consent=&us_privacy=

43 B
286 B

555ms
169ms

Image
image/gif

54.215.152.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.pubmine.com/match?bidder_id=1&external_user_id=&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: HTTP/1.1
Server: 54.215.152.213 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-215-152-213.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 29 Jan 2024 20:58:17 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

Location: https://s.pubmine.com/match?bidder_id=1&external_user_id=&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&gdpr=0&gdpr_consent=&us_privacy=
Date: Mon, 29 Jan 2024 20:58:17 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

match
s.pubmine.com/
Redirect Chain

https://ssc-cms.33across.com/ps/?ri=0010b00002CphGRAAZ&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26r...
https://s.pubmine.com/match?bidder_id=6&external_user_id=212441020506510&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=

43 B
909 B

464ms
169ms

Image
image/gif

54.215.152.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.pubmine.com/match?bidder_id=6&external_user_id=212441020506510&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: HTTP/1.1
Server: 54.215.152.213 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-215-152-213.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 29 Jan 2024 20:58:17 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 20:58:16 GMT
referrer-policy: unsafe-url
server: 33XP003
x-33x-status: 100000000008200000C
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://s.pubmine.com/match?bidder_id=6&external_user_id=212441020506510&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
BLOB 200
OK 679ae680-83fe-4cd6-89ca-f155380d2432
https://ref-lek-ti-one-rom-val.blog/ 2 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ref-lek-ti-one-rom-val.blog/679ae680-83fe-4cd6-89ca-f155380d2432
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b32ac08ac704f56f164eca7ed8dbc4ff2c50dff8f9e3527d2c52c93081672b02

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Length: 1572
Content-Type: text/javascript

GET
H2

200

match
c1.adform.net/serving/cookie/
Redirect Chain

https://id5-sync.com/i/102/8.gif?id5id=ID5*07Qxuu-8NOdV7aI6gMm92TErmKjv-h27cs_0Mb_oLxeALTi9lvn4lAp_7B9wCstCgC7xo9txmfoDxNgB2x_Gdg&o=api&gdpr_consent=undefined&gdpr=0
https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-6e33yLx9amxYuXRSNSzVW39eEY__DBOY1uwdEsaxCA&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F7%2F2.gif%3Fpuid%3DSMART_...
https://id5-sync.com/c/102/102/7/2.gif?puid=107412159050058478&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
https://id5-sync.com/k/264.gif?puid=43a4982c-151d-422a-9f30-e68972fa9133&ttl=%%TTL%%
https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F5%2F4.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F5%2F4.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
https://id5-sync.com/c/102/112/5/4.gif?puid=EDEB08B18D447FC&gdpr=0&gdpr_consent=
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F4%2F5.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D
https://ps.eyeota.net/match/bounce/?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F4%2F5.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D
https://id5-sync.com/c/102/123/4/5.gif?puid=18d57040cbb-f780000010d421f&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F10%2F3%2F6.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F10%2F3%2F6.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0

35 B
499 B

190ms
190ms

Image
image/gif

185.84.60.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F10%2F3%2F6.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0

Requested by

Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/

Protocol

Server

185.84.60.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 20:58:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 20:58:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F10%2F3%2F6.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 UCookieSetPug Show response
image6.pubmatic.com/AdServer/ Frame 917A 60 B
268 B 469ms
153ms Script
text/html 67.199.150.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156204&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.199.150.81 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 1ceab22834da9ea5e3f3e183a99c430260ae3033e995a25965761707e61eab6e

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

content-type: text/html; charset=UTF-8
date: Mon, 29 Jan 2024 20:58:17 GMT
cache-control: private
expires: Sun, 28 Apr 2024 13:51:45 GMT
content-length: 60
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

bounce Show response
secure.adnxs.com/ Frame 7357
Redirect Chain

https://secure.adnxs.com/async_usersync?cbfn=AN_async_load
https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load

0
647 B

154ms
154ms

Script
text/html

103.43.90.179
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load

Requested by

Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/

Protocol

Server

103.43.90.179 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 20:58:17 GMT
an-x-request-uuid: c847f960-c613-4119-b867-b7128253c39f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 103.75.11.107; 103.75.11.107; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 20:58:17 GMT
an-x-request-uuid: 6194f03e-acb7-4d5e-bcf4-7dbaabed731c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load
cache-control: no-store, no-cache, private
x-proxy-origin: 103.75.11.107; 103.75.11.107; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jslog
s.pubmine.com/ 43 B
286 B 169ms
169ms Image
image/gif 54.215.152.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.pubmine.com/jslog?n=cmp%20ping%20returned%20error%20with%20data%3A%20%7B%22gdprApplies%22%3Afalse%2C%22cmpLoaded%22%3Afalse%2C%22cmpStatus%22%3A%22stub%22%2C%22displayStatus%22%3A%22disabled%22%2C%22apiVersion%22%3A%222%22%7D&pvid=7370aac0-60f4-495d-a6c6-12cd4d6b1102&s=err&v=2.39.01695837358837
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.215.152.213 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-215-152-213.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 29 Jan 2024 20:58:16 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

POST
H/1.1 200
OK adjr Show response
s.pubmine.com/ 123 B
786 B 340ms
171ms XHR
application/json 54.215.152.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pubmine.com/adjr?pvid=7370aac0-60f4-495d-a6c6-12cd4d6b1102&rid=1971926685019
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.215.152.213 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-215-152-213.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 2cd08f698b77fef50d76846cb3f4f32cd6a47f98ba07b717a8d44a08ce6cf11b

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 29 Jan 2024 20:58:17 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://ref-lek-ti-one-rom-val.blog
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame DB3A 39 KB
11 KB 66ms
66ms Script
text/html 23.204.65.234
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.65.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-204-65-234.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b88bc818f09d63feaa1a980f7a5c59ef6afab11e7e426623b620fc50f1edf231

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 29 Jan 2024 20:58:16 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Jan 2024 05:22:09 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=30226
Connection: keep-alive
Content-Length: 10901
Expires: Tue, 30 Jan 2024 05:22:02 GMT

GET
H/1.1

200
OK

match
s.pubmine.com/ Frame 96BD
Redirect Chain

https://sync.technoratimedia.com/services?cb=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D30%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consen...
https://s.pubmine.com/match?bidder_id=30&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=GDPR

43 B
1012 B

335ms
168ms

Image
image/gif

54.215.152.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.pubmine.com/match?bidder_id=30&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=GDPR
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: HTTP/1.1
Server: 54.215.152.213 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-215-152-213.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ad-cdn.technoratimedia.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 29 Jan 2024 20:58:17 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

date: Mon, 29 Jan 2024 20:58:17 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: text/plain; charset=utf-8
location: https://s.pubmine.com/match?bidder_id=30&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=GDPR
access-control-allow-origin: https://ad-cdn.technoratimedia.com/
x-varnish: 908882557
access-control-allow-credentials: true
content-length: 0

GET
H/1.1 200
OK match
s.pubmine.com/ Frame 70B1 43 B
549 B 243ms
168ms Image
image/gif 54.215.152.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.pubmine.com/match?bidder_id=21&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=0
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D21%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D&gdpr=0&gdpr_consent=&s=197465&us_privacy=&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.215.152.213 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-215-152-213.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 29 Jan 2024 20:58:17 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame B167 470 B
402 B 480ms
158ms Document
text/html 207.65.33.76
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?o=1&p=156204&sc=1&u=735ED72E-AE86-49E4-A999-A2CE3D4C8400&rs=3&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156204&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.33.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 50aa2998bc7f7d8ef309fa4acc64d939f3c87ac96a0872ecaad9c7d292b1090a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 29 Jan 2024 20:58:17 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 2DB8 470 B
553 B 477ms
157ms Document
text/html 207.65.33.76
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?o=1&p=156204&sc=1&u=735ED72E-AE86-49E4-A999-A2CE3D4C8400&rs=3&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156204&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.33.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 50aa2998bc7f7d8ef309fa4acc64d939f3c87ac96a0872ecaad9c7d292b1090a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 29 Jan 2024 20:58:17 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 2F11
Redirect Chain

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
https://usersync.gumgum.com/usersync?b=apn&i=390099430234994453

35 B
250 B

754ms
187ms

Image
image/gif

52.38.203.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=apn&i=390099430234994453
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol: HTTP/1.1
Server: 52.38.203.118 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-38-203-118.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Mon, 29 Jan 2024 20:58:18 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 20:58:17 GMT
an-x-request-uuid: 50bcbc7a-e580-4508-99c9-e255a8077198
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://usersync.gumgum.com/usersync?b=apn&i=390099430234994453
x-proxy-origin: 103.75.11.107; 103.75.11.107; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
odr.mookie1.com/t/v2/ Frame 2F11
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_a14ddd44-aa1b-4827-9615-f9c3b56a0141&gdpr=0&gdpr_consent=&us_privacy=
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=b545d74e-e7cc-4e07-b487-8f5952d3a59f&ssp=gumgum2&gdpr=0&gdpr_consent=

42 B
204 B

344ms
202ms

Image
image/gif

34.111.79.67
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=b545d74e-e7cc-4e07-b487-8f5952d3a59f&ssp=gumgum2&gdpr=0&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol: H2
Server: 34.111.79.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 67.79.111.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 29 Jan 2024 20:58:17 GMT
via: 1.1 google
last-modified: Thu, 19 Oct 2023 06:07:48 GMT
server: nginx
etag: "6530c7b4-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

Location: //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=b545d74e-e7cc-4e07-b487-8f5952d3a59f&ssp=gumgum2&gdpr=0&gdpr_consent=
Date: Mon, 29 Jan 2024 20:58:17 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 2F11
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://usersync.gumgum.com/usersync?b=opx&i=3d9058ad-f013-408a-9558-280d63545279

35 B
250 B

561ms
188ms

Image
image/gif

52.38.203.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=opx&i=3d9058ad-f013-408a-9558-280d63545279
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol: HTTP/1.1
Server: 52.38.203.118 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-38-203-118.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Mon, 29 Jan 2024 20:58:18 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

date: Mon, 29 Jan 2024 20:58:17 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://usersync.gumgum.com/usersync?b=opx&i=3d9058ad-f013-408a-9558-280d63545279
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 2F11
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
https://qvdt3feo.com/sync?nid=1&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sta&i=0-3f034712-633b-5c9e-600d-bf13af836540$ip$103.75.11.107

35 B
250 B

190ms
189ms

Image
image/gif

52.38.203.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sta&i=0-3f034712-633b-5c9e-600d-bf13af836540$ip$103.75.11.107
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol: HTTP/1.1
Server: 52.38.203.118 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-38-203-118.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Mon, 29 Jan 2024 20:58:19 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=sta&i=0-3f034712-633b-5c9e-600d-bf13af836540$ip$103.75.11.107
date: Mon, 29 Jan 2024 20:58:18 GMT
content-length: 127
content-type: text/html; charset=utf-8

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 2F11
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=oth&i=y-7.tUK2BE2pd56PBQ8GCFQ5pxcIW3wK9OFvZB~A

35 B
250 B

495ms
188ms

Image
image/gif

52.38.203.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=oth&i=y-7.tUK2BE2pd56PBQ8GCFQ5pxcIW3wK9OFvZB~A
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol: HTTP/1.1
Server: 52.38.203.118 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-38-203-118.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Mon, 29 Jan 2024 20:58:18 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

date: Mon, 29 Jan 2024 20:58:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://usersync.gumgum.com/usersync?b=oth&i=y-7.tUK2BE2pd56PBQ8GCFQ5pxcIW3wK9OFvZB~A
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 2F11
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync...
https://usersync.gumgum.com/usersync?b=vnt&i=19446123-c6b0-4547-a915-82d7244ec1ab

35 B
250 B

190ms
190ms

Image
image/gif

52.38.203.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=vnt&i=19446123-c6b0-4547-a915-82d7244ec1ab
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol: HTTP/1.1
Server: 52.38.203.118 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-38-203-118.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Mon, 29 Jan 2024 20:58:18 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=vnt&i=19446123-c6b0-4547-a915-82d7244ec1ab
Date: Mon, 29 Jan 2024 20:58:18 GMT
Connection: keep-alive
X-CI-RTID: 6d4dbca9-2ba1-4c1e-82f6-d2f49b089055
Content-Length: 108
Content-Type: text/html; charset=utf-8

GET
H2 200 142
match.deepintent.com/usersync/ Frame 2F11 0
44 B 706ms
230ms Image
text/plain 169.197.150.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: a /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 29 Jan 2024 20:58:17 GMT
content-length: 0
server: a

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 2F11
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=a_a14ddd44-aa1b-4827-9615-f9c3b56a0141&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=a_a14ddd44-aa1b-4827-9615-f9c3b56a0141&s=2&us_privacy=
https://usersync.gumgum.com/usersync?b=zem&i=wRzZcf6xp5O2ShlVIzxa&gdpr=0

35 B
250 B

187ms
186ms

Image
image/gif

52.38.203.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=zem&i=wRzZcf6xp5O2ShlVIzxa&gdpr=0
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol: HTTP/1.1
Server: 52.38.203.118 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-38-203-118.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Mon, 29 Jan 2024 20:58:18 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 29 Jan 2024 20:58:18 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/html; charset=utf-8
Location: https://usersync.gumgum.com/usersync?b=zem&i=wRzZcf6xp5O2ShlVIzxa&gdpr=0
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 103
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1

400

usersync
usersync.gumgum.com/ Frame 2F11
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://usersync.gumgum.com/usersync?b=pln&i=3GaNu3pmOEWg&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355

0
0

186ms
186ms

Image
text/html

52.38.203.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=pln&i=3GaNu3pmOEWg&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol: HTTP/1.1
Server: 52.38.203.118 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-38-203-118.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Redirect headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: en-NZ
location: https://usersync.gumgum.com/usersync?b=pln&i=3GaNu3pmOEWg&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-75cb9dc7bc-cmr9d
expires: -1

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 2F11
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sad&i=3671503422885759718

35 B
250 B

190ms
189ms

Image
image/gif

52.38.203.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sad&i=3671503422885759718
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol: HTTP/1.1
Server: 52.38.203.118 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-38-203-118.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Mon, 29 Jan 2024 20:58:18 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=sad&i=3671503422885759718
date: Mon, 29 Jan 2024 20:58:17 GMT
content-length: 0

GET
H/1.1 200
OK match
s.pubmine.com/ Frame 2F11 43 B
994 B 571ms
169ms Image
image/gif 54.215.152.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.pubmine.com/match?bidder_id=25&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=a_a14ddd44-aa1b-4827-9615-f9c3b56a0141
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.215.152.213 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-215-152-213.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 29 Jan 2024 20:58:17 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 057F
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=

35 B
508 B

189ms
189ms

Document
image/gif

185.84.60.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=

Requested by

Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.84.60.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Mon, 29 Jan 2024 20:58:18 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Mon, 29 Jan 2024 20:58:17 GMT
expires: -1
location: https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

pixel Show response
cm.g.doubleclick.net/ Frame 13E1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV9hMTRkZGQ0NC1hYTFiLTQ4MjctOTYxNS1mOWMzYjU2YTAxNDE=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersyn...
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV9hMTRkZGQ0NC1hYTFiLTQ4MjctOTYxNS1mOWMzYjU2YTAxNDE=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersyn...

170 B
243 B

167ms
167ms

Document
image/png

172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV9hMTRkZGQ0NC1hYTFiLTQ4MjctOTYxNS1mOWMzYjU2YTAxNDE=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv&google_tc=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 170
content-type: image/png
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 20:58:17 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 436
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 20:58:17 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV9hMTRkZGQ0NC1hYTFiLTQ4MjctOTYxNS1mOWMzYjU2YTAxNDE=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv&google_tc=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame F8B8 16 KB
6 KB 69ms
68ms Document
text/html 23.198.59.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.198.59.89 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-198-59-89.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=25003
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Mon, 29 Jan 2024 20:58:17 GMT
expires: Tue, 30 Jan 2024 03:55:00 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 0215
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=ttd&i=43a4982c-151d-422a-9f30-e68972fa9133

35 B
250 B

456ms
187ms

Document
image/gif

52.38.203.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=ttd&i=43a4982c-151d-422a-9f30-e68972fa9133
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.38.203.118 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-38-203-118.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Mon, 29 Jan 2024 20:58:18 GMT
Expires: 0
Pragma: no-cache

Redirect headers

content-length: 193
date: Mon, 29 Jan 2024 20:58:17 GMT
location: https://usersync.gumgum.com/usersync?b=ttd&i=43a4982c-151d-422a-9f30-e68972fa9133
server: Kestrel

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 9875
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://usersync.gumgum.com/usersync?b=sus&i=ZbgRacCo8YAAAMYPOMwAAAAA

35 B
250 B

260ms
189ms

Document
image/gif

52.38.203.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=sus&i=ZbgRacCo8YAAAMYPOMwAAAAA
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.38.203.118 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-38-203-118.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Mon, 29 Jan 2024 20:58:18 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Cache-Control: private
Connection: keep-alive
Content-Length: 0
Date: Mon, 29 Jan 2024 20:58:17 GMT
Location: https://usersync.gumgum.com/usersync?b=sus&i=ZbgRacCo8YAAAMYPOMwAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
Server: nginx
X-SO-Ads-Time: 5
X-SO-Cluster-ID: 0
X-SO-HostName: a-ad40182.dc2p.scaleout.jp
X-SO-IP: 103.75.11.107
X-SO-Key: ZbgRacCo8YAAAMYPOMwAAAAA
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"103.75.11.107","key":"ZbgRacCo8YAAAMYPOMwAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40182"}
X-SO-LB-Hostname: m-tgng28.dc4p.scaleout.jp
X-SO-Upstream-ID: a-ad40182

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 5D48
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://creativecdn.com/cm-notify?pi=gumgum&tc=1
https://usersync.gumgum.com/usersync?b=rth&i=6-m-AlUpbKtQUxlVUyGGSB0-3NqsrceanbMu1_wucDA&pi=gumgum&tc=1

35 B
250 B

188ms
187ms

Document
image/gif

52.38.203.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=rth&i=6-m-AlUpbKtQUxlVUyGGSB0-3NqsrceanbMu1_wucDA&pi=gumgum&tc=1
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.38.203.118 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-38-203-118.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Mon, 29 Jan 2024 20:58:18 GMT
Expires: 0
Pragma: no-cache

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Mon, 29 Jan 2024 20:58:18 GMT Mon, 29 Jan 2024 20:58:18 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://usersync.gumgum.com/usersync?b=rth&i=6-m-AlUpbKtQUxlVUyGGSB0-3NqsrceanbMu1_wucDA&pi=gumgum&tc=1
pragma: no-cache

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 7EF8
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
https://eus.rubiconproject.com/usync.html?p=gumgum

281 B
554 B

66ms
66ms

Document
text/html

23.204.65.234
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.65.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-204-65-234.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 29 Jan 2024 20:58:17 GMT
ETag: "20524-119-60b38417c4040"
Last-Modified: Tue, 28 Nov 2023 15:41:45 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Mon, 29 Jan 2024 20:58:17 GMT
location: https://eus.rubiconproject.com/usync.html?p=gumgum
server: AkamaiGHost

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E092
Redirect Chain

https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=b545d74e-e7cc-4e07-b487-8f5952d3a59f&google_hm=YjU0NWQ3NGUtZTdjYy00ZTA3LWI0ODctOGY1OTUyZDNhNTlm
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm=&google_sc=&ssp=sonobi&bsw_param=b545d74e-e7cc-4e07-b487-8f5952d3a59f&google_hm=YjU0NWQ3NGUtZTdjYy00ZTA3LWI0ODctOGY1OTUyZDNhNTl...

170 B
232 B

169ms
168ms

Image
image/png

172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm=&google_sc=&ssp=sonobi&bsw_param=b545d74e-e7cc-4e07-b487-8f5952d3a59f&google_hm=YjU0NWQ3NGUtZTdjYy00ZTA3LWI0ODctOGY1OTUyZDNhNTlm&google_tc=

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?

Protocol

Server

172.217.24.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://sync.go.sonobi.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 20:58:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 20:58:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm=&google_sc=&ssp=sonobi&bsw_param=b545d74e-e7cc-4e07-b487-8f5952d3a59f&google_hm=YjU0NWQ3NGUtZTdjYy00ZTA3LWI0ODctOGY1OTUyZDNhNTlm&google_tc=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 430
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame E092
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=&gdpr=0&gdpr_consent=
https://sync.go.sonobi.com/us.gif?nw=td&nuid=9ee3b15a-9c6e-49de-b000-23cb147cd44e&pubid=

49 B
881 B

186ms
186ms

Image
image/gif

72.34.250.75
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=td&nuid=9ee3b15a-9c6e-49de-b000-23cb147cd44e&pubid=

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?

Protocol

HTTP/1.1

Server

72.34.250.75 Hemet, United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://sync.go.sonobi.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Pragma: no-cache
Date: Mon, 29 Jan 2024 20:58:17 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-lax-1-5-26
Content-Type: image/gif
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://sync.go.sonobi.com/us.gif?nw=td&nuid=9ee3b15a-9c6e-49de-b000-23cb147cd44e&pubid=
date: Mon, 29 Jan 2024 20:58:17 GMT
server: Kestrel
content-length: 207

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame E092
Redirect Chain

https://p.rfihub.com/cm?pub=35683&in=1
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=4545175990075894257

49 B
864 B

186ms
186ms

Image
image/gif

72.34.250.75
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=zt&nuid=4545175990075894257

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?

Protocol

HTTP/1.1

Server

72.34.250.75 Hemet, United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://sync.go.sonobi.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Pragma: no-cache
Date: Mon, 29 Jan 2024 20:58:18 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-lax-1-5-74
Content-Type: image/gif
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: https://sync.go.sonobi.com/us.gif?nw=zt&nuid=4545175990075894257
Date: Mon, 29 Jan 2024 20:58:17 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame E092
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=286
https://qvdt3feo.com/sync?nid=286
https://sync.go.sonobi.com/us.gif?nw=st&nuid=PwNHEmM7XJ5gDb8Tr4NlQGdLC2s

49 B
872 B

186ms
186ms

Image
image/gif

72.34.250.75
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=st&nuid=PwNHEmM7XJ5gDb8Tr4NlQGdLC2s

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?

Protocol

HTTP/1.1

Server

72.34.250.75 Hemet, United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://sync.go.sonobi.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Pragma: no-cache
Date: Mon, 29 Jan 2024 20:58:19 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-lax-1-5-12
Content-Type: image/gif
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://sync.go.sonobi.com/us.gif?nw=st&nuid=PwNHEmM7XJ5gDb8Tr4NlQGdLC2s
date: Mon, 29 Jan 2024 20:58:18 GMT
content-length: 99
content-type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E092
Redirect Chain

https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=1fceaeba-7de2-4dcd-8065-2a0d811b49a3&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=aEMweE5FVWFKeldXcnpoMzZ3UnFNZw&gdpr=&gdpr_consent=

170 B
188 B

165ms
165ms

Image
image/png

172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=aEMweE5FVWFKeldXcnpoMzZ3UnFNZw&gdpr=&gdpr_consent=

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?

Protocol

Server

172.217.24.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://sync.go.sonobi.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 20:58:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: en-NZ
location: https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=aEMweE5FVWFKeldXcnpoMzZ3UnFNZw&gdpr=&gdpr_consent=
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-75cb9dc7bc-knmbh
expires: -1

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame E092
Redirect Chain

https://creativecdn.com/cm-notify?pi=sonobi
https://creativecdn.com/cm-notify?pi=sonobi&tc=1
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=6-m-AlUpbKtQUxlVUyGGSB0-3NqsrceanbMu1_wucDA&pi=sonobi&tc=1

49 B
888 B

187ms
187ms

Image
image/gif

72.34.250.75
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=rh&nuid=6-m-AlUpbKtQUxlVUyGGSB0-3NqsrceanbMu1_wucDA&pi=sonobi&tc=1

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?

Protocol

HTTP/1.1

Server

72.34.250.75 Hemet, United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://sync.go.sonobi.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Pragma: no-cache
Date: Mon, 29 Jan 2024 20:58:18 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-lax-1-5-81
Content-Type: image/gif
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://sync.go.sonobi.com/us.gif?nw=rh&nuid=6-m-AlUpbKtQUxlVUyGGSB0-3NqsrceanbMu1_wucDA&pi=sonobi&tc=1
pragma: no-cache
date: Mon, 29 Jan 2024 20:58:18 GMT, Mon, 29 Jan 2024 20:58:18 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame E092
Redirect Chain

https://t.adx.opera.com/pub/sync?pubid=pub9935550313792
https://sync.go.sonobi.com/us.gif?nuid=OPUe72c199cbe28429b911f3f869734bd61&nw=oa

49 B
880 B

186ms
186ms

Image
image/gif

72.34.250.75
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nuid=OPUe72c199cbe28429b911f3f869734bd61&nw=oa

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?

Protocol

HTTP/1.1

Server

72.34.250.75 Hemet, United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://sync.go.sonobi.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Pragma: no-cache
Date: Mon, 29 Jan 2024 20:58:18 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-lax-1-5-78
Content-Type: image/gif
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 20:58:18 GMT
server: nginx
access-control-allow-methods: POST, GET
content-type: text/html; charset=utf-8
access-control-allow-origin: *
location: https://sync.go.sonobi.com/us.gif?nuid=OPUe72c199cbe28429b911f3f869734bd61&nw=oa
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 107
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame E092
Redirect Chain

https://ib.adnxs.com/getuid?https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID
https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=390099430234994453

49 B
863 B

186ms
186ms

Image
image/gif

72.34.250.75
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=390099430234994453

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?

Protocol

HTTP/1.1

Server

72.34.250.75 Hemet, United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://sync.go.sonobi.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Pragma: no-cache
Date: Mon, 29 Jan 2024 20:58:17 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-lax-1-5-91
Content-Type: image/gif
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 20:58:17 GMT
an-x-request-uuid: 2168fa2c-413a-428c-8b1a-142eecebaeec
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=390099430234994453
x-proxy-origin: 103.75.11.107; 103.75.11.107; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

usg.gif
sync.go.sonobi.com/ Frame E092
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=MWZjZWFlYmEtN2RlMi00ZGNkLTgwNjUtMmEwZDgxMWI0OWEz
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm=&google_hm=MWZjZWFlYmEtN2RlMi00ZGNkLTgwNjUtMmEwZDgxMWI0OWEz&google_tc=
https://sync.go.sonobi.com/usg.gif?google_error=3

49 B
446 B

186ms
186ms

Image
image/gif

72.34.250.75
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usg.gif?google_error=3

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?

Protocol

HTTP/1.1

Server

72.34.250.75 Hemet, United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://sync.go.sonobi.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Pragma: no-cache
Date: Mon, 29 Jan 2024 20:58:18 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-lax-1-5-68
Content-Type: image/gif
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 20:58:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.go.sonobi.com/usg.gif?google_error=3
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 246
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame E092
Redirect Chain

https://dpm.demdex.net/ibs:dpid=87880&dpuuid=1fceaeba-7de2-4dcd-8065-2a0d811b49a3
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=1fceaeba-7de2-4dcd-8065-2a0d811b49a3

42 B
716 B

232ms
231ms

Image
image/gif

34.193.170.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=1fceaeba-7de2-4dcd-8065-2a0d811b49a3

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?

Protocol

Server

34.193.170.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-170-224.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://sync.go.sonobi.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

dcs: dcs-prod-va6-1-v053-038909da5.edge-va6.demdex.com 3 ms
pragma: no-cache
date: Mon, 29 Jan 2024 20:58:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: xrb0bka5StQ=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-va6-2-v053-056bc6c25.edge-va6.demdex.com 0 ms
pragma: no-cache
date: Mon, 29 Jan 2024 20:58:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: 9QUI1XszQzw=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=1fceaeba-7de2-4dcd-8065-2a0d811b49a3
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame DB3A 7 B
904 B 637ms
158ms XHR
application/json 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: beb52df1a5a4b2f2cb3f37642c514298
Expires: 0

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 3264
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=

281 B
554 B

88ms
66ms

Document
text/html

23.204.65.234
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.65.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-204-65-234.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 29 Jan 2024 20:58:17 GMT
ETag: "20524-119-60b38417c4040"
Last-Modified: Tue, 28 Nov 2023 15:41:45 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Mon, 29 Jan 2024 20:58:17 GMT
location: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server: AkamaiGHost

GET
H3

200

cm Show response
us-u.openx.net/w/1.0/ Frame 63CA
Redirect Chain

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1706561897504.6&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c...
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D...
https://us-u.openx.net/w/1.0/cm?cc=1&id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_priva...

373 B
283 B

168ms
168ms

Document
text/html

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 66b10322968093772e35bd5ce74c824dba3ca8fe6c3ed3b1bf2330827ad1fc62

Request headers

Referer: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 267
content-type: text/html
date: Mon, 29 Jan 2024 20:58:18 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 29 Jan 2024 20:58:17 GMT
location: https://us-u.openx.net/w/1.0/cm?cc=1&id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
via: 1.1 google

GET
H/1.1

200
OK

match
s.pubmine.com/ Frame 297D
Redirect Chain

https://ssc-cms.33across.com/ps/?_=1706561897504.&ri=zzz000000000002zzz&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3De9656c5a-7d53-...
https://s.pubmine.com/match?bidder_id=24&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=212441020506510

43 B
1 KB

173ms
169ms

Image
image/gif

54.215.152.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.pubmine.com/match?bidder_id=24&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=212441020506510
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
Protocol: HTTP/1.1
Server: 54.215.152.213 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-215-152-213.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 29 Jan 2024 20:58:17 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 20:58:16 GMT
referrer-policy: unsafe-url
server: 33XP016
x-33x-status: 100000000008200000A
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://s.pubmine.com/match?bidder_id=24&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=212441020506510
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H2

200

match
events-ssc.33across.com/ Frame 297D
Redirect Chain

https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=the33across&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=93&user_id=43a4982c-151d-422a-9f30-e68972fa9133&expires=30&ssp=the33across&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21}
https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=b545d74e-e7cc-4e07-b487-8f5952d3a59f
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=b545d74e-e7cc-4e07-b487-8f5952d3a59f&ts=1706561898&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

68 B
117 B

213ms
212ms

Image
image/png

34.117.239.71
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events-ssc.33across.com/match?bidder_id=10&external_user_id=b545d74e-e7cc-4e07-b487-8f5952d3a59f&ts=1706561898&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
Protocol: H2
Server: 34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 29 Jan 2024 20:58:18 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 20:58:18 GMT
referrer-policy: unsafe-url
server: 33XP006
x-33x-status: 8000000008200000A
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://events-ssc.33across.com/match?bidder_id=10&external_user_id=b545d74e-e7cc-4e07-b487-8f5952d3a59f&ts=1706561898&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H3

200

match
events-ssc.33across.com/ Frame 297D
Redirect Chain

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1706561897504.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fe...
https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=a15765b8-116a-4a00-be10-f4e25a95d27a

68 B
82 B

210ms
210ms

Image
image/png

34.117.239.71
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=a15765b8-116a-4a00-be10-f4e25a95d27a
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
Protocol: H3
Server: 34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 29 Jan 2024 20:58:18 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

Redirect headers

Date: Mon, 29 Jan 2024 20:58:18 GMT
Server: MT3 1451 1934b03 master iad iad-pixel-x19 config_version:"539"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=a15765b8-116a-4a00-be10-f4e25a95d27a
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 29 Jan 2024 20:58:17 GMT

GET
H2

204

pixelSync
pixel-sync.sitescout.com/dmp/ Frame 297D
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D

0
187 B

302ms
302ms

Image
text/plain

98.98.134.243
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
Protocol: H2
Server: 98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Mon, 29 Jan 2024 20:58:18 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location: https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D
date: Mon, 29 Jan 2024 20:58:18 GMT
server: A
content-length: 0

GET
H2

200

match
events-ssc.33across.com/ Frame 297D
Redirect Chain

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1706561897504.7&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253...
https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=390099430234994453

68 B
117 B

361ms
213ms

Image
image/png

34.117.239.71
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=390099430234994453
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
Protocol: H2
Server: 34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 29 Jan 2024 20:58:18 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 20:58:17 GMT
an-x-request-uuid: 84075082-557d-4310-bfba-7d0d6f3b712a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=390099430234994453
x-proxy-origin: 103.75.11.107; 103.75.11.107; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame DAE1
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=

281 B
554 B

152ms
66ms

Document
text/html

23.204.65.234
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.65.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-204-65-234.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 29 Jan 2024 20:58:17 GMT
ETag: "20524-119-60b38417c4040"
Last-Modified: Tue, 28 Nov 2023 15:41:45 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Mon, 29 Jan 2024 20:58:17 GMT
location: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server: AkamaiGHost

GET
H3

200

match
events-ssc.33across.com/ Frame DB5C
Redirect Chain

https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=the33across&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=the33across&gdpr=0&user_id=xo8lA8GLcVrdiSFZk45qCcKLIg_d2HMCldxvWzbN
https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=b545d74e-e7cc-4e07-b487-8f5952d3a59f
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=b545d74e-e7cc-4e07-b487-8f5952d3a59f&ts=1706561898&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

68 B
82 B

212ms
211ms

Image
image/png

34.117.239.71
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events-ssc.33across.com/match?bidder_id=10&external_user_id=b545d74e-e7cc-4e07-b487-8f5952d3a59f&ts=1706561898&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D
Protocol: H3
Server: 34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 29 Jan 2024 20:58:18 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 20:58:17 GMT
referrer-policy: unsafe-url
server: 33XP008
x-33x-status: 8000000008200000A
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://events-ssc.33across.com/match?bidder_id=10&external_user_id=b545d74e-e7cc-4e07-b487-8f5952d3a59f&ts=1706561898&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H3

200

match
events-ssc.33across.com/ Frame DB5C
Redirect Chain

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1706561897504.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fe...
https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=a5f565b8-116a-4f00-a9cd-8e0bdba55718

68 B
82 B

209ms
209ms

Image
image/png

34.117.239.71
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=a5f565b8-116a-4f00-a9cd-8e0bdba55718
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D
Protocol: H3
Server: 34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 29 Jan 2024 20:58:18 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

Redirect headers

Date: Mon, 29 Jan 2024 20:58:18 GMT
Server: MT3 1451 1934b03 master iad iad-pixel-x19 config_version:"539"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=a5f565b8-116a-4f00-a9cd-8e0bdba55718
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 29 Jan 2024 20:58:17 GMT

GET
H2

204

pixelSync
pixel-sync.sitescout.com/dmp/ Frame DB5C
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D

0
187 B

301ms
301ms

Image
text/plain

98.98.134.243
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D
Protocol: H2
Server: 98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Mon, 29 Jan 2024 20:58:18 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location: https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D
date: Mon, 29 Jan 2024 20:58:18 GMT
server: A
content-length: 0

GET
H3

200

cm Show response
us-u.openx.net/w/1.0/ Frame 11FF
Redirect Chain

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1706561897504.6&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c...
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D...
https://us-u.openx.net/w/1.0/cm?cc=1&id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_priva...

373 B
282 B

165ms
164ms

Document
text/html

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: fdab7ebd6e42f16b9e3014ddfeffbf150773e27770c4ed4b9850ead004fe6db9

Request headers

Referer: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 266
content-type: text/html
date: Mon, 29 Jan 2024 20:58:18 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 29 Jan 2024 20:58:17 GMT
location: https://us-u.openx.net/w/1.0/cm?cc=1&id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
via: 1.1 google

GET
H2

200

match
events-ssc.33across.com/ Frame DB5C
Redirect Chain

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1706561897504.7&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253...
https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=390099430234994453

68 B
216 B

344ms
210ms

Image
image/png

34.117.239.71
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=390099430234994453
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D
Protocol: H2
Server: 34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 29 Jan 2024 20:58:18 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 20:58:17 GMT
an-x-request-uuid: ab70f16c-38fe-4d84-97a1-cedba782c80e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=390099430234994453
x-proxy-origin: 103.75.11.107; 103.75.11.107; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

match
s.pubmine.com/ Frame DB5C
Redirect Chain

https://ssc-cms.33across.com/ps/?_=1706561897504.&ri=0010b00002CphGRAAZ&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSER...
https://s.pubmine.com/match?bidder_id=6&external_user_id=212441020506510&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&gdpr=0&gdpr_consent=&us_privacy=

43 B
1016 B

262ms
170ms

Image
image/gif

54.215.152.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.pubmine.com/match?bidder_id=6&external_user_id=212441020506510&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D
Protocol: HTTP/1.1
Server: 54.215.152.213 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-215-152-213.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 29 Jan 2024 20:58:18 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 20:58:16 GMT
referrer-policy: unsafe-url
server: 33XP016
x-33x-status: 100000000008200000A
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://s.pubmine.com/match?bidder_id=6&external_user_id=212441020506510&ssp_data=e9656c5a-7d53-4058-9c9e-294d65744516&rid=&gdpr=0&gdpr_consent=&us_privacy=
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 7EF8 39 KB
11 KB 175ms
67ms Script
text/html 23.204.65.234
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.65.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-204-65-234.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b88bc818f09d63feaa1a980f7a5c59ef6afab11e7e426623b620fc50f1edf231

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 29 Jan 2024 20:58:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Jan 2024 05:22:09 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=30225
Connection: keep-alive
Content-Length: 10901
Expires: Tue, 30 Jan 2024 05:22:02 GMT

GET
H2 200 cl_partner.html Show response
ads.pubmatic.com/AdServer/js/ Frame D2B3 1 KB
1 KB 69ms
69ms Document
text/html 23.198.59.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3D735ED72E-AE86-49E4-A999-A2CE3D4C8400%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID
Requested by: Host: simage4.pubmatic.com
URL: https://simage4.pubmatic.com/AdServer/SPug?o=1&p=156204&sc=1&u=735ED72E-AE86-49E4-A999-A2CE3D4C8400&rs=3&gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.198.59.89 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-198-59-89.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 4454d9d3961cb38ef425de34b4e6173fe6d284f8625c74c6d125aec648a25d08

Request headers

Referer: https://simage4.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=79895
content-encoding: gzip
content-length: 878
content-type: text/html
date: Mon, 29 Jan 2024 20:58:17 GMT
expires: Tue, 30 Jan 2024 19:09:52 GMT
last-modified: Wed, 08 Feb 2023 05:37:50 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 cl_partner.html Show response
ads.pubmatic.com/AdServer/js/ Frame 8B51 1 KB
1 KB 70ms
69ms Document
text/html 23.198.59.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3D735ED72E-AE86-49E4-A999-A2CE3D4C8400%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID
Requested by: Host: simage4.pubmatic.com
URL: https://simage4.pubmatic.com/AdServer/SPug?o=1&p=156204&sc=1&u=735ED72E-AE86-49E4-A999-A2CE3D4C8400&rs=3&gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.198.59.89 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-198-59-89.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 4454d9d3961cb38ef425de34b4e6173fe6d284f8625c74c6d125aec648a25d08

Request headers

Referer: https://simage4.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=79895
content-encoding: gzip
content-length: 878
content-type: text/html
date: Mon, 29 Jan 2024 20:58:17 GMT
expires: Tue, 30 Jan 2024 19:09:52 GMT
last-modified: Wed, 08 Feb 2023 05:37:50 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 3264 39 KB
11 KB 109ms
67ms Script
text/html 23.204.65.234
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.65.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-204-65-234.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b88bc818f09d63feaa1a980f7a5c59ef6afab11e7e426623b620fc50f1edf231

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 29 Jan 2024 20:58:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Jan 2024 05:22:09 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=30225
Connection: keep-alive
Content-Length: 10901
Expires: Tue, 30 Jan 2024 05:22:02 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame DAE1 39 KB
11 KB 76ms
76ms Script
text/html 23.204.65.234
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.65.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-204-65-234.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b88bc818f09d63feaa1a980f7a5c59ef6afab11e7e426623b620fc50f1edf231

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 29 Jan 2024 20:58:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Jan 2024 05:22:09 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=30225
Connection: keep-alive
Content-Length: 10901
Expires: Tue, 30 Jan 2024 05:22:02 GMT

GET
H2 200 match
events-ssc.33across.com/ Frame 63CA 68 B
117 B 208ms
208ms Image
image/png 34.117.239.71
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=70&external_user_id=069584a6-5471-43b5-83fb-d2a18c674ca3
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 29 Jan 2024 20:58:18 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

GET
H2 200 match
events-ssc.33across.com/ Frame 11FF 68 B
117 B 207ms
207ms Image
image/png 34.117.239.71
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=70&external_user_id=bfae9fc8-9801-4f96-80e6-b1704e77a5bf
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 29 Jan 2024 20:58:18 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame DB3A
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=sh0XIb3GRbCZkPGeJW82Gg&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=sh0XIb3GRbCZkPGeJW82Gg

43 B
479 B

319ms
319ms

Image
image/gif

54.239.38.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=sh0XIb3GRbCZkPGeJW82Gg

Requested by

Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/

Protocol

HTTP/1.1

Server

54.239.38.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Pragma: no-cache
Date: Mon, 29 Jan 2024 20:58:20 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: QRC9R8YFQ4ZJC1V670JB
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=sh0XIb3GRbCZkPGeJW82Gg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f60a7260b0ebb7a40a81234af4a9e826
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame DB3A
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRZEW3ES-P-TH4

0
515 B

356ms
273ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRZEW3ES-P-TH4
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 29 Jan 2024 20:58:18 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: ED33851EA3214E1FB8EE2A7230F1ED5E Ref B: AKL30EDGE0609 Ref C: 2024-01-29T20:58:18Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQG+fCCsh3PkX4q5Af/A==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRZEW3ES-P-TH4
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: dedf7fc216a5bbc739a54325e875a79f
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DB3A
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjNjOTc4NmYwY2ZkOGRkOThmMjAxNTJhZDJhMGJlYjM3ZmYwOTU5OQ

170 B
188 B

165ms
165ms

Image
image/png

172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjNjOTc4NmYwY2ZkOGRkOThmMjAxNTJhZDJhMGJlYjM3ZmYwOTU5OQ

Requested by

Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/

Protocol

Server

172.217.24.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 20:58:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjNjOTc4NmYwY2ZkOGRkOThmMjAxNTJhZDJhMGJlYjM3ZmYwOTU5OQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: da1c8a4a3f9301c03fbeb7a6212a0a54
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame DB3A
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
https://s.amazon-adsystem.com/ecm3?id=LRZEW3ES-P-TH4&ex=d-rubiconproject.com&status=ok

43 B
479 B

690ms
233ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=LRZEW3ES-P-TH4&ex=d-rubiconproject.com&status=ok

Requested by

Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Pragma: no-cache
Date: Mon, 29 Jan 2024 20:58:19 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: MY3GJEZJ6HFEKZN120MJ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://s.amazon-adsystem.com/ecm3?id=LRZEW3ES-P-TH4&ex=d-rubiconproject.com&status=ok
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: cc2b9026541f49c9c095b4cedfcedb9a
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame DB3A
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=43a4982c-151d-422a-9f30-e68972fa9133&gdpr=0&gdpr_consent=&expires=30

42 B
998 B

566ms
158ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=43a4982c-151d-422a-9f30-e68972fa9133&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: HTTP/1.1
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 548ddf114c6f6bfbb66a4cdeb6a219f4
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=43a4982c-151d-422a-9f30-e68972fa9133&gdpr=0&gdpr_consent=&expires=30
date: Mon, 29 Jan 2024 20:58:18 GMT
server: Kestrel
content-length: 289

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame DB3A
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/ZXQhJBvEXSOrOi8AeZlu9Q?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-cFcuGs5E2oI3nQke2gd_y316iPnnjwDM9.aXNQ--~A

42 B
998 B

160ms
159ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-cFcuGs5E2oI3nQke2gd_y316iPnnjwDM9.aXNQ--~A
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: HTTP/1.1
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Mon, 29 Jan 2024 20:58:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-cFcuGs5E2oI3nQke2gd_y316iPnnjwDM9.aXNQ--~A
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DB3A
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFJaRVczRVMtUC1USDQ=

170 B
188 B

165ms
164ms

Image
image/png

172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFJaRVczRVMtUC1USDQ=

Requested by

Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/

Protocol

Server

172.217.24.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 20:58:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFJaRVczRVMtUC1USDQ=
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: d264e84c9dc1a645a3048554992c5d82
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame DB3A
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=2oITQoqRR2mgCl1kbRFYbg&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=2oITQoqRR2mgCl1kbRFYbg

43 B
479 B

235ms
235ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=2oITQoqRR2mgCl1kbRFYbg

Requested by

Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Pragma: no-cache
Date: Mon, 29 Jan 2024 20:58:19 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: DGE71N0PM51FB21Y33BD
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=2oITQoqRR2mgCl1kbRFYbg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 550b0c1400f70e56269f7c1848fb3166
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame DB3A 170 B
188 B 168ms
166ms Image
image/png 172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc

Requested by

Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.24.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 20:58:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame DB3A
Redirect Chain

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAPVh07LcCMAABRUfEOdMg&expires=30

42 B
998 B

159ms
159ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAPVh07LcCMAABRUfEOdMg&expires=30
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: HTTP/1.1
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 4290507b7388fb86809e552482e2fff0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAPVh07LcCMAABRUfEOdMg&expires=30
Date: Mon, 29 Jan 2024 20:58:19 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2

200

v1
match.sharethrough.com/sync/ Frame DB3A
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=18694
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LRZEW3ES-P-TH4

68 B
281 B

498ms
162ms

Image
image/png

52.220.70.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LRZEW3ES-P-TH4
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: H2
Server: 52.220.70.131 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-220-70-131.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 29 Jan 2024 20:58:19 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LRZEW3ES-P-TH4
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: cc2b9026541f49c9c095b4cedfcedb9a
Expires: 0

GET
H2

200

pixel
capi.connatix.com/us/ Frame DB3A
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=19564
https://capi.connatix.com/us/pixel?puid=LRZEW3ES-P-TH4&pId=11&gdpr=&gdpr_consent=&us_privacy=
https://capi.connatix.com/us/pixel?puid=LRZEW3ES-P-TH4&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true

82 B
82 B

211ms
211ms

Image
image/gif

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/us/pixel?puid=LRZEW3ES-P-TH4&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: H2
Server: 172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 29 Jan 2024 20:58:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
surrogate-control: no-cache, no-store, must-revalidate, max-age=0
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 84d4647d681950ae-AKL
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Mon, 29 Jan 2024 20:58:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
location: https://capi.connatix.com/us/pixel?puid=LRZEW3ES-P-TH4&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 84d4647c1dc150ae-AKL
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame DB3A
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=19446123-c6b0-4547-a915-82d7244ec1ab&expires=30

42 B
998 B

159ms
159ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=19446123-c6b0-4547-a915-82d7244ec1ab&expires=30
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: HTTP/1.1
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 4290507b7388fb86809e552482e2fff0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=19446123-c6b0-4547-a915-82d7244ec1ab&expires=30
Date: Mon, 29 Jan 2024 20:58:18 GMT
Connection: keep-alive
X-CI-RTID: abd69387-6a3b-4f63-a46c-1ddd0a688390
Content-Length: 144
Content-Type: text/html; charset=utf-8

GET
H2

200

cksync
hb.yahoo.net/ Frame DB3A
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LRZEW3ES-P-TH4&redir=true
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LRZEW3ES-P-TH4&redir=true
https://hb.yahoo.net/cksync?cs=63&axid_e=eS11MTRienpoRTJ1R0guX2dOQjAwUWYuX0dDSElvdm93R35B&ovsid=LRZEW3ES-P-TH4&dpid=58160

58 B
612 B

312ms
101ms

Image
image/gif

104.72.70.27
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hb.yahoo.net/cksync?cs=63&axid_e=eS11MTRienpoRTJ1R0guX2dOQjAwUWYuX0dDSElvdm93R35B&ovsid=LRZEW3ES-P-TH4&dpid=58160

Requested by

Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/

Protocol

Server

104.72.70.27 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-72-70-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

55967e8b48ca861fd270485e79457039512b1a4dbdb3a572741c0aa737bca814

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Mon, 29 Jan 2024 20:58:19 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 58
x-mnet-hl2: E
expires: Mon, 29 Jan 2024 20:58:19 GMT

Redirect headers

location: https://hb.yahoo.net/cksync?cs=63&axid_e=eS11MTRienpoRTJ1R0guX2dOQjAwUWYuX0dDSElvdm93R35B&ovsid=LRZEW3ES-P-TH4&dpid=58160
date: Mon, 29 Jan 2024 20:58:19 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame DB3A
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=primis
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LRZEW3ES-P-TH4
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRZEW3ES-P-TH4
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRZEW3ES-P-TH4&ckls=true&ci=1U5BGGCG4J&nc=false&trid=1216361359

43 B
1 KB

283ms
274ms

Image
image/gif

13.35.147.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRZEW3ES-P-TH4&ckls=true&ci=1U5BGGCG4J&nc=false&trid=1216361359
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: H2
Server: 13.35.147.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-147-78.syd1.r.cloudfront.net
Software: /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 20:58:20 GMT
via: 1.1 13ad48adfe7f5ca5b82509779525e518.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD1-C1
x-cache: Miss from cloudfront
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: NWd-6zeDcbC3_qUk9cfOX4hf457n94si_nRvY3dEExCRFICt3nFobg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 20:58:20 GMT
via: 1.1 13ad48adfe7f5ca5b82509779525e518.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD1-C1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location: https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRZEW3ES-P-TH4&ckls=true&ci=1U5BGGCG4J&nc=false&trid=1216361359
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
patent: https://www.almondnet.com/ip
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: HjvBnv1Z1nFvJZgS3x0LP6X3tj-q6zmrUcDDzahxlyZrLGMQVp9xEg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/prebid/ Frame DB3A
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LRZEW3ES-P-TH4

43 B
1 KB

154ms
154ms

Image
image/gif

103.43.90.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LRZEW3ES-P-TH4

Requested by

Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/

Protocol

Server

103.43.90.53 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 20:58:19 GMT
an-x-request-uuid: e842b335-6350-4280-9236-075a87297cf9
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 103.75.11.107; 103.75.11.107; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LRZEW3ES-P-TH4
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 38ddff6a66d3988dfd0c6ea3be81c5f1
Expires: 0

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 7EF8 7 B
904 B 188ms
159ms XHR
application/json 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?khaos=LRZEW3ES-P-TH4
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 808ed95536e7f55d8adbcb9fc76d309d
Expires: 0

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 3264 7 B
904 B 346ms
159ms XHR
application/json 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?khaos=LRZEW3ES-P-TH4
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 548ddf114c6f6bfbb66a4cdeb6a219f4
Expires: 0

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame DAE1 7 B
904 B 496ms
158ms XHR
application/json 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?khaos=LRZEW3ES-P-TH4
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: da1c8a4a3f9301c03fbeb7a6212a0a54
Expires: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 7EF8
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LRZEW3ES-P-TH4
https://usersync.gumgum.com/usersync?b=mag&i=LRZEW3ES-P-TH4

35 B
250 B

189ms
188ms

Image
image/gif

52.38.203.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=mag&i=LRZEW3ES-P-TH4
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3De9656c5a-7d53-4058-9c9e-294d65744516%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol: HTTP/1.1
Server: 52.38.203.118 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-38-203-118.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Mon, 29 Jan 2024 20:58:19 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://usersync.gumgum.com/usersync?b=mag&i=LRZEW3ES-P-TH4
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c80248407eff6cf595ce43a76c04e23f
Expires: 0

GET
H3

200

match
events-ssc.33across.com/ Frame 3264
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=LRZEW3ES-P-TH4
https://ssc-cms.33across.com/ps/?xi=1&xu=LRZEW3ES-P-TH4
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LRZEW3ES-P-TH4&ts=1706561899&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

68 B
82 B

209ms
208ms

Image
image/png

34.117.239.71
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LRZEW3ES-P-TH4&ts=1706561899&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: H3
Server: 34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 29 Jan 2024 20:58:19 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 20:58:19 GMT
referrer-policy: unsafe-url
server: 33XP019
x-33x-status: 8000000008200000A
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LRZEW3ES-P-TH4&ts=1706561899&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H/1.1 200
OK 725X1342.skimlinks.js Show response
s.skimresources.com/js/ 49 KB
19 KB 217ms
72ms Script
application/octet-stream 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://s.skimresources.com/js/725X1342.skimlinks.js
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 2d13d054dec619ab84fd414a83959ab61fb660553b23ba9aaf43f7c4940e5b96

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 29 Jan 2024 20:58:20 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jun 2023 14:20:51 GMT
Server: AmazonS3
x-amz-request-id: WEPQ0CW4GVQZYM7K
ETag: "097f613b5f29b5c85630927229ac793b"
X-HW: 1706561900.cds210.sy2.hn,1706561900.cds209.sy2.c
Content-Type: application/octet-stream
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18888
x-amz-id-2: CR2TWNHFm7QMW3Nxh/4zmVnzzWJjgFici2295fmzm7bT53Ijcak1qCzxSncs59TQoDP13saUIQo=

GET
H3 200 actionbar.css
s0.wp.com/wp-content/mu-plugins/actionbar/ 15 KB
4 KB 70ms
70ms Stylesheet
text/css 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/mu-plugins/actionbar/actionbar.css?v=20240115
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: c1e62caa83381d8a3c58be2a17f28bff4176e8ddcd882bb923f3152852c06df9

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-minify-cache: hit
date: Mon, 29 Jan 2024 20:58:20 GMT
content-encoding: br
x-ac: 2.syd _bur MISS
x-minify: t
alt-svc: h3=":443"; ma=86400
x-nc: HIT syd 2
server: nginx
etag: W/18324-1705283922309.2102
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Tue, 14 Jan 2025 01:58:55 GMT

GET
H3 200 actionbar.js Show response
s0.wp.com/wp-content/mu-plugins/actionbar/ 8 KB
3 KB 71ms
70ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/mu-plugins/actionbar/actionbar.js?v=20231122
Requested by: Host: ref-lek-ti-one-rom-val.blog
URL: https://ref-lek-ti-one-rom-val.blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: a6dc271cbdaa05e97c5144483628df9e30b68326e5b04a5fef3322af1c0f22e0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-minify-cache: hit
date: Mon, 29 Jan 2024 20:58:20 GMT
content-encoding: br
x-ac: 2.syd _bur MISS
x-minify: t
alt-svc: h3=":443"; ma=86400
x-nc: HIT syd 2
server: nginx
etag: W/15307-1700657605824.8071
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Thu, 21 Nov 2024 12:53:36 GMT

GET
H3 200 __utm.gif
ssl.google-analytics.com/ 35 B
55 B 153ms
153ms Image
image/gif 2404:6800:4006:804::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=742974956&utmhn=ref-lek-ti-one-rom-val.blog&utmt=event&utme=14(6800*0*140*470*90*860*1990*2170)(6882*0*141*476*90*865*1990*2179)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=P%C3%A5%20nya%20%C3%A4ventyr%20%E2%80%93%20En%20resa%20genom%20fr%C3%A4mmande%20land&utmhid=32367435&utmr=-&utmp=%2F&utmht=1706561900521&utmac=UA-52447-2&utmcc=__utma%3D1.1249882200.1706561896.1706561896.1706561896.1%3B%2B__utmz%3D1.1706561896.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&aip=1&utmjid=&utmu=uhQAAAAAAAAAAAAAAAAAAAAE~

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:804::2008 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ref-lek-ti-one-rom-val.blog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 21:41:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83781
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 206 robots.txt
t.skimresources.com/api/v2/ Frame 06D5 0
123 B 310ms
165ms Image
text/plain 35.201.67.47
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.3531928030663236
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 47.67.201.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 29 Jan 2024 20:58:20 GMT
via: 1.1 google
cache-control: private, no-store
server: nginx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain

POST
H2 200 / Show response
r.skimresources.com/api/ 150 B
374 B 310ms
166ms XHR
application/json 35.190.59.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r.skimresources.com/api/

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/725X1342.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

101.59.190.35.bc.googleusercontent.com

Software

openresty/1.19.9.1 /

Resource Hash

de0875750b88887e16ec6a11efb64e5cad3b343dd794891e8c1dd33f470e39f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 29 Jan 2024 20:58:21 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: openresty/1.19.9.1
via: 1.1 google
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ref-lek-ti-one-rom-val.blog
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 / Show response
r.skimresources.com/api/ 150 B
188 B 170ms
169ms XHR
application/json 35.190.59.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r.skimresources.com/api/

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/725X1342.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

101.59.190.35.bc.googleusercontent.com

Software

openresty/1.19.9.1 /

Resource Hash

de0875750b88887e16ec6a11efb64e5cad3b343dd794891e8c1dd33f470e39f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 29 Jan 2024 20:58:21 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: openresty/1.19.9.1
via: 1.1 google
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ref-lek-ti-one-rom-val.blog
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 page Show response
t.skimresources.com/api/v2/ 22 B
359 B 168ms
167ms XHR
application/javascript 35.201.67.47
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/v2/page

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/725X1342.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

47.67.201.35.bc.googleusercontent.com

Software

Python/3.11 aiohttp/3.8.6 /

Resource Hash

fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ref-lek-ti-one-rom-val.blog/
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 20:58:21 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.11 aiohttp/3.8.6
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8, application/javascript
access-control-allow-origin: https://ref-lek-ti-one-rom-val.blog
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
content-length: 22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Verdicts & Comments Add Verdict or Comment

120 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

91 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ref-lek-ti-one-rom-val.blog/	1970-01-20 18:04:08	Name: ccpa_applies Value: false
.ref-lek-ti-one-rom-val.blog/	1970-01-20 18:04:08	Name: usprivacy Value: 1---
ref-lek-ti-one-rom-val.blog/	1970-01-21 03:38:41	Name: __utma Value: 1.1249882200.1706561896.1706561896.1706561896.1
ref-lek-ti-one-rom-val.blog/	1969-12-31 23:59:59	Name: __utmc Value: 1
ref-lek-ti-one-rom-val.blog/	1970-01-20 22:25:29	Name: __utmz Value: 1.1706561896.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
ref-lek-ti-one-rom-val.blog/	1970-01-20 18:02:42	Name: __utmt Value: 1
ref-lek-ti-one-rom-val.blog/	1970-01-21 03:38:41	Name: __ATA_tuuid Value: e9656c5a-7d53-4058-9c9e-294d65744516
.technoratimedia.com/	1970-01-20 18:02:45	Name: tads_ipv6 Value: 2404:f780:5:def::c2e
.casalemedia.com/	1970-01-21 02:48:17	Name: CMID Value: ZbgRaBOUXJDwpexsoAaJHQAA
.casalemedia.com/	1970-01-20 20:12:17	Name: CMPS Value: 5326
.casalemedia.com/	1970-01-20 20:12:17	Name: CMPRO Value: 5326
.3lift.com/	1970-01-20 20:12:17	Name: tluid Value: 1952969358335973430116
.smaato.net/	1970-01-20 18:32:56	Name: SCM Value: 921f890dca
.smaato.net/	1970-01-20 18:32:56	Name: SCMp Value: 921f890dca
.omnitagjs.com/	1970-01-20 18:45:53	Name: ayl_visitor Value: f92916907b1d12017859e3b85781bf35
.rubiconproject.com/	1970-01-21 02:48:17	Name: khaos Value: LRZEW3ES-P-TH4
.rubiconproject.com/	1970-01-20 20:12:17	Name: receive-cookie-deprecation Value: 1
.yahoo.com/	1970-01-21 02:48:39	Name: A3 Value: d=AQABBGkRuGUCEC5lYArlLeh3jiLcOPB7k9wFEgEBAQFiuWXBZQ0CxyMA_eMAAA&S=AQAAAmh5iWvNlk7nTn_KGhhypgE
.tynt.com/	1970-01-21 02:48:17	Name: uid Value: CoIKS2W4EWkBlWbLBj5fAg==
.33across.com/	1970-01-21 02:48:17	Name: 33x_ps Value: u%3D212441020506510%3As1%3D1706561897280%3Ats%3D1706561897280
.bidswitch.net/	1970-01-21 02:48:17	Name: c Value: 1706561897
.bidswitch.net/	1970-01-21 02:48:17	Name: tuuid_lu Value: 1706561897
.bidswitch.net/	1970-01-20 18:02:42	Name: ssp_data Value: e9656c5a-7d53-4058-9c9e-294d65744516
.bidswitch.net/	1970-01-21 02:48:17	Name: tuuid Value: b545d74e-e7cc-4e07-b487-8f5952d3a59f
.gumgum.com/	1970-01-21 02:48:17	Name: vst Value: a_a14ddd44-aa1b-4827-9615-f9c3b56a0141
.go.sonobi.com/	1970-01-20 18:02:49	Name: __uqc Value: 1
.go.sonobi.com/	1970-01-20 18:45:53	Name: __uis Value: c8d2749f-d403-474e-b836-a7f694dc9fb7
.adnxs.com/	1970-01-20 20:12:17	Name: uuid2 Value: 390099430234994453
.tynt.com/	1970-01-20 20:12:17	Name: pids Value: %5B%7B%22p%22%3A%223bfd58deb3%22%2C%22f%22%3A1%2C%22ts%22%3A1706561897504%7D%2C%7B%22p%22%3A%227912d88d74%22%2C%22f%22%3A1%2C%22ts%22%3A1706561897504%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1706561897504%7D%2C%7B%22p%22%3A%22bac1bc34e2%22%2C%22f%22%3A1%2C%22ts%22%3A1706561897504%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1706561897504%7D%2C%7B%22p%22%3A%22008c314e8f%22%2C%22f%22%3A1%2C%22ts%22%3A1706561897504%7D%5D
.technoratimedia.com/	1970-01-21 03:38:41	Name: tads_uid Value: GDPR
.adsrvr.org/	1970-01-21 02:49:44	Name: TDID Value: 43a4982c-151d-422a-9f30-e68972fa9133
.go.sonobi.com/	1970-01-20 18:49:29	Name: __uir_an Value: 146145268826846809
.go.sonobi.com/	1970-01-21 02:48:17	Name: __uin_an Value: 390099430234994453
.doubleclick.net/	1970-01-20 18:02:42	Name: test_cookie Value: CheckForPermission
.id5-sync.com/	1970-01-20 20:12:17	Name: id5 Value: 0f5b1a96-6fae-7126-8cd3-54cba20b3cd3#1706561896966#3
.go.sonobi.com/	1970-01-20 20:12:17	Name: __uir_td Value: 146145268826846809
.go.sonobi.com/	1970-01-21 02:48:17	Name: __uin_td Value: 9ee3b15a-9c6e-49de-b000-23cb147cd44e
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjE1MTU0N7W0NDAwN7WwNDEyNRfiM9Q1yEw1SDRNsswuc_QHAJf835YlAAAA
.rfihub.com/	1970-01-21 03:24:17	Name: eud Value: H4sIAAAAAAAA_1slymtobmBmamZoYWluaWgBALDrHaEQAAAA
.rfihub.com/	1970-01-21 03:24:17	Name: rud Value: H4sIAAAAAAAA_-MSNjE1MTU0N7W0NDAwN7WwNDEyNRfiM9Q1yEw1SDRNsswuc_QHAJf835YlAAAA
.socdm.com/	1970-01-21 03:38:41	Name: SOC Value: ZbgRacCo8YAAAMYPOMwAAAAA
.demdex.net/	1970-01-20 22:21:53	Name: demdex Value: 31815047594779773233519742161258229026
.go.sonobi.com/	1970-01-20 18:49:29	Name: __uir_zt Value: 146145273121814106
.go.sonobi.com/	1970-01-21 02:48:17	Name: __uin_zt Value: 4545175990075894257
.ipredictive.com/	1970-01-21 02:48:17	Name: cu Value: 19446123-c6b0-4547-a915-82d7244ec1ab\|1706561898238
.zemanta.com/	1970-01-21 02:48:17	Name: zuid Value: wRzZcf6xp5O2ShlVIzxa
.creativecdn.com/	1970-01-21 02:48:17	Name: ts Value: 1706561898
.creativecdn.com/	1970-01-21 02:48:17	Name: g Value: M2NtNWt99wUP4t5dJwXk_1706561898212
.adsrvr.org/	1970-01-21 02:49:44	Name: TDCPM Value: CAESGAoJYmlkc3dpdGNoEgsI2LbS0eHF0DwQBRIWCgdydWJpY29uEgsI9PqT1uHF0DwQBRgBIAIoAjILCJaOi4D4xdA8EAU4AVoHOGg5dTExaGAC
.dpm.demdex.net/	1970-01-20 22:21:53	Name: dpm Value: 31815047594779773233519742161258229026
.smartadserver.com/	1970-01-21 03:32:56	Name: pid Value: 3671503422885759718
.adx.opera.com/	1970-01-21 02:48:17	Name: UID Value: OPUe72c199cbe28429b911f3f869734bd61
.mathtag.com/	1970-01-21 03:28:37	Name: uuid Value: a15765b8-116a-4a00-be10-f4e25a95d27a
.contextweb.com/	1970-01-21 02:41:05	Name: V Value: 3GaNu3pmOEWg
.contextweb.com/	1970-01-21 02:48:17	Name: pb_rtb_ev Value: 3-1pef\|7bq.0.1
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: d8f83f4126880cea
.linkedin.com/	1970-01-21 02:48:17	Name: bcookie Value: "v=2&1a792a3c-d5cc-4cd0-8133-3d5bf555dc4d"
.linkedin.com/	1970-01-20 18:04:08	Name: lidc Value: "b=TGST06:s=T:r=T:a=T:p=T:g=2813:u=1:x=1:i=1706561898:t=1706648298:v=2:sig=AQG8aipdgwEqOlEv0YYUMWVY4MTBivo6"
.go.sonobi.com/	1970-01-20 18:49:29	Name: __uir_oa Value: 146145273121814106
.go.sonobi.com/	1970-01-21 02:48:17	Name: __uin_oa Value: OPUe72c199cbe28429b911f3f869734bd61
.go.sonobi.com/	1970-01-20 18:49:29	Name: __uir_rh Value: 146145273121814106
.go.sonobi.com/	1970-01-21 02:48:17	Name: __uin_rh Value: 6-m-AlUpbKtQUxlVUyGGSB0-3NqsrceanbMu1_wucDA
.semasio.net/	1970-01-21 02:48:17	Name: SEUNCY Value: EDEB08B18D447FC
qvdt3feo.com/	1970-01-21 02:48:17	Name: sa-user-id Value: s%3A0-3f034712-633b-5c9e-600d-bf13af836540.tfNysuxc3auERrxEaQe6H%2FrMfEEIniZhNOG5OoOjKKE
.qvdt3feo.com/	1970-01-21 02:48:17	Name: sa-user-id Value: s%3A0-3f034712-633b-5c9e-600d-bf13af836540.tfNysuxc3auERrxEaQe6H%2FrMfEEIniZhNOG5OoOjKKE
qvdt3feo.com/	1970-01-21 02:48:17	Name: sa-user-id-v2 Value: s%3APwNHEmM7XJ5gDb8Tr4NlQGdLC2s.IYYpBGkwCVfGocsMNAnd5p6imbuLHi0tIgBoBKGIXhY
.qvdt3feo.com/	1970-01-21 02:48:17	Name: sa-user-id-v2 Value: s%3APwNHEmM7XJ5gDb8Tr4NlQGdLC2s.IYYpBGkwCVfGocsMNAnd5p6imbuLHi0tIgBoBKGIXhY
qvdt3feo.com/	1970-01-21 02:48:17	Name: sa-user-id-v3 Value: s%3AAQAKIIrklDoTwO_HvkkyEUPoSqV7_vDlD6IWwSV3jTzLsEtQEL0BGAQg6qLgrQYwAToEWZd3AkIEbKAisw.fIyfemSWE3O9Q2gOVFO%2Brtzx4lad7DmRZwg%2FG%2BbdwkM
.qvdt3feo.com/	1970-01-21 02:48:17	Name: sa-user-id-v3 Value: s%3AAQAKIIrklDoTwO_HvkkyEUPoSqV7_vDlD6IWwSV3jTzLsEtQEL0BGAQg6qLgrQYwAToEWZd3AkIEbKAisw.fIyfemSWE3O9Q2gOVFO%2Brtzx4lad7DmRZwg%2FG%2BbdwkM
.connatix.com/	1970-01-20 18:45:53	Name: cnx_userId Value: 326b87b9039f4b66a570b79fca3aa18f
.sharethrough.com/	1970-01-20 18:45:53	Name: stx_user_id Value: 5c942b58-fdf5-4f86-b9b1-9f2b8f746b21
.go.sonobi.com/	1970-01-20 18:49:29	Name: __uir_st Value: 146145273121814106
.go.sonobi.com/	1970-01-21 02:48:17	Name: __uin_st Value: PwNHEmM7XJ5gDb8Tr4NlQGdLC2s
.bidr.io/	1970-01-21 03:31:11	Name: bito Value: AAPVh07LcCMAABRUfEOdMg
.bidr.io/	1970-01-21 03:31:11	Name: bitoIsSecure Value: ok
.amazon-adsystem.com/	1970-01-21 03:38:41	Name: ad-privacy Value: 0
.adnxs.com/	1970-01-20 20:12:17	Name: anj Value: dTM7k!M40DDunaTF']wIg2E?jpcmNR!]tbP6j2F-.aDHYByFV-hV40e5?LmEABwOe8B#%tvHa/ki'Hqg0D((R484
.adnxs.com/	1970-01-20 20:12:17	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxSWkVXM0VTLVAtVEg0IiwiZXhwaXJlcyI6IjIwMjQtMDQtMjhUMjA6NTg6MTlaIn19LCJiaXJ0aGRheSI6IjIwMjQtMDEtMjlUMjA6NTg6MTlaIn0=
.analytics.yahoo.com/	1970-01-21 02:48:17	Name: IDSYNC Value: "191a~2ggk:18vk~2ggk:19e0~2ggk"
.amazon-adsystem.com/	1970-01-20 23:56:56	Name: ad-id Value: A40f6_FIFUcOuTl8vgv5uSc
.eyeota.net/	1970-01-21 02:49:44	Name: mako_uid Value: 18d57040cbb-f780000010d421f
.eyeota.net/	1970-01-20 18:02:42	Name: SERVERID Value: 16927~DM
.rubiconproject.com/	1970-01-21 02:48:17	Name: audit Value: 1\|eWm5rV23ouIAXfuX+ryTRNREzAZcDhD+p5KkmGagaAsqKQhgTiDwSmO5xpdwFYtCCjTRAxgltbVYuqoIiPk057iLOlCEhdvdrya/RWHY6LiRR2TiSaZrZP+ZVlrt+IS1dk1bRs4ySpW3RLaEzdsaWSJhQ/LyRhP4HvD/ajeJcIiES1lPyBBTU0DX1TLXysIcTq+ifMbBFMWjzkR9xgavm1DRENvI8x8DJFbuTCT2MpQ=
.id5-sync.com/	1970-01-20 20:12:17	Name: 3pi Value: 112#1706561899311#-63517163#EDEB08B18D447FC\|102#1706561897835#-2030514475\|264#1706561898224#261437422#43a4982c-151d-422a-9f30-e68972fa9133\|123#1706561899975#270398264
.intentiq.com/	1970-01-21 03:38:41	Name: intentIQ Value: 1U5BGGCG4J
.intentiq.com/	1970-01-21 03:38:41	Name: IQver Value: 1.9
ref-lek-ti-one-rom-val.blog/	1970-01-20 18:02:43	Name: __utmb Value: 1.2.9.1706561900520
.intentiq.com/	1970-01-21 03:38:41	Name: CSDT Value: UEQ6MTUxMDZfMCZVMm10b2ts
.intentiq.com/	1970-01-21 03:38:41	Name: intentIQCDate Value: 1706561900450
.intentiq.com/	1970-01-21 03:38:41	Name: ASDT Value: 0
.intentiq.com/	1970-01-21 03:38:41	Name: IQPData Value: 1732971371#1706561900449#0#1706561900449

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://usersync.gumgum.com/usersync?b=pln&i=3GaNu3pmOEWg&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355 Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-cdn.technoratimedia.com
ads.pubmatic.com
b1sync.zemanta.com
bh.contextweb.com
c0.pubmine.com
c1.adform.net
capi.connatix.com
ced.sascdn.com
cm.g.doubleclick.net
cms.quantserve.com
contextual.media.net
creativecdn.com
de.tynt.com
dpm.demdex.net
eb2.3lift.com
eus.rubiconproject.com
events-ssc.33across.com
fonts-api.wp.com
fonts.wp.com
hb.yahoo.net
ib.adnxs.com
ic.tynt.com
id5-sync.com
image6.pubmatic.com
live.primis.tech
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
odr.mookie1.com
p.rfihub.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.wp.com
pr-bh.ybp.yahoo.com
ps.eyeota.net
public-api.wordpress.com
px.ads.linkedin.com
qvdt3feo.com
r-login.wordpress.com
r.skimresources.com
ref-lek-ti-one-rom-val.blog
rtb-csync.smartadserver.com
rtb.gumgum.com
s.ad.smaato.net
s.amazon-adsystem.com
s.pubmine.com
s.skimresources.com
s0.wp.com
secure-assets.rubiconproject.com
secure.adnxs.com
simage4.pubmatic.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssl.google-analytics.com
ssum-sec.casalemedia.com
stats.wp.com
sync.go.sonobi.com
sync.inmobi.com
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.teads.tv
sync.technoratimedia.com
sync1.intentiq.com
t.adx.opera.com
t.skimresources.com
tg.socdm.com
token.rubiconproject.com
u.openx.net
uipglob.semasio.net
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
ut.pubmatic.com
visitor.omnitagjs.com
www.ref-lek-ti-one-rom-val.blog
x.bidswitch.net
103.43.90.179
103.43.90.53
104.68.31.231
104.72.70.27
104.99.59.34
119.9.108.191
124.146.153.161
13.35.147.78
151.101.1.108
151.139.128.10
162.19.138.119
169.197.150.7
172.217.24.34
172.64.146.152
172.64.151.101
18.143.106.89
185.184.8.90
185.84.60.23
192.0.76.3
192.0.77.32
192.0.77.38
192.0.78.19
192.0.78.23
192.0.78.24
198.8.71.130
20.127.253.7
207.65.33.76
23.106.127.39
23.106.127.53
23.106.127.57
23.198.59.89
23.204.64.24
23.204.65.234
23.204.65.54
2404:6800:4006:804::2008
2406:da18:929:5a01:dcfb:166e:80ad:dfdd
2600:9000:2083:5000:1b:5138:8a40:93a1
2600:9000:243a:d200:1a:5235:f980:93a1
2603:c020:400d:3000:f50:982a:7877:65bd
2606:2800:10c:84af:88cd:a4c9:e204:b71d
2620:116:800e:21:46d:7e81:55ff:4c12
2620:1ec:21::14
34.111.79.67
34.117.239.71
34.193.170.224
35.190.59.101
35.201.67.47
35.213.12.39
35.244.159.8
44.236.119.85
44.240.244.248
52.220.70.131
52.223.2.229
52.223.40.198
52.38.203.118
52.46.130.91
52.86.75.60
54.146.3.211
54.153.211.209
54.204.112.220
54.215.152.213
54.239.38.253
57.180.149.130
64.202.112.127
67.199.150.80
67.199.150.81
67.202.105.24
67.202.105.33
69.173.158.64
72.34.250.75
74.121.140.211
74.214.196.131
8.43.72.97
82.145.213.8
98.98.134.243
02f9d88f20a2389ec219ac0d59cf9748d8f8f552a16d592494018a21a04efa70
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c1825f2e791ed1abf30a4cb7773f980fb6bbb256b40eec26dce50ff77ed005c
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1284252c0fbd4c05cf335d0e9694befe652a1fee9b55433c14a7014ab9754950
14786da2802101a31abad86bcc381b730162ca140c5b7eb0fcf00f7956382718
1b3ca133575b7b4eaba1afdd8eacb98be8605603d323360ae79b094d90710277
1ceab22834da9ea5e3f3e183a99c430260ae3033e995a25965761707e61eab6e
28725bb710c49bdbc2c33ae596fbd6d897715d2a8283c768f7ea29819406d9f9
28f17848c3b64ee19d529aa7caeedd1e2a389837e1310fb74e6175a7ce5cb185
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2bd27fb4cdd30b9b0c730e44a8ec482a49dbf95eaa5c3f399c816dfef9990beb
2cd08f698b77fef50d76846cb3f4f32cd6a47f98ba07b717a8d44a08ce6cf11b
2d13d054dec619ab84fd414a83959ab61fb660553b23ba9aaf43f7c4940e5b96
35dfb3e21acbb626befad4937c1162b219c250ed0f863fa65d9fb2c9f9c1dabe
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4454d9d3961cb38ef425de34b4e6173fe6d284f8625c74c6d125aec648a25d08
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
482557e9a36abd333794bc970936371d1e516a179f73fb5765f67af03c854e98
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
50aa2998bc7f7d8ef309fa4acc64d939f3c87ac96a0872ecaad9c7d292b1090a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55967e8b48ca861fd270485e79457039512b1a4dbdb3a572741c0aa737bca814
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6550610a8b8c68c259d1b261e9d8eec342fbb65a1f8c74ba40a995aea363e4a5
667bf42b6718c05fa0121720bc1d20d73e2a0e33a7d4df9c9255e0bc95beda86
66b10322968093772e35bd5ce74c824dba3ca8fe6c3ed3b1bf2330827ad1fc62
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
716a727e47216ad28191f60fb09d59015b1bcb3df8cc32b5bb94f73d534a5732
71df132c94f689f31822d47f4c4651b3639b7eb548a20bac80d9f30f686312a3
79674b01741c3978417b6b9b4b98d125755e7bb468979d5cd593eac4b94cdb91
8014475579114c0ee1badd45256bd1063920124d618afe6a6bfee3854d268903
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8664f6b61a5bdf0f339c1ef04532e924a52f6b77003c6fb47da16ab4a779d008
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
906f18075913738d5463a9d00bade872fd6aa0e7a6994a79b4447b0b14626ea7
947d703f577549cbb0b1a4143f3b363ec9c7cf309587d5b12b87f0e64ff99db4
963ef2b3b0a8b5db60d69df5814239c385bc4e8e8781c6c24bc7390457e1e6dc
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a900c75ff4b94ebc8ba82768df4345bb01390ef53ed59b933cae77d6cbd351f
9b09fce25bd8c396410d60a125123e72e75042ce6a2637c23d647a26d47d10c3
9c83b89ab9d2677980617afacb833a74da3050a2d3d711176b500d7922e49ab5
9da68a2041121bd70ba1224bd2240dea9ef6ca2e8a07d500c4d74d731c127f13
9f62772ae302196cd11367ab5a09595d70c0e5ef14e6d0ea038318b25ee85f60
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a6dc271cbdaa05e97c5144483628df9e30b68326e5b04a5fef3322af1c0f22e0
a914ebd8267f0641e0ebd8333aa52a13ec9635160335147b7d90aed18c6db017
abee457af55d5e958ad774ec565fb94143487f860500437439a2d208e35058f8
b2d0e2ede6aaacb8d95f4c09d086faa1360e9f521f1c60da9ac0fadea0171e2b
b32ac08ac704f56f164eca7ed8dbc4ff2c50dff8f9e3527d2c52c93081672b02
b88bc818f09d63feaa1a980f7a5c59ef6afab11e7e426623b620fc50f1edf231
b958d10b8b3d47942c376576786aefa35104a54cb3470766386b5763eb63b1ce
c0e93b5ebf107af77d9e7d101d186b3b93e9d5ad4fbb6a74e2dea60173cc04f8
c1e19fc3e6904501de37c171da1f3747ed0dfccf0e02277e9f50e1153e4a6277
c1e62caa83381d8a3c58be2a17f28bff4176e8ddcd882bb923f3152852c06df9
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c6f921178c04e85a2499b306b750c3404727a71e251c88d8d4b905aba13545ee
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
de0875750b88887e16ec6a11efb64e5cad3b343dd794891e8c1dd33f470e39f5
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e
de87ef766937eaf5107ea3e9a2a378f39aa123abfc451de76e011f887be28b39
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0438890c8404143b19a3c0d2f7c9df390a24ac84ab3d4a63f4a65363afe6202
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fcc9567961da5127e60cd297fc75a6ec891577c58d3e27dd50d1d886b83a5d16
fdab7ebd6e42f16b9e3014ddfeffbf150773e27770c4ed4b9850ead004fe6db9

ref-lek-ti-one-rom-val.blog Open in urlscan Pro 192.0.78.24 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

154 Requests

63 %HTTPS

11 %IPv6

55 Domains

83 Subdomains

47 IPs

10 Countries

1221 kBTransfer

2485 kBSize

91 Cookies

9 Outgoing links

Page URL History

Redirected requests

154 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ref-lek-ti-one-rom-val.blog Open in urlscan Pro
192.0.78.24 Public Scan

Screenshot
Live screenshot

Full Image

154
Requests

63 %
HTTPS

11 %
IPv6

55
Domains

83
Subdomains

47
IPs

10
Countries

1221 kB
Transfer

2485 kB
Size

91
Cookies

154 HTTP transactions
1 data transactions