androidmtk.com Open in urlscan Pro
192.124.249.19 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://androidmtk.com/lg-firmware-extract-tool
Submission Tags: falconsandbox
Submission: On July 25 via api (July 25th 2022, 6:03:12 am UTC) from US — Scanned from DE

Summary HTTP 150 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 58 IPs in 10 countries across 64 domains to perform 150 HTTP transactions. The main IP is 192.124.249.19, located in Menifee, United States and belongs to SUCURI-SEC, US. The main domain is androidmtk.com.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on May 24th 2022. Valid for: a year.

This is the only time androidmtk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	192.124.249.19 192.124.249.19	30148 (SUCURI-SEC) (SUCURI-SEC)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
17	2606:4700::68... 2606:4700::6810:8516	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	94.31.29.32 94.31.29.32	33438 (STACKPATH) (STACKPATH)
2	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
3	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
5	108.138.4.10 108.138.4.10	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	46.105.202.126 46.105.202.126	16276 (OVH) (OVH)
3	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
1	178.62.198.146 178.62.198.146	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:272	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.255.84.151 185.255.84.151	200271 (IGUANE-) (IGUANE-)
4	52.28.203.152 52.28.203.152	16509 (AMAZON-02) (AMAZON-02)
12	34.251.34.15 34.251.34.15	16509 (AMAZON-02) (AMAZON-02)
3	216.52.2.39 216.52.2.39	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2	54.146.39.184 54.146.39.184	14618 (AMAZON-AES) (AMAZON-AES)
1	34.107.148.139 34.107.148.139	15169 (GOOGLE) (GOOGLE)
2 4	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	52.59.116.64 52.59.116.64	16509 (AMAZON-02) (AMAZON-02)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 4	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:400c:c1b::9b	15169 (GOOGLE) (GOOGLE)
1	141.95.98.71 141.95.98.71	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.66.112.30 18.66.112.30	16509 (AMAZON-02) (AMAZON-02)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.193.108 151.101.193.108	54113 (FASTLY) (FASTLY)
1	52.48.21.211 52.48.21.211	16509 (AMAZON-02) (AMAZON-02)
1 2	185.86.139.102 185.86.139.102	201081 (SMARTADSE...) (SMARTADSERVER)
2 6	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	216.52.2.48 216.52.2.48	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1 1	34.225.35.162 34.225.35.162	14618 (AMAZON-AES) (AMAZON-AES)
3 3	213.19.147.44 213.19.147.44	26120 (RHYTHMONE) (RHYTHMONE)
6	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 1	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	147.75.85.234 147.75.85.234	54825 (PACKET) (PACKET)
3 3	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1 1	50.19.106.30 50.19.106.30	14618 (AMAZON-AES) (AMAZON-AES)
2	104.16.200.58 104.16.200.58	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 4	162.19.80.92 162.19.80.92	16276 (OVH) (OVH)
2	185.86.139.114 185.86.139.114	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	37.252.173.38 37.252.173.38	29990 (ASN-APPNEX) (ASN-APPNEX)
1	88.214.206.247 88.214.206.247	46636 (NATCOWEB) (NATCOWEB)
1 17	34.247.233.198 34.247.233.198	16509 (AMAZON-02) (AMAZON-02)
4 4	3.127.61.11 3.127.61.11	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
3 3	64.202.112.31 64.202.112.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	52.50.170.21 52.50.170.21	16509 (AMAZON-02) (AMAZON-02)
1 1	34.200.181.104 34.200.181.104	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:80b2:ded:f09c:81b2	16509 (AMAZON-02) (AMAZON-02)
1 1	52.7.59.203 52.7.59.203	14618 (AMAZON-AES) (AMAZON-AES)
1 1	129.158.42.199 129.158.42.199	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1	38.91.45.7 38.91.45.7	398989 (DEEPINTENT) (DEEPINTENT)
2 2	50.31.142.191 50.31.142.191	23352 (SERVERCEN...) (SERVERCENTRAL)
1 1	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	54.155.185.156 54.155.185.156	16509 (AMAZON-02) (AMAZON-02)
1 1	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
1 1	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
3 5	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2 2	3.74.89.102 3.74.89.102	16509 (AMAZON-02) (AMAZON-02)
1 1	202.241.208.56 202.241.208.56	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
2 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1 1	23.75.240.210 23.75.240.210	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.205.235.133 23.205.235.133	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	209.54.182.161 209.54.182.161	16509 (AMAZON-02) (AMAZON-02)
1 1	34.111.151.213 34.111.151.213	15169 (GOOGLE) (GOOGLE)
1 1	34.192.115.74 34.192.115.74	14618 (AMAZON-AES) (AMAZON-AES)
1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
2	2606:4700::68... 2606:4700::6810:79c3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
150	58

8 192.124.249.19 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10019.sucuri.net

androidmtk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700::6810:8516 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 94.31.29.32 (London, United Kingdom)

ASN33438 (STACKPATH, US)
PTR: 94.31.29.32.IPYX-077437-ZYO.above.net

cdn4.buysellads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 108.138.4.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-10.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.202.126 (France)

ASN16276 (OVH, FR)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.62.198.146 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: srv-eu-nl-14.buysellads.com

srv.buysellads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.151 (Ivry-sur-Seine, France)

ASN200271 (IGUANE-, FR)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 34.251.34.15 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-34-15.eu-west-1.compute.amazonaws.com

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.52.2.39 (United States)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.146.39.184 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-39-184.compute-1.amazonaws.com

mantodea.mantisadnetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

buysellads-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.59.116.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-116-64.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.172.123 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.71 (France)

ASN16276 (OVH, FR)
PTR: ns3216577.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-30.fra56.r.cloudfront.net

public.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.21.211 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-21-211.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.102 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.19.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.48 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.225.35.162 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-35-162.compute-1.amazonaws.com

x.yieldlift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.44 (Beverwijk, Netherlands) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.129 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Rijswijk, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.85.234 (Schiphol, Netherlands) 1 redirects

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.56.137 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.19.106.30 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-106-30.compute-1.amazonaws.com

ssp.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.200.58 (None, )

ASN13335 (CLOUDFLARENET, US)

pixel.yabidos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.19.80.92 (France) 4 redirects

ASN16276 (OVH, FR)
PTR: ns3011863.ip-162-19-80.eu

gu.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.114 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.38 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.214.206.247 (United Kingdom)

ASN46636 (NATCOWEB, US)
PTR: buycheapfags.com

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 34.247.233.198 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com

usersync.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.127.61.11 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-61-11.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.30 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.202.112.31 (Leesburg, United States) 3 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.50.170.21 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-170-21.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.200.181.104 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-181-104.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:80b2:ded:f09c:81b2 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.7.59.203 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-59-203.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 129.158.42.199 (Ashburn, United States) 1 redirects

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.31.142.191 (Lincolnwood, United States) 2 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.191 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.155.185.156 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-185-156.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.139 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.244 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.74.89.102 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-74-89-102.eu-central-1.compute.amazonaws.com

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.241.208.56 (Japan) 1 redirects

ASN4694 (IDCF IDC Frontier Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.75.240.210 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-240-210.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.54.182.161 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.151.213 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 213.151.111.34.bc.googleusercontent.com

dmp.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.192.115.74 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-115-74.compute-1.amazonaws.com

sync.extend.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:79c3 (United States)

ASN13335 (CLOUDFLARENET, US)

pre.glotgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	gumgum.com 1 redirects g2.gumgum.com — Cisco Umbrella Rank: 1549 usersync.gumgum.com — Cisco Umbrella Rank: 2074	6 KB
17	demand.supply live.demand.supply — Cisco Umbrella Rank: 38208	40 KB
13	servenobid.com ads.servenobid.com — Cisco Umbrella Rank: 1985 public.servenobid.com — Cisco Umbrella Rank: 4225	8 KB
10	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 211 googleads.g.doubleclick.net — Cisco Umbrella Rank: 56 stats.g.doubleclick.net — Cisco Umbrella Rank: 117 cm.g.doubleclick.net — Cisco Umbrella Rank: 205	164 KB
8	yahoo.com 4 redirects c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1033 ups.analytics.yahoo.com — Cisco Umbrella Rank: 285 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 473	2 KB
8	androidmtk.com androidmtk.com	84 KB
7	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 460 r.casalemedia.com — Cisco Umbrella Rank: 770 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 531 dsum.casalemedia.com — Cisco Umbrella Rank: 1250	7 KB
7	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 234 acdn.adnxs.com — Cisco Umbrella Rank: 566 secure.adnxs.com — Cisco Umbrella Rank: 430	37 KB
7	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 323 s.amazon-adsystem.com — Cisco Umbrella Rank: 287	45 KB
6	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 362	2 KB
6	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 333 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1045 eus.rubiconproject.com — Cisco Umbrella Rank: 598 token.rubiconproject.com — Cisco Umbrella Rank: 703	11 KB
5	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 505 ads.pubmatic.com — Cisco Umbrella Rank: 485 image6.pubmatic.com — Cisco Umbrella Rank: 634	18 KB
5	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 699 ce.lijit.com — Cisco Umbrella Rank: 973	2 KB
4	bidswitch.net 4 redirects x.bidswitch.net — Cisco Umbrella Rank: 292	2 KB
4	dyntrk.com 4 redirects gu.dyntrk.com — Cisco Umbrella Rank: 1358	2 KB
4	smartadserver.com 1 redirects ssbsync.smartadserver.com — Cisco Umbrella Rank: 941 rtb-csync.smartadserver.com — Cisco Umbrella Rank: 626	2 KB
4	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 811	399 B
4	openx.net 2 redirects buysellads-d.openx.net — Cisco Umbrella Rank: 42918 u.openx.net — Cisco Umbrella Rank: 718 us-u.openx.net — Cisco Umbrella Rank: 391	807 B
3	outbrain.com 3 redirects sync.outbrain.com — Cisco Umbrella Rank: 730	1 KB
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 543	2 KB
3	4dex.io script.4dex.io — Cisco Umbrella Rank: 2656 mp.4dex.io — Cisco Umbrella Rank: 3696	24 KB
3	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2112	95 KB
3	buysellads.net cdn4.buysellads.net — Cisco Umbrella Rank: 14127	202 KB
3	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123	232 KB
2	glotgrx.com pre.glotgrx.com — Cisco Umbrella Rank: 6404	392 B
2	creativecdn.com 2 redirects creativecdn.com — Cisco Umbrella Rank: 632	700 B
2	emxdgt.com 2 redirects cs.emxdgt.com — Cisco Umbrella Rank: 940	484 B
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 640	635 B
2	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 650	623 B
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 534	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 606	950 B
2	yabidos.com pixel.yabidos.com — Cisco Umbrella Rank: 6326	25 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 615	57 KB
2	gstatic.com fonts.gstatic.com	170 KB
2	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 1326	225 B
2	media.net prebid.media.net — Cisco Umbrella Rank: 1348 contextual.media.net — Cisco Umbrella Rank: 515	8 KB
2	mantisadnetwork.com mantodea.mantisadnetwork.com — Cisco Umbrella Rank: 12503	839 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1450 id5-sync.com — Cisco Umbrella Rank: 546	12 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	20 KB
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 579	191 B
1	extend.tv 1 redirects sync.extend.tv — Cisco Umbrella Rank: 1666	546 B
1	brand-display.com 1 redirects dmp.brand-display.com — Cisco Umbrella Rank: 1893	349 B
1	socdm.com 1 redirects tg.socdm.com — Cisco Umbrella Rank: 1217	696 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 474	660 B
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 541	388 B
1	bluekai.com 1 redirects stags.bluekai.com — Cisco Umbrella Rank: 504	759 B
1	deepintent.com match.deepintent.com — Cisco Umbrella Rank: 935	44 B
1	technoratimedia.com 1 redirects sync.technoratimedia.com — Cisco Umbrella Rank: 1149	339 B
1	ipredictive.com 1 redirects sync.ipredictive.com — Cisco Umbrella Rank: 1038	433 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 762	582 B
1	bidr.io match.prod.bidr.io — Cisco Umbrella Rank: 481	430 B
1	admanmedia.com cs.admanmedia.com — Cisco Umbrella Rank: 1644	225 B
1	disqus.com 1 redirects ssp.disqus.com — Cisco Umbrella Rank: 2647	283 B
1	a-mo.net 1 redirects prebid.a-mo.net — Cisco Umbrella Rank: 1317	192 B
1	sonobi.com sync.go.sonobi.com — Cisco Umbrella Rank: 1017	474 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 771	735 B
1	yieldlift.com 1 redirects x.yieldlift.com — Cisco Umbrella Rank: 4281	593 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 72	4 KB
1	criteo.com bidder.criteo.com — Cisco Umbrella Rank: 722	312 B
1	omnitagjs.com hb-api.omnitagjs.com — Cisco Umbrella Rank: 4490	1 KB
1	buysellads.com srv.buysellads.com — Cisco Umbrella Rank: 15877	666 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1724	328 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	28 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 93	41 KB
150	64

	Domain	Requested by
17	usersync.gumgum.com	1 redirects g2.gumgum.com
17	live.demand.supply	androidmtk.com live.demand.supply client
12	ads.servenobid.com	cdn4.buysellads.net public.servenobid.com ssbsync.smartadserver.com g2.gumgum.com r.casalemedia.com
8	androidmtk.com	androidmtk.com
6	match.adsrvr.org	public.servenobid.com mantodea.mantisadnetwork.com ssbsync.smartadserver.com g2.gumgum.com r.casalemedia.com
5	cm.g.doubleclick.net	3 redirects g2.gumgum.com r.casalemedia.com
5	c.amazon-adsystem.com	live.demand.supply c.amazon-adsystem.com
4	dsum-sec.casalemedia.com	1 redirects r.casalemedia.com
4	x.bidswitch.net	4 redirects
4	gu.dyntrk.com	4 redirects
4	ib.adnxs.com	2 redirects cdn4.buysellads.net acdn.adnxs.com
4	onetag-sys.com	cdn4.buysellads.net public.servenobid.com
4	c2shb.ssp.yahoo.com	cdn4.buysellads.net
3	sync.outbrain.com	3 redirects
3	ups.analytics.yahoo.com	3 redirects
3	sync.1rx.io	3 redirects
3	ads.pubmatic.com	cdn4.buysellads.net public.servenobid.com g2.gumgum.com
3	ap.lijit.com	cdn4.buysellads.net public.servenobid.com
3	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
3	securepubads.g.doubleclick.net	live.demand.supply securepubads.g.doubleclick.net
3	cdn4.buysellads.net	androidmtk.com
3	pagead2.googlesyndication.com	androidmtk.com live.demand.supply pagead2.googlesyndication.com
2	pre.glotgrx.com	mantodea.mantisadnetwork.com
2	s.amazon-adsystem.com	1 redirects r.casalemedia.com
2	eus.rubiconproject.com	g2.gumgum.com eus.rubiconproject.com
2	creativecdn.com	2 redirects
2	cs.emxdgt.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	ad.360yield.com	2 redirects
2	b1sync.zemanta.com	2 redirects
2	us-u.openx.net	2 redirects
2	c1.adform.net	2 redirects
2	secure.adnxs.com	2 redirects
2	rtb-csync.smartadserver.com	ssbsync.smartadserver.com
2	pixel.yabidos.com	mantodea.mantisadnetwork.com pixel.yabidos.com
2	ce.lijit.com	2 redirects
2	pixel.rubiconproject.com	public.servenobid.com g2.gumgum.com
2	ssbsync.smartadserver.com	1 redirects public.servenobid.com
2	static.criteo.net	cdn4.buysellads.net static.criteo.net
2	fonts.gstatic.com	fonts.googleapis.com
2	btlr.sharethrough.com	cdn4.buysellads.net
2	mantodea.mantisadnetwork.com	cdn4.buysellads.net
2	script.4dex.io	cdn4.buysellads.net script.4dex.io
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	token.rubiconproject.com	g2.gumgum.com
1	pixel-sync.sitescout.com	r.casalemedia.com
1	sync.extend.tv	1 redirects
1	dsum.casalemedia.com	r.casalemedia.com
1	dmp.brand-display.com	1 redirects
1	secure-assets.rubiconproject.com	1 redirects
1	tg.socdm.com	1 redirects
1	sync.mathtag.com	1 redirects
1	bh.contextweb.com	1 redirects
1	stags.bluekai.com	1 redirects
1	match.deepintent.com	g2.gumgum.com
1	sync.technoratimedia.com	1 redirects
1	sync.ipredictive.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	match.prod.bidr.io	g2.gumgum.com
1	cs.admanmedia.com	ssbsync.smartadserver.com
1	image6.pubmatic.com	ads.pubmatic.com
1	ssp.disqus.com	1 redirects
1	prebid.a-mo.net	1 redirects
1	sync.go.sonobi.com	public.servenobid.com
1	p.rfihub.com	1 redirects
1	x.yieldlift.com	1 redirects
1	r.casalemedia.com	public.servenobid.com
1	ssum-sec.casalemedia.com	1 redirects
1	g2.gumgum.com	public.servenobid.com
1	acdn.adnxs.com	cdn4.buysellads.net
1	contextual.media.net	cdn4.buysellads.net
1	public.servenobid.com	cdn4.buysellads.net
1	u.openx.net	cdn4.buysellads.net
1	fonts.googleapis.com
1	id5-sync.com	cdn.id5-sync.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	hbopenbid.pubmatic.com	cdn4.buysellads.net
1	bidder.criteo.com	cdn4.buysellads.net
1	buysellads-d.openx.net	cdn4.buysellads.net
1	prebid.media.net	cdn4.buysellads.net
1	hb-api.omnitagjs.com	cdn4.buysellads.net
1	mp.4dex.io	cdn4.buysellads.net
1	srv.buysellads.com	cdn4.buysellads.net
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	cdn.id5-sync.com	androidmtk.com
1	www.googletagservices.com	cdn4.buysellads.net
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	www.googletagmanager.com	androidmtk.com
150	89

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
androiddatahost.com
feeds.feedburner.com
sulvo.com

Subject Issuer	Validity	Valid
androidmtk.com Starfield Secure Certificate Authority - G2	`2022-05-24` - `2023-05-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2022-03-21` - `2023-03-21`	a year	crt.sh
*.buysellads.net Sectigo RSA Domain Validation Secure Server CA	`2021-08-03` - `2022-09-03`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
cdn.id5-sync.com R3	`2022-06-22` - `2022-09-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2022-06-01` - `2022-08-30`	3 months	crt.sh
*.buysellads.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-09` - `2023-06-09`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-08` - `2022-08-31`	6 months	crt.sh
ads.servenobid.com Amazon	`2022-05-29` - `2023-06-27`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.mantisadnetwork.com Amazon	`2021-10-14` - `2022-11-11`	a year	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-06` - `2023-05-04`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.id5-sync.com R3	`2022-05-31` - `2022-08-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-21` - `2022-09-23`	3 months	crt.sh
*.servenobid.com Amazon	`2022-02-06` - `2023-03-07`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
*.gumgum.com Amazon	`2022-05-06` - `2023-06-04`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2021-12-08` - `2023-01-09`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.admanmedia.com Go Daddy Secure Certificate Authority - G2	`2022-04-21` - `2023-05-23`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2022-05-02` - `2023-06-03`	a year	crt.sh
*.ad-server.k8s.ie.ggops.com Amazon	`2022-02-15` - `2023-03-16`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh

This page contains 24 frames:

Primary Page: https://androidmtk.com/lg-firmware-extract-tool
Frame ID: BF9B8E6B267BDC337758BC6753844B54
Requests: 81 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20190131/zrt_lookup.html
Frame ID: 5FE39855F1AAFB1397399F260E9CE41F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Frame ID: 22FAE8B961839B936827F66B3F6BCA94
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1658728986572
Frame ID: 03D14C0AFE3F301E19AADB52CE1DFC91
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 5AC9DDCB4825EA5BD4946F4D4E994CAF
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 2DEA28F93290AAE3434BDC018B3BD9A1
Requests: 13 HTTP requests in this frame

Frame: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1658728986638&secure=true&version=9&uuid=af02ae5d-38c1-40fb-b40f-0107a516a90c&title=Download%20LG%20Firmware%20Extract%20Tool%20(.kdz%20.dz%20extract%20tool)&url=https%3A%2F%2Fandroidmtk.com%2Flg-firmware-extract-tool
Frame ID: DE7C6D0C1CDC072F50892DC1C401D7E4
Requests: 6 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 294CC8A97E90C8C3A292B0A2374C2C3A
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=8128488
Frame ID: 5062B96090F00BF5E3F484FFE3A4A821
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 47E9AB613EF0155EE54CAD9DBFC1784C
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Frame ID: 9CA3E602AA211C50541E5813B50C4B2A
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 9A0844A96F7385C554C48862C92162F1
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: C8A969F07CC39EAE5446CC8B6107888A
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 5AE622C85EB66323239977F5A4F05AD0
Requests: 6 HTTP requests in this frame

Frame: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Frame ID: 1DE21065769323770BB29704F550BA54
Requests: 10 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=8fcc62de-321e-4600-9ada-5fc76f13a6d2&gdpr=0&gdpr_consent=
Frame ID: 1656582599952A4C9410DE71B810D5A5
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=Yt4yHgABcvvSCwAK&gdpr=0&gdpr_consent=&_test=Yt4yHgABcvvSCwAK
Frame ID: 330C8A1A272AF1FE61699ECEE4480617
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV80Mzg5MjAwMC03N2RkLTQzZjEtODQ4MS0xMmY4Mzg5ZWRhZDM=&gdpr=0&gdpr_consent=&google_tc=
Frame ID: 89BE036194927071735F14D29D352B96
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 86417645188B8B472753B0EE3A605164
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: CF76BD73F3B768E4D05484583B73A649
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=emx&uid=4887541690117213452brt50801658728990146679f1
Frame ID: 1E343170EA1F3C48C3915CBA5C574D79
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Yt4yHsCo5s0AAIqH7ogAAAAA
Frame ID: E38FCE34A728C3155ADF3C2C0E52E0CD
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=6ppXcRtZLDbfWdRZoNTY&pi=gumgum&tc=1
Frame ID: 09F285B11DD169DFCB8E5615BA27B822
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 1A1CCB2DEB9259791450132256E1C915
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Download LG Firmware Extract Tool (.kdz .dz extract tool)

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

150
Requests

81 %
HTTPS

18 %
IPv6

64
Domains

89
Subdomains

58
IPs

10
Countries

1341 kB
Transfer

3533 kB
Size

61
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/intent/tweet?text=Download%20LG%20Firmware%20Extract%20Tool%20-%20https%3A%2F%2Fandroidmtk.com%2Flg-firmware-extract-tool%20%23android

Search URL Search Domain Scan URL

URL: https://www.facebook.com/share.php?u=https://androidmtk.com/lg-firmware-extract-tool

Search URL Search Domain Scan URL

URL: https://androiddatahost.com/n77yy
Title: LG_Firmware_Extract_v1.2.1.0.zip

Search URL Search Domain Scan URL

URL: https://androiddatahost.com/f3uzu
Title: LG_Firmware_Extract_v1.2.3.0.zip

Search URL Search Domain Scan URL

URL: https://androiddatahost.com/agyr5
Title: LG_Firmware_Extract_v1.2.5.0.zip

Search URL Search Domain Scan URL

URL: https://androiddatahost.com/8pqgs
Title: LG_Firmware_Extract_v1.2.6.1.zip

Search URL Search Domain Scan URL

URL: https://feeds.feedburner.com/androidmtk

Search URL Search Domain Scan URL

URL: https://twitter.com/androidmtk

Search URL Search Domain Scan URL

URL: https://sulvo.com/?utm_source=https://androidmtk.com/lg-firmware-extract-tool&utm_adtype=sticky_display&utm_medium=sulvo

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 91

https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D HTTP 302
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Request Chain 93

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
https://ads.servenobid.com/sync?pid=312&uid=4887541690117213452

Request Chain 94

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
https://ads.servenobid.com/sync?pid=310&uid=FCHrtRZHvpAIpFvpTweyNc0S

Request Chain 96

https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID HTTP 301
https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiNDZlNzk4MDUtMDUzNy00Y2NmLTkzMDEtYjRlOTlmNGJhZDI0IiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wNy0yNVQwNjowMzoxMC4yMjg2MjlaIn0=

Request Chain 97

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1658728989877 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8339348169

Request Chain 98

https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
https://ads.servenobid.com/sync?pid=324&uid=5131077722052304941

Request Chain 100

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
https://ads.servenobid.com/sync?pid=327&uid=99471318-277a-43f5-b3f6-3c4e9bf911f1&gdpr=0&gdpr_consent=&us_privacy=1YN-

Request Chain 101

https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58559/occ?verify=true HTTP 302
https://ads.servenobid.com/sync?pid=337&uid=y-3j..nalE2uFT_r4x4AV1o06xUn1Ufqsml6ay3Ww-~A

Request Chain 102

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
https://ads.servenobid.com/sync?pid=346&uid=778e9758-ed20-bec4-3141-bf25ed4d3746

Request Chain 103

https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
https://ads.servenobid.com/sync?pid=339&uid=y-3j..nalE2uFT_r4x4AV1o06xUn1Ufqsml6ay3Ww-~A

Request Chain 111

https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdpr_consent%3D$GDPR_CONSENT&gdpr=0&gdpr_consent= HTTP 302
https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdpr_consent%3D$GDPR_CONSENT&gdpr=0&gdpr_consent=&prevuid=03030001_62de321e25beb&knw= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=03030001_62de321e25beb&gdpr=0&gdpr_consent=

Request Chain 112

https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=4887541690117213452&gdpr=0&gdpr_consent=

Request Chain 114

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://usersync.gumgum.com/usersync?b=apn&i=4887541690117213452

Request Chain 115

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_43892000-77dd-43f1-8481-12f8389edad3&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_43892000-77dd-43f1-8481-12f8389edad3&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=gumgum2 HTTP 302
https://x.bidswitch.net/sync?dsp_id=70&user_id=4286716817077151229&ssp=gumgum2 HTTP 302
https://usersync.gumgum.com/usersync?b=bsw&i=64645efe-197f-470b-8434-e59b87da493d

Request Chain 116

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
https://usersync.gumgum.com/usersync?b=obn&i=ENC%28cjmGW7XEn3hywHjVtpS7nuEhNuK0_XJxwzQjFAliboyNW78XLbIYVP6IX7gz9vEH%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28cjmGW7XEn3hywHjVtpS7nuEhNuK0_XJxwzQjFAliboyNW78XLbIYVP6IX7gz9vEH%29 HTTP 302
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_43892000-77dd-43f1-8481-12f8389edad3&obuid=ENC(cjmGW7XEn3hywHjVtpS7nuEhNuK0_XJxwzQjFAliboyNW78XLbIYVP6IX7gz9vEH) HTTP 302
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
https://x.bidswitch.net/sync?ssp=outbrain&user_id=cjmGW7XEn3hywHjVtpS7nuEhNuK0_XJxwzQjFAliboyNW78XLbIYVP6IX7gz9vEH HTTP 302
https://match.prod.bidr.io/cookie-sync/bidswitch?bidswitch_ssp_id=outbrain&gdpr=&gdpr_consent=

Request Chain 117

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=opx&i=d274bea9-c5ad-40e1-a01c-910ef61b9ddd

Request Chain 118

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sta&i=0-7998408d-b96a-4113-5ef5-a40a6a8e6f10$ip$37.58.57.1

Request Chain 119

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=oth&i=y-nAKLvF5E2pcMKrkTz4_YcUXkrv5kPuJ8RQNC~A

Request Chain 120

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=vnt&i=760c17f0-0bdf-11ed-bc57-97e675ec6313

Request Chain 121

https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
https://usersync.gumgum.com/usersync?b=snc&i=GDPR

Request Chain 123

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_43892000-77dd-43f1-8481-12f8389edad3&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
https://stags.bluekai.com/site/23178?id=VLsVheWy-vEbIsf6NinZ&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2VSMONLGQZKXPEWXMRLCJFZWMNSONFXFUJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2VSMONLGQZKXPEWXMRLCJFZWMNSONFXFUJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=VLsVheWy-vEbIsf6NinZ&us_privacy=1---

Request Chain 124

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://usersync.gumgum.com/usersync?b=idi&i=b3de45f8-10c8-4f52-a413-3bb3d09980cb

Request Chain 125

https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7245081698

Request Chain 126

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://usersync.gumgum.com/usersync?b=pln&i=HInZ3AJ8ZLBE&ev=1&pid=558355

Request Chain 127

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sad&i=4946848829712526122

Request Chain 129

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://usersync.gumgum.com/usersync?b=mmh&i=8fcc62de-321e-4600-9ada-5fc76f13a6d2&gdpr=0&gdpr_consent=

Request Chain 130

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Yt4yHgABcvvSCwAK HTTP 302
https://usersync.gumgum.com/usersync?b=atm&i=Yt4yHgABcvvSCwAK&gdpr=0&gdpr_consent=&_test=Yt4yHgABcvvSCwAK

Request Chain 131

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV80Mzg5MjAwMC03N2RkLTQzZjEtODQ4MS0xMmY4Mzg5ZWRhZDM=&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV80Mzg5MjAwMC03N2RkLTQzZjEtODQ4MS0xMmY4Mzg5ZWRhZDM=&gdpr=0&gdpr_consent=&google_tc=

Request Chain 134

https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID HTTP 302
https://cs.emxdgt.com/umcheck?apnxid=4887541690117213452&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID HTTP 302
https://usersync.gumgum.com/usersync?b=emx&uid=4887541690117213452brt50801658728990146679f1

Request Chain 135

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://usersync.gumgum.com/usersync?b=sus&i=Yt4yHsCo5s0AAIqH7ogAAAAA

Request Chain 136

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://usersync.gumgum.com/usersync?b=rth&i=6ppXcRtZLDbfWdRZoNTY&pi=gumgum&tc=1

Request Chain 137

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
https://eus.rubiconproject.com/usync.html?p=gumgum

Request Chain 140

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yt4yHeOqxxPUPVfqqZmVRgAABKUAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yt4yHeOqxxPUPVfqqZmVRgAABKUAAAIB&dcc=t

Request Chain 141

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yt4yHeOqxxPUPVfqqZmVRgAA HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=Yt4yHeOqxxPUPVfqqZmVRgAA&google_tc= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGjdUgZvvjRM3QjN9KMAHgA&google_cver=1&gdpr=1

Request Chain 142

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1 HTTP 302
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=b32dfaae-4770-ca60-5f9a1042

Request Chain 143

https://sync.extend.tv/r.gif?exchange=index HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=7280517c-f608-4d07-ac69-fd74147bc3a8

Request Chain 145

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

150 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request lg-firmware-extract-tool Show response
androidmtk.com/ 63 KB
25 KB 150ms
88ms Document
text/html 192.124.249.19
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://androidmtk.com/lg-firmware-extract-tool

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.19 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10019.sucuri.net

Software

nginx /

Resource Hash

2debda357ba18f68d849642dfa450680f23b3382ee41806b3d910efffacc0088

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
date: Mon, 25 Jul 2022 06:03:05 GMT
last-modified: Mon, 25 Jul 2022 03:21:16 GMT
server: nginx
vary: Accept-Encoding
x-content-type-options: nosniff nosniff
x-frame-options: SAMEORIGIN SAMEORIGIN
x-sucuri-cache: MISS
x-sucuri-id: 19019
x-xss-protection: 1; mode=block 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 77ms
33ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-49440195-1

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/lg-firmware-extract-tool

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6b53fd6f830ab1a5e29609df77a03ca0e33bd03c1502fdfd632eb34a2ad4c2c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 06:03:05 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41762
x-xss-protection: 0
expires: Mon, 25 Jul 2022 06:03:05 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 165 KB
56 KB 135ms
50ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6779354300071897

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/lg-firmware-extract-tool

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c09cbf81f03753d7cb52a4479242661d792e17938ba57d77372b0525eeff418

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://androidmtk.com/
Origin: https://androidmtk.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 06:03:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56709
x-xss-protection: 0
server: cafe
etag: 4039354682623150396
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 25 Jul 2022 06:03:05 GMT

GET
H2 200 up.js Show response
live.demand.supply/ 9 KB
5 KB 151ms
107ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: androidmtk.com
URL: https://androidmtk.com/lg-firmware-extract-tool
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c53b74b6a2fb530b4d0742a73c2a325e1b51211c889f499c627d025fb615c2ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nf-request-id: 01G5W6H1RAKTHVHF4CBQ0FTGQ9
date: Mon, 25 Jul 2022 06:03:05 GMT
content-encoding: br
cf-cache-status: HIT
age: 848
cf-polished: origSize=9326
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
cf-bgj: minify
server: cloudflare
etag: W/"002151f48bfcfdd9b58f194235c212c4-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 7302b0be1dab921f-FRA
link: <https://live.demand.supply/impl.v15.0.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v14-3-0/YW5kcm9pZG10ay5jb20v>; rel=preload; as=script

GET
H2 200 lg-firmware-extract-tool.png
androidmtk.com/wp-content/uploads/ 7 KB
7 KB 53ms
50ms Image
image/png 192.124.249.19
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://androidmtk.com/wp-content/uploads/lg-firmware-extract-tool.png

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/lg-firmware-extract-tool

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.19 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10019.sucuri.net

Software

nginx /

Resource Hash

761229c523160fe8d5d3fb1a904043918eb66c7c6ffebcbd5d7280f7fbbcf246

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/lg-firmware-extract-tool
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 06:03:05 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
last-modified: Thu, 07 Oct 2021 22:59:35 GMT
server: nginx
etag: W/"615f7bd7-1c61"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/png
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 19019
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding
x-xss-protection: 1; mode=block, 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.min.js Show response
androidmtk.com/wp-content/plugins/q2w3-fixed-widget/js/ 19 KB
5 KB 17ms
14ms Script
application/javascript 192.124.249.19
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://androidmtk.com/wp-content/plugins/q2w3-fixed-widget/js/frontend.min.js?ver=6.1.0

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/lg-firmware-extract-tool

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.19 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10019.sucuri.net

Software

nginx /

Resource Hash

ac102e5ac32bf9d04852bd46b1ed524a61e99ea7216b222f990a61ad937a7d25

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/lg-firmware-extract-tool
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 06:03:05 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
last-modified: Mon, 13 Jun 2022 16:56:01 GMT
server: nginx
etag: W/"62a76c21-4b52"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/javascript
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19019
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding
x-xss-protection: 1; mode=block, 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 androidmtk.js Show response
cdn4.buysellads.net/pub/ 622 KB
201 KB 102ms
18ms Script
application/javascript 94.31.29.32
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4.buysellads.net/pub/androidmtk.js?1658728800000
Requested by: Host: androidmtk.com
URL: https://androidmtk.com/lg-firmware-extract-tool
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.32 London, United Kingdom, ASN33438 (STACKPATH, US),
Reverse DNS: 94.31.29.32.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 95b9a52e25b63bd15cddae44ad414eb77c60b2f07300648bc8776ef39810a013

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 06:03:05 GMT
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 05:33:01 GMT
server: NetDNA-cache/2.2
x-amz-request-id: 1Z6BSR0YZCCCEK5D
etag: W/"3e52f5f44cbf21e08a7ca08520e9e269"
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31104000
x-amz-id-2: LEMW6LOtEJ9hut3mJEk7Y7FWbJ2FgW7qJRObzxsm2b33dfQsbUnHaaP25F/8O7RgG+yt428KOdk=
expires: Thu, 20 Jul 2023 06:03:05 GMT

GET
DATA 200
OK truncated
/ 656 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 155c9af0f27f3742c031083e19fc9f49eaf456ca36b08503ca77262be14d51d3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f163028487915d2362724581276315a30de18de25e9033627d10a5bdd4abe03e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 inter-latin-variable-wghtOnly-norma.woff2
androidmtk.com/static/ 37 KB
37 KB 19ms
19ms Font
font/woff2 192.124.249.19
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://androidmtk.com/static/inter-latin-variable-wghtOnly-norma.woff2

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/lg-firmware-extract-tool

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.19 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10019.sucuri.net

Software

nginx /

Resource Hash

b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://androidmtk.com/lg-firmware-extract-tool
Origin: https://androidmtk.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 06:03:05 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
last-modified: Sat, 26 Mar 2022 11:04:45 GMT
server: nginx
etag: W/"623ef34d-9354"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: font/woff2
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19019
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding
x-xss-protection: 1; mode=block, 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 295 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 121851f1309529e1fd5f53c11b52fdd432161a019648f7b7e9d6f1c2a59efd77

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d015f0372f200235060d8f837007953c1e256eef7345d844458fb2443ef990c8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 463 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 83ed95482d7f3126b555efe2a06c4812af9f6df7d7ac26a809e8b4aecffa78d1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 pixelflasher-fi-80x57.png
androidmtk.com/wp-content/uploads/ 1 KB
2 KB 17ms
16ms Image
image/png 192.124.249.19
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://androidmtk.com/wp-content/uploads/pixelflasher-fi-80x57.png

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/lg-firmware-extract-tool

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.19 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10019.sucuri.net

Software

nginx /

Resource Hash

6d223d7a692d32c260f1fbd09b4bc090c19a214d3934a7e02a61c8358d9163b2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/lg-firmware-extract-tool
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 06:03:05 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
last-modified: Wed, 20 Jul 2022 04:13:18 GMT
server: nginx
etag: W/"62d780de-48d"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/png
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19019
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding
x-xss-protection: 1; mode=block, 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 apk-easy-tool-fi-80x57.png
androidmtk.com/wp-content/uploads/ 1 KB
1 KB 18ms
17ms Image
image/png 192.124.249.19
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://androidmtk.com/wp-content/uploads/apk-easy-tool-fi-80x57.png

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/lg-firmware-extract-tool

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.19 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10019.sucuri.net

Software

nginx /

Resource Hash

7fb31a5109ed475ca69aa607e74dc8c5d121e50e7832b5bad1418efd4e7699bb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/lg-firmware-extract-tool
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 06:03:05 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
last-modified: Sat, 07 May 2022 10:43:56 GMT
server: nginx
etag: W/"62764d6c-438"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/png
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19019
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding
x-xss-protection: 1; mode=block, 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 coolmuster-android-assistant-fi-80x57.png
androidmtk.com/wp-content/uploads/ 4 KB
5 KB 19ms
18ms Image
image/png 192.124.249.19
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://androidmtk.com/wp-content/uploads/coolmuster-android-assistant-fi-80x57.png

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/lg-firmware-extract-tool

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.19 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10019.sucuri.net

Software

nginx /

Resource Hash

a7235a4bfe4fc44112cd4251eca419eb99a5a2e543557456d43e3e23e1fc8dfa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/lg-firmware-extract-tool
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 06:03:05 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
last-modified: Thu, 05 May 2022 10:18:59 GMT
server: nginx
etag: W/"6273a493-11d1"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/png
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19019
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding
x-xss-protection: 1; mode=block, 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 apk-icon-editor-fi-80x60.png
androidmtk.com/wp-content/uploads/ 2 KB
2 KB 19ms
19ms Image
image/png 192.124.249.19
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://androidmtk.com/wp-content/uploads/apk-icon-editor-fi-80x60.png

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/lg-firmware-extract-tool

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.19 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10019.sucuri.net

Software

nginx /

Resource Hash

a07e73bdd25c1487f3eea35339867d704932429cd7c1fdf362423e08abc1e93a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/lg-firmware-extract-tool
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 06:03:05 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
last-modified: Mon, 02 May 2022 14:44:31 GMT
server: nginx
etag: W/"626fee4f-6ff"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/png
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19019
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding
x-xss-protection: 1; mode=block, 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 145ms
57ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-49440195-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3665
date: Mon, 25 Jul 2022 05:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 25 Jul 2022 07:02:00 GMT

GET
H2 200 impl.v15.0.0.js Show response
live.demand.supply/ 77 KB
25 KB 33ms
24ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/impl.v15.0.0.js
Requested by: Host: androidmtk.com
URL: https://androidmtk.com/lg-firmware-extract-tool
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1ba233081200a5f9a126278eb189aa1c192b633751acee9cf57752f7018290a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nf-request-id: 01G3GPPYJ7DTVFG43BZ1A6MNXB
date: Mon, 25 Jul 2022 06:03:05 GMT
content-encoding: br
cf-cache-status: HIT
age: 495622
cf-polished: origSize=79512
cf-ray: 7302b0bedeb2921f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"ea93311ccbec72ee77f7dffdd40e2da2-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *

GET
H2 200 YW5kcm9pZG10ay5jb20v Show response
live.demand.supply/p4/v14-3-0/ 3 KB
996 B 81ms
72ms Script
text/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v14-3-0/YW5kcm9pZG10ay5jb20v
Requested by: Host: androidmtk.com
URL: https://androidmtk.com/lg-firmware-extract-tool
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1abfbaa1b77dba3975ce276d997a46123e224d85ff39eaae705d25626b5a1d15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 06:03:05 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 7302b0bedeb4921f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
388 B 270ms
20ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?e=ll&d=152&cs=c&dsReferer=aHR0cHM6Ly9hbmRyb2lkbXRrLmNvbS9sZy1maXJtd2FyZS1leHRyYWN0LXRvb2w=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nf-request-id: 01G3GV2YDY73DC02Y3JKA054T1
date: Mon, 25 Jul 2022 06:03:05 GMT
cf-cache-status: HIT
age: 863393
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7302b0c06c239b25-FRA

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 165 KB
55 KB 118ms
51ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d8a681267255be49e6df60cc423278e78c81bd9707b754a1d418f4d2a1028b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 06:03:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56709
x-xss-protection: 0
server: cafe
etag: 12175888336376399450
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 25 Jul 2022 06:03:05 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 100ms
25ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

sffe /

Resource Hash

87d98c58214039d8317f6519c1441b13d920e83988a58cfc51ea5dbcbe7094e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 06:03:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28358
x-xss-protection: 0
server: sffe
etag: "1283 / 861 of 1000 / last-modified: 1658527520"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 25 Jul 2022 06:03:05 GMT

GET
H3 200 YW5kcm9pZG10ay5jb20vbGctZmlybXdhcmUtZXh0cmFjdC10b29s Show response
live.demand.supply/p4/v14-3-0/ 3 KB
1 KB 101ms
94ms Script
text/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v14-3-0/YW5kcm9pZG10ay5jb20vbGctZmlybXdhcmUtZXh0cmFjdC10b29s
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cb70eb8a8d93c610cee835680e114a485549f7b252788c343660f509fa39e3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 06:03:05 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 7302b0befa089b43-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 ds.2.html Show response
live.demand.supply/ 413 B
328 B 328ms
22ms XHR
text/html 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nf-request-id: 01G4T44NNVATWZZTB0K7DX74N7
date: Mon, 25 Jul 2022 06:03:05 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
timing-allow-origin: *
age: 2112262
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 7302b0c0ccad9b25-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 140 KB
38 KB 85ms
16ms Script
application/javascript 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b95939599754deb2250672a0ecba1494e7af2352a3598695df9684d77f953d73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 25 Jul 2022 05:39:38 GMT
via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront), 1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront)
last-modified: Thu, 30 Jun 2022 20:51:38 GMT
server: AmazonS3
age: 1408
etag: W/"72916dde70b34122b394074010b382ce"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-pop: FRA6-C1, FRA56-P6
content-encoding: gzip
x-amz-cf-id: B_DuLJ5bnO8DMTTyPsX1qSLpVCCEFY1NgWjEwQNSiSlr6-wW08MZfQ==

GET
H2 200 uamp.1.json Show response
live.demand.supply/ 8 KB
3 KB 410ms
105ms XHR
application/json 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/uamp.1.json?&dsReferer=aHR0cHM6Ly9hbmRyb2lkbXRrLmNvbS9sZy1maXJtd2FyZS1leHRyYWN0LXRvb2w=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 561aec52e5ec804ee143532298b8677dcf6da42fec6541484f50cdb94611d65b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nf-request-id: 01G5QKV7HTRT8EC2P2HAB6QQ67
date: Mon, 25 Jul 2022 06:03:05 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
etag: W/"011e5e31e2a3f38b0144a3f8ebd2c638-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 7302b0c0ccb49b25-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/ 341 KB
120 KB 66ms
39ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6779354300071897&plah=androidmtk.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6779354300071897

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99dcc802592d9913a80b91fa639b9004541385c343f76abf3cd3f1be919b6f50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 06:03:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123180
x-xss-protection: 0
server: cafe
etag: 2732265872908325353
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 25 Jul 2022 06:03:05 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220721/r20190131/ Frame 5FE3 10 KB
5 KB 102ms
22ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220721/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6779354300071897

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://androidmtk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 51633
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Jul 2022 15:42:32 GMT
etag: 8616628553774171045
expires: Sun, 07 Aug 2022 15:42:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 82 KB
28 KB 116ms
28ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/androidmtk.js?1658728800000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e8a4f91d8cc7113d9602d29610bf67af8eb280e2632697c94480e414fe39b6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 06:03:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28360
x-xss-protection: 0
server: sffe
etag: "1283 / 314 of 1000 / last-modified: 1658527563"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 25 Jul 2022 06:03:05 GMT

GET
H2 200 acceptable.gif
cdn4.buysellads.net/ 43 B
369 B 207ms
203ms Image
image/gif 94.31.29.32
STACKPATH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.buysellads.net/acceptable.gif?ch=1&rn=7.818763079064735
Requested by: Host: androidmtk.com
URL: https://androidmtk.com/lg-firmware-extract-tool
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.32 London, United Kingdom, ASN33438 (STACKPATH, US),
Reverse DNS: 94.31.29.32.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 06:03:05 GMT
last-modified: Fri, 19 Jul 2019 16:45:51 GMT
server: NetDNA-cache/2.2
x-amz-request-id: VC20E2Y973MCCRNB
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-cache: MISS
content-type: image/gif
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 43
x-amz-id-2: Gksq5kwLVkDL+/3wD0mVKGE++qA6IyoC7bj5lsicTDOeIKkRJzkLw6KrK0gXWnUoMzuEaIPo6LU=
expires: Thu, 20 Jul 2023 06:03:05 GMT

GET
H2 200 acceptable.gif
cdn4.buysellads.net/ 43 B
367 B 193ms
190ms Image
image/gif 94.31.29.32
STACKPATH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.buysellads.net/acceptable.gif?ch=2&rn=7.818763079064735
Requested by: Host: androidmtk.com
URL: https://androidmtk.com/lg-firmware-extract-tool
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.32 London, United Kingdom, ASN33438 (STACKPATH, US),
Reverse DNS: 94.31.29.32.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 06:03:05 GMT
last-modified: Fri, 19 Jul 2019 16:45:51 GMT
server: NetDNA-cache/2.2
x-amz-request-id: VC25RVWQGHCG8XX6
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-cache: MISS
content-type: image/gif
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 43
x-amz-id-2: cy5jMeib/p0K6/3ivr0/kX/12zHnZe7XldRysV0KDJiyRdZXZYjH0nPZagJ4NDa686zwkPTsP8g=
expires: Thu, 20 Jul 2023 06:03:05 GMT

HEAD
H2 200 e.js Show response
live.demand.supply/x/ 0
74 B 337ms
20ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=fs&dsReferer=aHR0cHM6Ly9hbmRyb2lkbXRrLmNvbS9sZy1maXJtd2FyZS1leHRyYWN0LXRvb2w=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nf-request-id: 01G5RDXJJHSGDXCPNSNE6Q3423
date: Mon, 25 Jul 2022 06:03:05 GMT
cf-cache-status: HIT
age: 1309641
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7302b0c1de0e9b25-FRA

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 386 B
743 B 9ms
9ms XHR
application/json 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fandroidmtk.com&pubid=66ef05f7-ad53-48f6-873a-ac7543370392
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: Server /
Resource Hash: cf99cfb5ddd705ffb0ca32e221ab207947968503732683f40f6751a40baf1898

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 00:32:49 GMT
via: 1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront)
server: Server
age: 19816
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://androidmtk.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P6
content-length: 386
x-amz-cf-id: HPMlFJwDeZplCNWCzEb3UvgpORK3Gid2HzXDmqcvVx7b3AL2GyxTxw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 34ms
9ms XHR
application/javascript 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: ohN.Ia8q4H3SKA9S.12ooUiZoNn.3Gnl
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 76265
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 29 Jun 2022 23:14:57 GMT
server: AmazonS3
date: Sun, 24 Jul 2022 08:52:00 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P6
x-amz-cf-id: tumk5yRyoXUJTEZrdWIoJHs_e9sYiDwJVUv5EC74I8FeNKiIzGbpUw==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
490 B 45ms
45ms XHR
text/javascript 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fandroidmtk.com%2Flg-firmware-extract-tool&pid=a7NxESfH56GpS&cb=0&ws=1600x1200&v=8.1.0&t=2000&slots=%5B%7B%22sd%22%3A%22androidmtk.com_auto_728x90_sticky_display_bottom%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&pubid=66ef05f7-ad53-48f6-873a-ac7543370392&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.4.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-4-10.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 06:03:05 GMT
via: 1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: FNK834ZRNTSD9EZFMDN4
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://androidmtk.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: FPPJgeYLUee0gTIZARaeGkgcdWiJIKKr1ozBcF7Ie2JWi-AXstn2QQ==

GET
H2 200 androidmtk.com_auto_interstitial_desktop Show response
live.demand.supply/cpi/ 26 B
81 B 569ms
267ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cpi/androidmtk.com_auto_interstitial_desktop?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aHR0cHM6Ly9hbmRyb2lkbXRrLmNvbS9sZy1maXJtd2FyZS1leHRyYWN0LXRvb2w=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1881dae6aa1793eabf98457aebc1e6323810ed63526e6634ed8a5f2e7a8afa2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 06:03:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7302b0c1fe4d9b25-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26

GET
H3 200 sdb.css
live.demand.supply/css/ 4 KB
2 KB 24ms
21ms Stylesheet
text/css 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/css/sdb.css
Requested by: Host: client
URL: about:client
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nf-request-id: 01G5X9MEJA2ND5BDKK5JMD0E7S
date: Mon, 25 Jul 2022 06:03:05 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 1290230
etag: W/"16d586d96127e73f8750e4b067951d11-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 7302b0c02b6e9b43-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 androidmtk.com_auto_728x90_sticky_display_bottom Show response
live.demand.supply/cp/ 26 B
142 B 534ms
232ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/androidmtk.com_auto_728x90_sticky_display_bottom?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aHR0cHM6Ly9hbmRyb2lkbXRrLmNvbS9sZy1maXJtd2FyZS1leHRyYWN0LXRvb2w=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c65f3abade1a3d19cd5431994709a9281326871c0523984a9e04b0220e05e143

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 06:03:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7302b0c20e4f9b25-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26

GET
H2 200 androidmtk.com_fluid_lb+sq_mtk_post Show response
live.demand.supply/cp/ 27 B
85 B 536ms
233ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/androidmtk.com_fluid_lb+sq_mtk_post?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aHR0cHM6Ly9hbmRyb2lkbXRrLmNvbS9sZy1maXJtd2FyZS1leHRyYWN0LXRvb2w=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0a005bfa8389eda8a2bf8c1350bfd9c7f0d2d4bca970ba16915ce2c439f23c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 06:03:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7302b0c20e509b25-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27

GET
H3 200 pubads_impl_2022071901.js Show response
securepubads.g.doubleclick.net/gpt/ 376 KB
128 KB 48ms
15ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

sffe /

Resource Hash

d25b470928984e737126b7d9718a4217c2acfbc03314ae65fa2de9c63dea6092

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 04:29:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5603
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131527
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 08:34:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 25 Jul 2023 04:29:42 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 254 B
165 B 90ms
35ms XHR
application/json 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=androidmtk.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

f1583164547ac35e4412d03037278be4701a2727f4300f78d157a305235e24c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 25 Jul 2022 06:03:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 140
x-xss-protection: 0
expires: Mon, 25 Jul 2022 06:03:05 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 42 KB
12 KB 117ms
48ms Script
text/javascript 46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/lg-firmware-extract-tool

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

09632fc32655b4266de845ac8d15dddc6bbc219993d570236608355e159e0ae8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 05:24:29 GMT
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 51.254.41.128/25
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: rbx1
content-disposition: attachment;filename="id5-api.js"
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 11761
x-request-id: 163774467

GET
H2 200 ca-pub-6779354300071897 Show response
fundingchoicesmessages.google.com/i/ 104 KB
36 KB 481ms
59ms Script
application/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-6779354300071897?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6779354300071897&plah=androidmtk.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e960b2a590f56ef4f387973205d6d2ccb0e0f46e4b18c75353ca5c72f282e1f6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-oHKA9JYUqkE5ub2PYRofHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-oHKA9JYUqkE5ub2PYRofHw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 06:03:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-oHKA9JYUqkE5ub2PYRofHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-oHKA9JYUqkE5ub2PYRofHw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 75ms
25ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=684144066&t=pageview&_s=1&dl=https%3A%2F%2Fandroidmtk.com%2Flg-firmware-extract-tool&ul=en-us&de=UTF-8&dt=Download%20LG%20Firmware%20Extract%20Tool%20(.kdz%20.dz%20extract%20tool)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1320042459&gjid=125884868&cid=1190992647.1658728986&tid=UA-49440195-1&_gid=252135958.1658728986&_r=1&gtm=2ou7k0&z=1084208899

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://androidmtk.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 06:03:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://androidmtk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
328 B 337ms
34ms XHR
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.eu-1-id5-sync.com/lb/v1
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31533567.ip-162-19-138.eu
Software: /
Resource Hash: 927bee46c9c494dda2d19fdc9b195e4b1ee547a786b6131bdfd842746c8f368b

Request headers

Referer: https://androidmtk.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://androidmtk.com
date: Mon, 25 Jul 2022 06:03:05 GMT
transfer-encoding: chunked
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 CEADL53I.json Show response
srv.buysellads.com/ads/ 931 B
666 B 161ms
31ms Fetch
application/json 178.62.198.146
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.buysellads.com/ads/CEADL53I.json?forcebanner=459869&ignoretargeting=yes
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/androidmtk.js?1658728800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.62.198.146 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv-eu-nl-14.buysellads.com
Software: //srv.buysellads.com /
Resource Hash: f4ed4a399498c9997be6dc3e1d7a18c2b4d89a063a314068db739d9457338aec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 25 Jul 2022 06:03:06 GMT
content-encoding: gzip
server: //srv.buysellads.com
content-length: 553
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
936 B 120ms
22ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/androidmtk.js?1658728800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 06:03:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1443794
x-amz-request-id: txc6abd54ace594ae2a5b2f-00629f4bc7
x-amz-id-2: txc6abd54ace594ae2a5b2f-00629f4bc7
last-modified: Tue, 10 May 2022 09:57:32 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BzktlQFsdueWIp1ytdvQLp8mE0Ia9QaYV5xtha9ZhIFO3xjQeK2sQjwS8aN4qEVtwlCcTnmH3LaN3NitOLzIrIybCC0KdCU4rrrhqkR3VoPPUsqsafQWpiuH%2BuTe9reezx5KuwMWkBlLfJwW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1652176652152482
cf-ray: 7302b0c3c9ec9259-FRA

POST
H2 200 prebid Show response
mp.4dex.io/ 114 B
611 B 108ms
44ms XHR
application/json 2606:4700::6812:272
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/androidmtk.js?1658728800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 956fff8f655ec034c4c9b5ea6d09934ac0460bf6cf42f6e3c5b0e6697e71562d

Request headers

Referer: https://androidmtk.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

cf-ray: 7302b0c3c81391ed-FRA
pragma: no-cache
date: Mon, 25 Jul 2022 06:03:06 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
x-warn: Preparing candidates. No matching rules and/or Bids disallowed and/or Invalid predictions
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://androidmtk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
server: cloudflare
expires: 0

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 712 B
1 KB 305ms
151ms XHR
application/json 185.255.84.151
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fandroidmtk.com%2Flg-firmware-extract-tool&CanonicalUrl=https%3A%2F%2Fandroidmtk.com%2Flg-firmware-extract-tool&PublisherDomain=https%3A%2F%2Fandroidmtk.com

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/androidmtk.js?1658728800000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.151 Ivry-sur-Seine, France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

ff3313a1cd4ff13a2b2064cae80ad23117f15ae8381de9fe8ca31b832d3961b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://androidmtk.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 06:03:06 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://androidmtk.com
access-control-max-age: 3600
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 144
access-control-allow-headers: Accept-Encoding, Content-Type
content-length: 712
expires: 0

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
291 B 192ms
25ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a969d17017c7c2764ee2809e73b0016&cmd=bid&secure=1
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/androidmtk.js?1658728800000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash: aeb2eb778ac5b2e53d183a580cf865d2a81989c06e8e239062abe92f9c5ea667

Request headers

Referer: https://androidmtk.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 25 Jul 2022 06:03:06 GMT
server: ATS/9.1.0.46
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://androidmtk.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 199ms
33ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a9691a0017c7c27693428112dd5001f&cmd=bid&secure=1
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/androidmtk.js?1658728800000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash: 05fcc4a9e07bfcb89759334b07d0c41698d2ac60f2036797bee40451d6a13b06

Request headers

Referer: https://androidmtk.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 25 Jul 2022 06:03:06 GMT
server: ATS/9.1.0.46
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://androidmtk.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 193ms
27ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a969544017c7c276e6e280b8d4d001c&cmd=bid&secure=1
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/androidmtk.js?1658728800000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash: 3cf8b62db24277978593cf6bea1610e06eccc08405724bf678d3950819e8d78d

Request headers

Referer: https://androidmtk.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 25 Jul 2022 06:03:06 GMT
server: ATS/9.1.0.46
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://androidmtk.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 200ms
34ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691a0017c7c2769342812c4ac0020&pos=8a969d17017c7c2764ee28140f1d001b&cmd=bid&secure=1
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/androidmtk.js?1658728800000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash: 458839e2731d5100b4b0cf21a39f2dc95840256e7d5daf193fde2e1bc8893011

Request headers

Referer: https://androidmtk.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 25 Jul 2022 06:03:06 GMT
server: ATS/9.1.0.46
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://androidmtk.com
access-control-allow-credentials: true
content-length: 62

POST
H2 200 adreq Show response
ads.servenobid.com/ 1009 B
719 B 406ms
258ms XHR
application/json 34.251.34.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=6425
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/androidmtk.js?1658728800000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.34.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-34-15.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8e135e7de211ea21dd838640138d510b9bf19cdf36aeccd0ccfe6bd90590cdd1

Request headers

Referer: https://androidmtk.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 25 Jul 2022 06:03:06 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://androidmtk.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 93 B
742 B 211ms
103ms XHR
application/json 216.52.2.39
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/androidmtk.js?1658728800000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: 160d660e72443d4a7d8200baf275376a46989c23c4a7596f2ac2154721c2d9a6

Request headers

Referer: https://androidmtk.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 25 Jul 2022 06:03:06 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://androidmtk.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 96

GET
H2 200 display Show response
mantodea.mantisadnetwork.com/prebid/ 56 B
340 B 387ms
106ms XHR
application/javascript 54.146.39.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mantodea.mantisadnetwork.com/prebid/display?tz=0&buster=1658728986147&secure=true&version=9&title=Download%20LG%20Firmware%20Extract%20Tool%20(.kdz%20.dz%20extract%20tool)&url=https%3A%2F%2Fandroidmtk.com%2Flg-firmware-extract-tool&measurable=true&bids[0][bidId]=27be9585f9f7eec&bids[0][config][property]=618afd69e8dacc000faa1441&bids[0][config][zone]=androidmtk_S2S_LeftSidebar_Banner_ROS&bids[0][sizes][0][width]=300&bids[0][sizes][0][height]=250&bids[0][sizes][1][width]=300&bids[0][sizes][1][height]=600&bids[0][sizes][2][width]=160&bids[0][sizes][2][height]=600&bids[0][sizes][3][width]=120&bids[0][sizes][3][height]=600&bids[1][bidId]=281f1dcfb1e9d3c&bids[1][config][property]=618afd69e8dacc000faa1441&bids[1][config][zone]=androidmtk_S2S_InContent_Banner_ROS_POS2&bids[1][sizes][0][width]=300&bids[1][sizes][0][height]=250&bids[1][sizes][1][width]=336&bids[1][sizes][1][height]=280&bids[1][sizes][2][width]=728&bids[1][sizes][2][height]=90&bids[1][sizes][3][width]=468&bids[1][sizes][3][height]=60&bids[1][sizes][4][width]=250&bids[1][sizes][4][height]=250&property=618afd69e8dacc000faa1441&foo
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/androidmtk.js?1658728800000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.146.39.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-146-39-184.compute-1.amazonaws.com
Software: / Express
Resource Hash: 7d44e5960e50212c5996ab9a12b47cfb8b019b5a26f6077ccc7de8e6ebf09809

Request headers

Referer: https://androidmtk.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 06:03:06 GMT
x-powered-by: Express
etag: W/"38-8k0UZ1IG/0qJ5iGvIDWMZlUPWDg"
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://androidmtk.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 56
expires: -1

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 338 B
454 B 153ms
35ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU18831I
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/androidmtk.js?1658728800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: f3a946a116a4f108ff7d03411595427e2743afcf9f6f535fcb411dbd9456002b

Request headers

Referer: https://androidmtk.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 06:03:06 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://androidmtk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 arj Show response
buysellads-d.openx.net/w/1.0/ 73 B
379 B 191ms
38ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://buysellads-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fandroidmtk.com%2Flg-firmware-extract-tool&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=ad8f0803-b915-41de-88ba-a087d8ba331b%2Cad8f0803-b915-41de-88ba-a087d8ba331b%2Cad8f0803-b915-41de-88ba-a087d8ba331b%2C3515522a-03a5-4e1f-9243-2adddaa71e89%2C3515522a-03a5-4e1f-9243-2adddaa71e89&nocache=1658728986154&schain=1.0%2C1!buysellads.com%2C13890%2C1%2C%2C%2C&aus=300x600%7C300x250%7C160x600%7C728x90%7C300x250&divids=bsa-zone_1629407672357-6_123456%2Cbsa-zone_1629407672357-6_123456%2Cbsa-zone_1629407672357-6_123456%2Cbsa-zone_1629407794229-8_123456%2Cbsa-zone_1629407794229-8_123456&aucs=%252F8691100%252Fandroidmtk_S2S_LeftSidebar_Banner_ROS%2523bsa-zone_1629407672357-6_123456%2C%252F8691100%252Fandroidmtk_S2S_LeftSidebar_Banner_ROS%2523bsa-zone_1629407672357-6_123456%2C%252F8691100%252Fandroidmtk_S2S_LeftSidebar_Banner_ROS%2523bsa-zone_1629407672357-6_123456%2C%252F8691100%252Fandroidmtk_S2S_InContent_Banner_ROS_POS2%2523bsa-zone_1629407794229-8_123456%2C%252F8691100%252Fandroidmtk_S2S_InContent_Banner_ROS_POS2%2523bsa-zone_1629407794229-8_123456&auid=541001002%2C541001001%2C541001003%2C541001000%2C541001001
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/androidmtk.js?1658728800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/485d39a /
Resource Hash: 227ce3ae565770cf34f8d2a0b84dacb46763002afbb6dfcd80d4f16f0d9776c1

Request headers

Referer: https://androidmtk.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 06:03:06 GMT
content-encoding: gzip
server: OXGW/485d39a
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://androidmtk.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
113 B 189ms
39ms XHR
text/plain 52.59.116.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/androidmtk.js?1658728800000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.116.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-116-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://androidmtk.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://androidmtk.com
date: Mon, 25 Jul 2022 06:03:06 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
112 B 188ms
47ms XHR
text/plain 52.59.116.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/androidmtk.js?1658728800000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.116.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-116-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://androidmtk.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://androidmtk.com
date: Mon, 25 Jul 2022 06:03:06 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
312 B 191ms
50ms XHR
application/json 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.0&cb=5033471570

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/androidmtk.js?1658728800000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://androidmtk.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 25 Jul 2022 06:03:05 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://androidmtk.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
361 B 160ms
34ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/androidmtk.js?1658728800000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://androidmtk.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://androidmtk.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
115 B 204ms
81ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/androidmtk.js?1658728800000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://androidmtk.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://androidmtk.com
date: Mon, 25 Jul 2022 06:03:05 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 41 KB
15 KB 277ms
186ms XHR
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/androidmtk.js?1658728800000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

2de23783fc533f3b32f9e94e02904a89da12effb076ec3637fa95ed7ed3ffce7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://androidmtk.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 25 Jul 2022 06:03:06 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.58.57.1; 37.58.57.1; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: ffa4c253-c229-4c58-bde3-f37c64a389cf
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://androidmtk.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
400 B 232ms
18ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=androidmtk.com_auto_728x90_sticky_display_bottom&pdc=0.3640381645538737&ucv=null&e=tcp&dsReferer=aHR0cHM6Ly9hbmRyb2lkbXRrLmNvbS9sZy1maXJtd2FyZS1leHRyYWN0LXRvb2w=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nf-request-id: 01G3GV2YDY73DC02Y3JKA054T1
date: Mon, 25 Jul 2022 06:03:06 GMT
cf-cache-status: HIT
age: 863394
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7302b0c55ca26927-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
364 B 232ms
21ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=androidmtk.com_fluid_lb%2Bsq_mtk_post&pdc=0.30797765543701133&ucv=null&e=tcp&dsReferer=aHR0cHM6Ly9hbmRyb2lkbXRrLmNvbS9sZy1maXJtd2FyZS1leHRyYWN0LXRvb2w=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nf-request-id: 01G3GV2YDY73DC02Y3JKA054T1
date: Mon, 25 Jul 2022 06:03:06 GMT
cf-cache-status: HIT
age: 863394
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7302b0c55ca66927-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
364 B 222ms
24ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=androidmtk.com_auto_interstitial_desktop&pdc=14.850390802652672&ucv=null&e=tcp&dsReferer=aHR0cHM6Ly9hbmRyb2lkbXRrLmNvbS9sZy1maXJtd2FyZS1leHRyYWN0LXRvb2w=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nf-request-id: 01G3GV2YDY73DC02Y3JKA054T1
date: Mon, 25 Jul 2022 06:03:06 GMT
cf-cache-status: HIT
age: 863394
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7302b0c55ca46927-FRA

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
438 B 171ms
27ms XHR
text/plain 2a00:1450:400c:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-49440195-1&cid=1190992647.1658728986&jid=1320042459&gjid=125884868&_gid=252135958.1658728986&_u=YEBAAUAAAAAAAC~&z=2046931557

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://androidmtk.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 25 Jul 2022 06:03:06 GMT
content-type: text/plain
access-control-allow-origin: https://androidmtk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
490 B 74ms
50ms XHR
text/javascript 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fandroidmtk.com%2Flg-firmware-extract-tool&pid=a7NxESfH56GpS&cb=1&ws=1600x1200&v=8.1.0&t=2000&slots=%5B%7B%22sd%22%3A%22androidmtk.com_fluid_lb%2Bsq_mtk_post%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%5D%7D%5D&pubid=66ef05f7-ad53-48f6-873a-ac7543370392&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.4.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-4-10.fra56.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 06:03:06 GMT
via: 1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: A9N0QKBP6S83R42FE76W
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://androidmtk.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: HHK9K8WUbC-XZ9nt_ANDD5Kgk4DzxOdZXiY-jns6nlbcOPNlez3jng==

POST
H/1.1 200 1113.json Show response
id5-sync.com/g/v2/ 213 B
621 B 145ms
28ms XHR
application/json 141.95.98.71
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/1113.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.71 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216577.ip-141-95-98.eu

Software

Resource Hash

0926862541cd4c5f25b513c405e3d724e923d3315f60749824758dad45752cc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://androidmtk.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://androidmtk.com
date: Mon, 25 Jul 2022 06:03:05 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

GET
H2 200 adagio.js Show response
script.4dex.io/ 72 KB
23 KB 134ms
25ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 06:03:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1442703
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: tx09062fca4814463dbb704-00629f4c42
x-amz-id-2: tx09062fca4814463dbb704-00629f4c42
last-modified: Tue, 10 May 2022 09:57:31 GMT
server: cloudflare
etag: W/"2430496689c00115831347992a974246"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MyEtVboiLByHcuN7idts5v1b%2FrSypkhfzYW607lJUUO4PJjP5R5%2FTcO4D%2B%2BE2DC4PBd71YxZUZoRKAnWl0eECtzk07ckRWKFXd3uggYm55nsnVi8ZGDlcZTVjmN1TrQq20UMrWS3QZ3BYLCt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1652176651393042
cf-ray: 7302b0c51a569b9b-FRA
access-control-allow-headers: Authorization

GET
H3 200 AGSKWxWkJjhKeXtaLIFW6wTb298xBJS135ZYA6AK8Iud8xyIEpycadAecAqKCNO03Pa7MsV3eU1QwcLf0pST118hAO0= Show response
fundingchoicesmessages.google.com/f/ 276 KB
58 KB 138ms
103ms Script
application/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWkJjhKeXtaLIFW6wTb298xBJS135ZYA6AK8Iud8xyIEpycadAecAqKCNO03Pa7MsV3eU1QwcLf0pST118hAO0=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjU4NzI4OTg2LDU1MjAwMDAwMF0sIjk4NkQ4NERFLTdFQjgtNDM0Mi05OTI4LTVFNDhCMUE5MkI3QSIsIjk4RDhFNjg5LTM5OUItNDNGOS04RDc4LTg1QUNCNTI4RjQyRCIsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL2FuZHJvaWRtdGsuY29tL2xnLWZpcm13YXJlLWV4dHJhY3QtdG9vbCIsbnVsbCxbXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.3S8GYbg0_YM.es5.O/d=1/rs=AJlcJMwBwLSxC88HtM27kcC_7fTO4x-97g/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1cdb51384fc4f0c2ec674d2a676b56264f56eed4744f8bac4548302c32bfd07b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-G9SF3xPMk7xsuuddRS5WMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-G9SF3xPMk7xsuuddRS5WMg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 06:03:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-G9SF3xPMk7xsuuddRS5WMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-G9SF3xPMk7xsuuddRS5WMg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 60 KB
4 KB 98ms
36ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2ClientJs.de.1cvISLppuG4.es5.O/d=1/rs=AJlcJMyRqBmQKJ00b7HLNtakf4M2TtJkTg/m=iabtcfv2wallscript

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05009765587cd8f46252ad40f4fa775e11ed75ad67f575d31956f92be981f0c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 25 Jul 2022 06:03:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 25 Jul 2022 06:03:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Jul 2022 06:03:06 GMT

POST
H3 204 AGSKWxWKupnLlkLMCJ1s1JDRUyftx6srnziShSY82qlJWqghyvGkgrAVb0bXAk7cV4x9yB8fc9qJivnpDfWUNixJoz6vwHOYxYfgbJuCs2w7Hkvhd8oTEHX9dHzn6muxZs-3QWqGJe5bbAaJ-eSgzJ9cEd4LtGSBw8CDitQczRMBoloeTHgCesk0s5KTlC7E Show response
fundingchoicesmessages.google.com/el/ 0
28 B 95ms
27ms XHR
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWKupnLlkLMCJ1s1JDRUyftx6srnziShSY82qlJWqghyvGkgrAVb0bXAk7cV4x9yB8fc9qJivnpDfWUNixJoz6vwHOYxYfgbJuCs2w7Hkvhd8oTEHX9dHzn6muxZs-3QWqGJe5bbAaJ-eSgzJ9cEd4LtGSBw8CDitQczRMBoloeTHgCesk0s5KTlC7E?dmid=4d51f943b61ccb43

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-2dr4G6AQo2bmXbVNq61G1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-2dr4G6AQo2bmXbVNq61G1g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://androidmtk.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 25 Jul 2022 06:03:07 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://androidmtk.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-2dr4G6AQo2bmXbVNq61G1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-2dr4G6AQo2bmXbVNq61G1g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v135/ 125 KB
126 KB 85ms
16ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v135/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ceee87b4f5030bcea1406c18ab6534743fd5f65a37fafd864cc47af46ba79bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://androidmtk.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 08:01:49 GMT
x-content-type-options: nosniff
age: 338478
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128504
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 18:44:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Jul 2023 08:01:49 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 109ms
60ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://androidmtk.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 23:32:09 GMT
x-content-type-options: nosniff
age: 541858
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 23:32:09 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 95ms
30ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/androidmtk.js?1658728800000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b6d1f6662fba6c649c4b906368c6c758a51a9ffc03639875681c3fc4ce2f8998

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 06:03:08 GMT
content-encoding: gzip
last-modified: Fri, 08 Jul 2022 20:59:27 GMT
server: nginx
etag: W/"62c89aaf-15b76"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 26 Jul 2022 06:03:08 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 54ms
20ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b6d1f6662fba6c649c4b906368c6c758a51a9ffc03639875681c3fc4ce2f8998

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 06:03:08 GMT
content-encoding: gzip
last-modified: Fri, 08 Jul 2022 20:59:27 GMT
server: nginx
etag: W/"62c89aaf-15b76"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 26 Jul 2022 06:03:08 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 22FA 15 KB
6 KB 78ms
9ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/androidmtk.js?1658728800000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://androidmtk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=72785
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Mon, 25 Jul 2022 06:03:09 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Tue, 26 Jul 2022 02:16:14 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ Frame 03D1 0
0 31ms
14ms Document
text/plain 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1658728986572

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/androidmtk.js?1658728800000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://androidmtk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame 5AC9 0
91 B 57ms
23ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/androidmtk.js?1658728800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/485d39a /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://androidmtk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Mon, 25 Jul 2022 06:03:09 GMT
server: OXGW/485d39a
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 sync.html Show response
public.servenobid.com/ Frame 2DEA 9 KB
4 KB 60ms
8ms Document
text/html 18.66.112.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/androidmtk.js?1658728800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-30.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 82e3811cdfceb32fce78d37685ff4189f3927def60304312c3519603939f0ba8

Request headers

Referer: https://androidmtk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 70329
cache-control: max-age=172800
content-encoding: br
content-type: text/html
date: Sun, 24 Jul 2022 10:31:01 GMT
etag: W/"dded7396fbe6d087909057448e1ad0c8"
last-modified: Wed, 20 Jul 2022 18:44:58 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
x-amz-cf-id: -b8PWP2-tVjVkjtHsLScJdqnwagCXjEldIDTcpps30qASYtfp_9Jzg==
x-amz-cf-pop: FRA56-P5
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:37f5e49a-fa66-49da-8441-dd45098ed05e
x-amz-meta-codebuild-content-md5: b40e23c2c399349f8349f9ae9edec2ec
x-amz-meta-codebuild-content-sha256: 495aaab93a2848b45bf77774751801430fcd8a0741179b148bb54de4435f2b80
x-cache: Hit from cloudfront

GET
H2 200 iframe Show response
mantodea.mantisadnetwork.com/prebid/ Frame DE7C 259 B
499 B 108ms
100ms Document
text/html 54.146.39.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1658728986638&secure=true&version=9&uuid=af02ae5d-38c1-40fb-b40f-0107a516a90c&title=Download%20LG%20Firmware%20Extract%20Tool%20(.kdz%20.dz%20extract%20tool)&url=https%3A%2F%2Fandroidmtk.com%2Flg-firmware-extract-tool
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/androidmtk.js?1658728800000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.146.39.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-146-39-184.compute-1.amazonaws.com
Software: / Express
Resource Hash: 4dd3add41db8abc760b3080112cea48bfc819d5d4a44d69bb89d4a9665a21464

Request headers

Referer: https://androidmtk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
cache-control: private, no-cache, no-store, must-revalidate
content-length: 259
content-type: text/html; charset=utf-8
date: Mon, 25 Jul 2022 06:03:09 GMT
etag: W/"103-6jP++ljDYfOQfXaSMv+KuqICA/Q"
expires: -1
pragma: no-cache
vary: Origin
x-powered-by: Express

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 294C 21 KB
8 KB 74ms
30ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/androidmtk.js?1658728800000

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

51f699f062d9be05d523300ac5fbc6ac10f6ea9cfb19d8830b093c2a55898315

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://androidmtk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=125873
content-encoding: gzip
content-length: 7825
content-type: text/html; charset=UTF-8
date: Mon, 25 Jul 2022 06:03:09 GMT
expires: Tue, 26 Jul 2022 17:01:02 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H/1.1 204
No Content beacon
ap.lijit.com/ Frame 5062 0
0 18ms
16ms Document
text/plain 216.52.2.39
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=8128488
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/androidmtk.js?1658728800000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://androidmtk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date: Mon, 25 Jul 2022 06:03:09 GMT
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Pragma: no-cache
X-Sovrn-Pod: ad_ap7ams1

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 47E9 52 KB
17 KB 46ms
9ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/androidmtk.js?1658728800000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://androidmtk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 3234
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Mon, 25 Jul 2022 06:03:09 GMT
ETag: W/"623de86a-cf34"
Expires: Mon, 11 Jul 2022 04:38:47 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1, 26951
X-Served-By: cache-lga21950-LGA, cache-fra19183-FRA
X-Timer: S1658728990.751672,VS0,VE0

GET
H2 204 /
onetag-sys.com/usync/ 0
38 B 20ms
15ms Image
text/plain 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/usync/?tag=img

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-store

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 9CA3 15 KB
6 KB 23ms
15ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=72785
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Mon, 25 Jul 2022 06:03:09 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Tue, 26 Jul 2022 02:16:14 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 13926 Show response
g2.gumgum.com/usync/ Frame 9A08 4 KB
2 KB 134ms
33ms Document
text/html 52.48.21.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.21.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-21-211.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 62eccd78e0d87a7ecf5dd7895c9e26cad111fe109ea355d275e0230fd3570363

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Mon, 25 Jul 2022 06:03:09 GMT
etag: W/"0c18457f1d2603b49c839e3c97659ff29"
server: nginx
timing-allow-origin: *

GET
H2 204 /
onetag-sys.com/usync/ Frame C8A9 0
0 22ms
18ms Document
text/plain 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK sync Show response
ssbsync.smartadserver.com/api/ Frame 5AE6 772 B
1022 B 115ms
23ms Document
text/html 185.86.139.102
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: d9072535eb75df61d1f25407ed1e62119004fb8a6be26c63861efb96a4946406

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 772
content-type: text/html
date: Mon, 25 Jul 2022 06:03:09 GMT

GET
H2

200

usermatch Show response
r.casalemedia.com/ Frame 1DE2
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

2 KB
2 KB

92ms
44ms

Document
text/html

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08757054e9cdfafff389bac4e51255b2ea6b4e733a4ee90919c0b13d9140d28e

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7302b0db2a72bbc7-FRA
content-encoding: br
content-type: text/html
date: Mon, 25 Jul 2022 06:03:09 GMT
dropped-udsids: 230|39|241|45|191|152|64|196
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ofmnuXaW8kaph9dLkrS38h59yNaNLXnCL4O5xq8%2Fna95qb5Etb55xmBTGavnLFUrqNPaet9i7Xy5q6P8mHzMJtkCa8%2FkhVBMFrSj5Ub4%2FGLwM4phpNF%2F974lL4Bx%2BRs1TT6"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7302b0daba69993f-FRA
content-type: text/html; charset=iso-8859-1
date: Mon, 25 Jul 2022 06:03:09 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
location: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uL%2FNkI5guu9PLWYw1AcQVHw8jkP18rGnrvPPwie0hm32%2FWuKLTVDs8LuQvXTHId5312NcUEKfxM2i9OuR9S24xbnpxegvNk2JWotEWlBz7Va%2BhrsZ0gO7AO60e8mtsaXwHjk6MRCMlJtDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 2DEA 0
239 B 81ms
10ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

GET
H2

200

sync
ads.servenobid.com/ Frame 2DEA
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
https://ads.servenobid.com/sync?pid=312&uid=4887541690117213452

0
344 B

37ms
37ms

Image
image/avif

34.251.34.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=312&uid=4887541690117213452
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 34.251.34.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-34-15.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 06:03:09 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Pragma: no-cache
Date: Mon, 25 Jul 2022 06:03:09 GMT
X-Proxy-Origin: 37.58.57.1; 37.58.57.1; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 28f0c656-d659-4072-880d-28fca946cefa
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ads.servenobid.com/sync?pid=312&uid=4887541690117213452
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 2DEA
Redirect Chain

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
https://ads.servenobid.com/sync?pid=310&uid=FCHrtRZHvpAIpFvpTweyNc0S

0
350 B

47ms
45ms

Image
image/avif

34.251.34.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=310&uid=FCHrtRZHvpAIpFvpTweyNc0S
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 34.251.34.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-34-15.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 06:03:09 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Pragma: no-cache
Date: Mon, 25 Jul 2022 06:03:09 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ads.servenobid.com/sync?pid=310&uid=FCHrtRZHvpAIpFvpTweyNc0S
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap5ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 2DEA 0
277 B 27ms
21ms Image
text/plain 216.52.2.39
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 25 Jul 2022 06:03:09 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2

200

sync
ads.servenobid.com/ Frame 2DEA
Redirect Chain

https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID
https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiNDZlNzk4MDUtMDUzNy00Y2NmLTkzMDEtYjRlOTlmNGJhZDI0IiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wNy0yNVQwNjowMzoxMC4yMjg2MjlaIn0=

0
432 B

31ms
29ms

Image
image/avif

34.251.34.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiNDZlNzk4MDUtMDUzNy00Y2NmLTkzMDEtYjRlOTlmNGJhZDI0IiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wNy0yNVQwNjowMzoxMC4yMjg2MjlaIn0=
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 34.251.34.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-34-15.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 06:03:10 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Location: https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiNDZlNzk4MDUtMDUzNy00Y2NmLTkzMDEtYjRlOTlmNGJhZDI0IiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wNy0yNVQwNjowMzoxMC4yMjg2MjlaIn0=
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 2DEA
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1658728989877
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8339348169

70 B
264 B

58ms
39ms

Image
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8339348169
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 06:03:09 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 25 Jul 2022 06:03:09 GMT
etag: RX95176ab35c004be0b91f7ccafb0d0091003
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8339348169
cache-control: no-store, no-cache, must-revalidate
content-type: text/html
expires: 0

GET
H2

200

sync
ads.servenobid.com/ Frame 2DEA
Redirect Chain

https://p.rfihub.com/cm?pub=44007&in=1
https://ads.servenobid.com/sync?pid=324&uid=5131077722052304941

0
343 B

62ms
54ms

Image
image/avif

34.251.34.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=324&uid=5131077722052304941
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 34.251.34.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-34-15.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 06:03:10 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Location: https://ads.servenobid.com/sync?pid=324&uid=5131077722052304941
Date: Mon, 25 Jul 2022 06:03:09 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK usa
sync.go.sonobi.com/ Frame 2DEA 0
474 B 91ms
12ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Jul 2022 06:03:09 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 2DEA
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
https://ads.servenobid.com/sync?pid=327&uid=99471318-277a-43f5-b3f6-3c4e9bf911f1&gdpr=0&gdpr_consent=&us_privacy=1YN-

0
356 B

70ms
57ms

Image
image/avif

34.251.34.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=327&uid=99471318-277a-43f5-b3f6-3c4e9bf911f1&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 34.251.34.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-34-15.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 06:03:09 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=327&uid=99471318-277a-43f5-b3f6-3c4e9bf911f1&gdpr=0&gdpr_consent=&us_privacy=1YN-
date: Mon, 25 Jul 2022 06:03:09 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 0
server: envoy
content-length: 0

GET
H2

200

sync
ads.servenobid.com/ Frame 2DEA
Redirect Chain

https://ups.analytics.yahoo.com/ups/58559/occ
https://ups.analytics.yahoo.com/ups/58559/occ?verify=true
https://ads.servenobid.com/sync?pid=337&uid=y-3j..nalE2uFT_r4x4AV1o06xUn1Ufqsml6ay3Ww-~A

0
365 B

49ms
47ms

Image
image/avif

34.251.34.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=337&uid=y-3j..nalE2uFT_r4x4AV1o06xUn1Ufqsml6ay3Ww-~A
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 34.251.34.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-34-15.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 06:03:09 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=337&uid=y-3j..nalE2uFT_r4x4AV1o06xUn1Ufqsml6ay3Ww-~A
date: Mon, 25 Jul 2022 06:03:09 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

sync
ads.servenobid.com/ Frame 2DEA
Redirect Chain

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
https://ads.servenobid.com/sync?pid=346&uid=778e9758-ed20-bec4-3141-bf25ed4d3746

0
356 B

30ms
29ms

Image
image/avif

34.251.34.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=346&uid=778e9758-ed20-bec4-3141-bf25ed4d3746
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 34.251.34.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-34-15.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 06:03:10 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=346&uid=778e9758-ed20-bec4-3141-bf25ed4d3746
pragma: no-cache
date: Mon, 25 Jul 2022 06:03:10 GMT
cache-control: no-store
content-length: 0
vary: origin
expires: 0

GET
H2

200

sync
ads.servenobid.com/ Frame 2DEA
Redirect Chain

https://ups.analytics.yahoo.com/ups/58632/occ
https://ads.servenobid.com/sync?pid=339&uid=y-3j..nalE2uFT_r4x4AV1o06xUn1Ufqsml6ay3Ww-~A

0
365 B

44ms
41ms

Image
image/avif

34.251.34.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=339&uid=y-3j..nalE2uFT_r4x4AV1o06xUn1Ufqsml6ay3Ww-~A
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 34.251.34.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-34-15.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 06:03:09 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=339&uid=y-3j..nalE2uFT_r4x4AV1o06xUn1Ufqsml6ay3Ww-~A
date: Mon, 25 Jul 2022 06:03:09 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 fltiu.js Show response
pixel.yabidos.com/ Frame DE7C 2 KB
1 KB 45ms
12ms Script
application/javascript 104.16.200.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiu.js?qid=83233313f553333313f513430313&cid=1041&p=undefined&s=androidmtk.com
Requested by: Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1658728986638&secure=true&version=9&uuid=af02ae5d-38c1-40fb-b40f-0107a516a90c&title=Download%20LG%20Firmware%20Extract%20Tool%20(.kdz%20.dz%20extract%20tool)&url=https%3A%2F%2Fandroidmtk.com%2Flg-firmware-extract-tool
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.200.58 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mantodea.mantisadnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 06:03:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 20 Jul 2022 04:32:33 GMT
server: cloudflare
age: 906
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 7302b0dafe0f9bd4-FRA
content-length: 1168
expires: Mon, 25 Jul 2022 08:03:09 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame DE7C 70 B
265 B 111ms
38ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rjrqv8k&ttd_tpi=1
Requested by: Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1658728986638&secure=true&version=9&uuid=af02ae5d-38c1-40fb-b40f-0107a516a90c&title=Download%20LG%20Firmware%20Extract%20Tool%20(.kdz%20.dz%20extract%20tool)&url=https%3A%2F%2Fandroidmtk.com%2Flg-firmware-extract-tool
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mantodea.mantisadnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 06:03:09 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 47E9 0
737 B 9ms
7ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Jul 2022 06:03:09 GMT
X-Proxy-Origin: 37.58.57.1; 37.58.57.1; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4cbaa4d3-04c9-496f-abb1-9a6840d8c092
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 22FA 0
42 B 123ms
20ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=54357364&p=161102&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 06:03:08 GMT
content-length: 0

GET
H2 200 flimpobj.js Show response
pixel.yabidos.com/ Frame DE7C 31 KB
24 KB 57ms
14ms Script
application/javascript 104.16.200.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/flimpobj.js?cb=1658728989936&ver1=2.2.3&qid=83233313f553333313f513430313&rnd=c76dyu3k2ogh&cid=1041
Requested by: Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=83233313f553333313f513430313&cid=1041&p=undefined&s=androidmtk.com
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.200.58 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cf0498d6f16d928751dae8b235dab5e250f65d561f43e2dc20d982efac6016f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mantodea.mantisadnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 06:03:10 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 20 Jul 2022 04:32:33 GMT
server: cloudflare
age: 2278
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 7302b0db9ed29bd4-FRA
content-length: 24217
expires: Mon, 25 Jul 2022 08:03:10 GMT

GET
H2 200 sync
ads.servenobid.com/ Frame 5AE6 0
344 B 94ms
51ms Image
image/avif 34.251.34.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=317&uid=4946848829712526122&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.34.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-34-15.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 06:03:10 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 5AE6 70 B
264 B 100ms
58ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 06:03:10 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame 5AE6
Redirect Chain

https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdp...
https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdp...
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=03030001_62de321e25beb&gdpr=0&gdpr_consent=

43 B
411 B

75ms
19ms

Image
image/gif

185.86.139.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=03030001_62de321e25beb&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: HTTP/1.1
Server: 185.86.139.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 06:03:09 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date: Mon, 25 Jul 2022 06:03:10 GMT
server: nginx
access-control-allow-origin: *
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=03030001_62de321e25beb&gdpr=0&gdpr_consent=
cache-control: no-cache
content-type: text/html; charset=UTF-8
access-control-allow-headers: Origin
keep-alive: timeout=10

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame 5AE6
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=4887541690117213452&gdpr=0&gdpr_consent=

43 B
408 B

110ms
18ms

Image
image/gif

185.86.139.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=4887541690117213452&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: HTTP/1.1
Server: 185.86.139.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 06:03:09 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma: no-cache
Date: Mon, 25 Jul 2022 06:03:10 GMT
X-Proxy-Origin: 37.58.57.1; 37.58.57.1; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: cf416d71-2480-45d9-8576-fd81edb9ff6c
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=4887541690117213452&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204
No Content smartadserver
cs.admanmedia.com/sync/ Frame 5AE6 0
225 B 326ms
108ms Image
text/plain 88.214.206.247
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cs.admanmedia.com/sync/smartadserver?us_privacy=&coppa=&gdpr=0&gdpr_consent=

Requested by

Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.214.206.247 , United Kingdom, ASN46636 (NATCOWEB, US),

Reverse DNS

buycheapfags.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Mon, 25 Jul 2022 06:03:10 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Server: nginx
Connection: keep-alive
X-Frame-Options: DENY
Content-Type: text/plain

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 9A08
Redirect Chain

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
https://usersync.gumgum.com/usersync?b=apn&i=4887541690117213452

35 B
250 B

156ms
33ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=apn&i=4887541690117213452
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Jul 2022 06:03:10 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 25 Jul 2022 06:03:10 GMT
X-Proxy-Origin: 37.58.57.1; 37.58.57.1; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4bb99aed-cb01-45eb-b3b2-b7a658e215d4
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://usersync.gumgum.com/usersync?b=apn&i=4887541690117213452
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 9A08
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_43892000-77dd-43f1-8481-12f8389edad3&gdpr=0&gdpr_consent=&us_privacy=1---
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_43892000-77dd-43f1-8481-12f8389edad3&gdpr=0&gdpr_consent=&us_privacy=1---
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=gumgum2
https://x.bidswitch.net/sync?dsp_id=70&user_id=4286716817077151229&ssp=gumgum2
https://usersync.gumgum.com/usersync?b=bsw&i=64645efe-197f-470b-8434-e59b87da493d

35 B
250 B

33ms
30ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=bsw&i=64645efe-197f-470b-8434-e59b87da493d
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Jul 2022 06:03:10 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

Location: //usersync.gumgum.com/usersync?b=bsw&i=64645efe-197f-470b-8434-e59b87da493d
Date: Mon, 25 Jul 2022 06:03:10 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

bidswitch
match.prod.bidr.io/cookie-sync/ Frame 9A08
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
https://usersync.gumgum.com/usersync?b=obn&i=ENC%28cjmGW7XEn3hywHjVtpS7nuEhNuK0_XJxwzQjFAliboyNW78XLbIYVP6IX7gz9vEH%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_43892000-77dd-43f1-8481-12f8389edad3&obuid=ENC(cjmGW7XEn3hywHjVtpS7nuEhNuK0_XJxwzQjFAliboyNW78XLbIYVP6IX7gz9vEH)
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
https://x.bidswitch.net/sync?ssp=outbrain&user_id=cjmGW7XEn3hywHjVtpS7nuEhNuK0_XJxwzQjFAliboyNW78XLbIYVP6IX7gz9vEH
https://match.prod.bidr.io/cookie-sync/bidswitch?bidswitch_ssp_id=outbrain&gdpr=&gdpr_consent=

43 B
430 B

133ms
30ms

Image
image/gif

52.50.170.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/bidswitch?bidswitch_ssp_id=outbrain&gdpr=&gdpr_consent=

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D

Protocol

HTTP/1.1

Server

52.50.170.21 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-170-21.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
Date: Mon, 25 Jul 2022 06:03:11 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //match.prod.bidr.io/cookie-sync/bidswitch?bidswitch_ssp_id=outbrain&gdpr=&gdpr_consent=
Date: Mon, 25 Jul 2022 06:03:10 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 9A08
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://usersync.gumgum.com/usersync?b=opx&i=d274bea9-c5ad-40e1-a01c-910ef61b9ddd

35 B
250 B

112ms
33ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=opx&i=d274bea9-c5ad-40e1-a01c-910ef61b9ddd
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Jul 2022 06:03:10 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

date: Mon, 25 Jul 2022 06:03:10 GMT
content-encoding: gzip
server: OXGW/485d39a
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://usersync.gumgum.com/usersync?b=opx&i=d274bea9-c5ad-40e1-a01c-910ef61b9ddd
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
via: 1.1 google

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 9A08
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sta&i=0-7998408d-b96a-4113-5ef5-a40a6a8e6f10$ip$37.58.57.1

35 B
250 B

33ms
33ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sta&i=0-7998408d-b96a-4113-5ef5-a40a6a8e6f10$ip$37.58.57.1
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Jul 2022 06:03:10 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=sta&i=0-7998408d-b96a-4113-5ef5-a40a6a8e6f10$ip$37.58.57.1
Date: Mon, 25 Jul 2022 06:03:10 GMT
Connection: keep-alive
Content-Length: 124
Content-Type: text/html; charset=utf-8

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 9A08
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=oth&i=y-nAKLvF5E2pcMKrkTz4_YcUXkrv5kPuJ8RQNC~A

35 B
250 B

142ms
33ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=oth&i=y-nAKLvF5E2pcMKrkTz4_YcUXkrv5kPuJ8RQNC~A
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Jul 2022 06:03:10 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

date: Mon, 25 Jul 2022 06:03:10 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://usersync.gumgum.com/usersync?b=oth&i=y-nAKLvF5E2pcMKrkTz4_YcUXkrv5kPuJ8RQNC~A
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 9A08
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
https://usersync.gumgum.com/usersync?b=vnt&i=760c17f0-0bdf-11ed-bc57-97e675ec6313

35 B
250 B

29ms
28ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=vnt&i=760c17f0-0bdf-11ed-bc57-97e675ec6313
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Jul 2022 06:03:10 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=vnt&i=760c17f0-0bdf-11ed-bc57-97e675ec6313
Date: Mon, 25 Jul 2022 06:03:09 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0
X-CI-RTID: 760c17f1-0bdf-11ed-bc57-97e675ec6313

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 9A08
Redirect Chain

https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
https://usersync.gumgum.com/usersync?b=snc&i=GDPR

35 B
250 B

37ms
37ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=snc&i=GDPR
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Jul 2022 06:03:10 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

date: Mon, 25 Jul 2022 06:03:10 GMT
via: 1.1 varnish
server: nginx
age: 0
location: https://usersync.gumgum.com/usersync?b=snc&i=GDPR
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 466294283
access-control-allow-origin: https://g2.gumgum.com/
access-control-allow-credentials: true
content-length: 0

GET
H2 200 142
match.deepintent.com/usersync/ Frame 9A08 0
44 B 374ms
93ms Image
text/plain 38.91.45.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software: a /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 06:03:09 GMT
content-length: 0
server: a

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 9A08
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_43892000-77dd-43f1-8481-12f8389edad3&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
https://stags.bluekai.com/site/23178?id=VLsVheWy-vEbIsf6NinZ&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2VSMONLGQZKXPEWXMRLCJFZWMNSONFXFU...
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=VLsVheWy-vEbIsf6NinZ&us_privacy=1---

35 B
250 B

33ms
33ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=VLsVheWy-vEbIsf6NinZ&us_privacy=1---
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Jul 2022 06:03:10 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 25 Jul 2022 06:03:10 GMT
P3p: CP="We do not support P3P header."
Location: https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=VLsVheWy-vEbIsf6NinZ&us_privacy=1---
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 123
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 9A08
Redirect Chain

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://usersync.gumgum.com/usersync?b=idi&i=b3de45f8-10c8-4f52-a413-3bb3d09980cb

35 B
250 B

34ms
34ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=idi&i=b3de45f8-10c8-4f52-a413-3bb3d09980cb
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Jul 2022 06:03:10 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=idi&i=b3de45f8-10c8-4f52-a413-3bb3d09980cb
date: Mon, 25 Jul 2022 06:03:10 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 9A08
Redirect Chain

https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7245081698

70 B
264 B

63ms
25ms

Image
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7245081698
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 06:03:10 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 25 Jul 2022 06:03:10 GMT
etag: RX95176ab35c004be0b91f7ccafb0d0091003
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7245081698
cache-control: no-store, no-cache, must-revalidate
content-type: text/html
expires: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 9A08
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://usersync.gumgum.com/usersync?b=pln&i=HInZ3AJ8ZLBE&ev=1&pid=558355

35 B
250 B

33ms
32ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=pln&i=HInZ3AJ8ZLBE&ev=1&pid=558355
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Jul 2022 06:03:10 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: de-DE
location: https://usersync.gumgum.com/usersync?b=pln&i=HInZ3AJ8ZLBE&ev=1&pid=558355
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-6886c85865-vswdx
expires: -1

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 9A08
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sad&i=4946848829712526122

35 B
250 B

28ms
28ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sad&i=4946848829712526122
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Jul 2022 06:03:10 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=sad&i=4946848829712526122
date: Mon, 25 Jul 2022 06:03:09 GMT
content-length: 0

GET
H2 200 sync
ads.servenobid.com/ Frame 9A08 0
357 B 218ms
207ms Image
image/avif 34.251.34.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=309&uid=e_43892000-77dd-43f1-8481-12f8389edad3
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.34.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-34-15.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 06:03:10 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 1656
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://usersync.gumgum.com/usersync?b=mmh&i=8fcc62de-321e-4600-9ada-5fc76f13a6d2&gdpr=0&gdpr_consent=

35 B
250 B

156ms
32ms

Document
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=mmh&i=8fcc62de-321e-4600-9ada-5fc76f13a6d2&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Mon, 25 Jul 2022 06:03:10 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Mon, 25 Jul 2022 06:03:10 GMT
Expires: Mon, 25 Jul 2022 06:03:09 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 4475 c1dc35a master cdg-pixel-x7 config:1.0.0
location: https://usersync.gumgum.com/usersync?b=mmh&i=8fcc62de-321e-4600-9ada-5fc76f13a6d2&gdpr=0&gdpr_consent=

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 330C
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Yt4yHgABcvvSCwAK
https://usersync.gumgum.com/usersync?b=atm&i=Yt4yHgABcvvSCwAK&gdpr=0&gdpr_consent=&_test=Yt4yHgABcvvSCwAK

35 B
250 B

74ms
28ms

Document
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=atm&i=Yt4yHgABcvvSCwAK&gdpr=0&gdpr_consent=&_test=Yt4yHgABcvvSCwAK
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Mon, 25 Jul 2022 06:03:10 GMT
Expires: 0
Pragma: no-cache

Redirect headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Mon, 25 Jul 2022 06:03:10 GMT
location: https://usersync.gumgum.com/usersync?b=atm&i=Yt4yHgABcvvSCwAK&gdpr=0&gdpr_consent=&_test=Yt4yHgABcvvSCwAK
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-fra19160-FRA
x-timer: S1658728990.227674,VS0,VE0

GET
H3

200

pixel Show response
cm.g.doubleclick.net/ Frame 89BE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV80Mzg5MjAwMC03N2RkLTQzZjEtODQ4MS0xMmY4Mzg5ZWRhZDM=&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV80Mzg5MjAwMC03N2RkLTQzZjEtODQ4MS0xMmY4Mzg5ZWRhZDM=&gdpr=0&gdpr_consent=&google_tc=

170 B
188 B

68ms
24ms

Document
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV80Mzg5MjAwMC03N2RkLTQzZjEtODQ4MS0xMmY4Mzg5ZWRhZDM=&gdpr=0&gdpr_consent=&google_tc=

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 170
content-type: image/png
cross-origin-resource-policy: cross-origin
date: Mon, 25 Jul 2022 06:03:10 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 364
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Jul 2022 06:03:10 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV80Mzg5MjAwMC03N2RkLTQzZjEtODQ4MS0xMmY4Mzg5ZWRhZDM=&gdpr=0&gdpr_consent=&google_tc=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 8641 15 KB
6 KB 27ms
8ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=72784
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Mon, 25 Jul 2022 06:03:10 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Tue, 26 Jul 2022 02:16:14 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame CF76 70 B
264 B 76ms
59ms Document
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Mon, 25 Jul 2022 06:03:10 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 1E34
Redirect Chain

https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID
https://cs.emxdgt.com/umcheck?apnxid=4887541690117213452&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID
https://usersync.gumgum.com/usersync?b=emx&uid=4887541690117213452brt50801658728990146679f1

35 B
250 B

120ms
33ms

Document
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=emx&uid=4887541690117213452brt50801658728990146679f1
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Mon, 25 Jul 2022 06:03:10 GMT
Expires: 0
Pragma: no-cache

Redirect headers

content-length: 0
content-type: text/html
date: Mon, 25 Jul 2022 06:03:09 GMT
location: https://usersync.gumgum.com/usersync?b=emx&uid=4887541690117213452brt50801658728990146679f1

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame E38F
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://usersync.gumgum.com/usersync?b=sus&i=Yt4yHsCo5s0AAIqH7ogAAAAA

35 B
250 B

35ms
35ms

Document
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=sus&i=Yt4yHsCo5s0AAIqH7ogAAAAA
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Mon, 25 Jul 2022 06:03:11 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Cache-Control: private
Connection: keep-alive
Content-Length: 0
Date: Mon, 25 Jul 2022 06:03:11 GMT
Location: https://usersync.gumgum.com/usersync?b=sus&i=Yt4yHsCo5s0AAIqH7ogAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
Server: nginx
X-SO-Ads-Time: 131
X-SO-Cluster-ID: 55
X-SO-HostName: m-ad311.dc4p.scaleout.jp
X-SO-IP: 37.58.57.1
X-SO-Key: Yt4yHsCo5s0AAIqH7ogAAAAA
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":55,"gdpr":true,"ipv4":"0.0.0.0","key":"Yt4yHsCo5s0AAIqH7ogAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad311"}
X-SO-LB-Hostname: a-tgng40009.dc2p.scaleout.jp
X-SO-Upstream-ID: m-ad311

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 09F2
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://creativecdn.com/cm-notify?pi=gumgum&tc=1
https://usersync.gumgum.com/usersync?b=rth&i=6ppXcRtZLDbfWdRZoNTY&pi=gumgum&tc=1

35 B
250 B

105ms
29ms

Document
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=rth&i=6ppXcRtZLDbfWdRZoNTY&pi=gumgum&tc=1
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Mon, 25 Jul 2022 06:03:10 GMT
Expires: 0
Pragma: no-cache

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Mon, 25 Jul 2022 06:03:10 GMT Mon, 25 Jul 2022 06:03:10 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://usersync.gumgum.com/usersync?b=rth&i=6ppXcRtZLDbfWdRZoNTY&pi=gumgum&tc=1
pragma: no-cache

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 1A1C
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
https://eus.rubiconproject.com/usync.html?p=gumgum

281 B
554 B

48ms
7ms

Document
text/html

23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 25 Jul 2022 06:03:10 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Mon, 25 Jul 2022 06:03:10 GMT
location: https://eus.rubiconproject.com/usync.html?p=gumgum
server: AkamaiGHost

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 1DE2 170 B
243 B 160ms
34ms Image
image/png 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yt4yHeOqxxPUPVfqqZmVRgAABKUAAAIB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 06:03:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 1DE2 70 B
264 B 56ms
53ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 06:03:10 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 1DE2
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yt4yHeOqxxPUPVfqqZmVRgAABKUAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yt4yHeOqxxPUPVfqqZmVRgAABKUAAAIB&dcc=t

43 B
645 B

105ms
105ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yt4yHeOqxxPUPVfqqZmVRgAABKUAAAIB&dcc=t

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Jul 2022 06:03:10 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 3N073TM260KENXG91YMX
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 25 Jul 2022 06:03:10 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: SZ42R869MF49T2159QTM
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yt4yHeOqxxPUPVfqqZmVRgAABKUAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 1DE2
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yt4yHeOqxxPUPVfqqZmVRgAA
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=Yt4yHeOqxxPUPVfqqZmVRgAA&google_tc=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGjdUgZvvjRM3QjN9KMAHgA&google_cver=1&gdpr=1

43 B
913 B

29ms
29ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGjdUgZvvjRM3QjN9KMAHgA&google_cver=1&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray: 7302b0dd2e2b929c-FRA
pragma: no-cache
date: Mon, 25 Jul 2022 06:03:10 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HfEA9uCH31A4k9onJHqSu7msUmHuxN%2FS7rDNT22%2BW%2FcMBw6hqvY91nIPJOLNC%2FxJEdAHUgf4WuztplAllvMRrMYmKvDxOFi5UXGte8nA2%2BKh%2FfzdpFGIpKMk6d1kvmguDrahuWKsSkOfgg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 25 Jul 2022 06:03:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGjdUgZvvjRM3QjN9KMAHgA&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

crum
dsum.casalemedia.com/ Frame 1DE2
Redirect Chain

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=b32dfaae-4770-ca60-5f9a1042

43 B
946 B

67ms
24ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=b32dfaae-4770-ca60-5f9a1042
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray: 7302b0dd69959b2e-FRA
pragma: no-cache
date: Mon, 25 Jul 2022 06:03:10 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4UcLlqXdzriXWpvuNOEADMf1F9ioolNJAO%2BXf1pYrumEtfW42OfHiNHnhGXxgOPZQ5GZm%2Ftp2dytCaMTvgoaOmgdFZitJ1B%2B3jwh50tBk7AnVK9v%2Fw1FFeKD5epz%2FW2BeebdkIR0"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

date: Mon, 25 Jul 2022 06:03:10 GMT
via: 1.1 google
server: nginx/1.22.0
access-control-allow-origin: *
p3p: CP='This is not a P3P policy!'
location: https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=b32dfaae-4770-ca60-5f9a1042
cache-control: max-age=3600
content-type: text/html; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 1DE2
Redirect Chain

https://sync.extend.tv/r.gif?exchange=index
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=7280517c-f608-4d07-ac69-fd74147bc3a8

43 B
915 B

25ms
24ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=7280517c-f608-4d07-ac69-fd74147bc3a8
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray: 7302b0de9f58929c-FRA
pragma: no-cache
date: Mon, 25 Jul 2022 06:03:10 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s8QLJdpKyCk8CB4R5HjVbHtklZjkqWQ7j4XJOuB6Y%2B%2FyYfuX%2B1zoVdw4f%2BGU9BQbLa9rRMRNFl8JMx3B%2FzJujeQM9oOpLWnAhhYW3cr4Q96JJVKAew%2F5elBvIo3vSvzaWu2Y5qXz2bM3Rw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 25 Jul 2022 06:03:10 GMT
Access-Control-Allow-Origin: *
Content-Type: text/html; charset=utf-8
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=7280517c-f608-4d07-ac69-fd74147bc3a8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 132
Expires: Tue, 29 May 1984 15:00:00 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 1DE2 0
191 B 151ms
26ms Image
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 06:03:10 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 1DE2
Redirect Chain

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

43 B
945 B

57ms
32ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray: 7302b0dcede6929c-FRA
pragma: no-cache
date: Mon, 25 Jul 2022 06:03:10 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9EdVjCxh5EpG%2FByU53P9P9rVZmk0QAPGXZbdJjoYZsmOn7BnuCH8EFCCRy1v4amgTPdEH2aS4tGu3mf%2BEIVt%2F9l13OLjOfjSq7lObbpMkQEecCIr99vQdF2CVm8TJe0Qqf6E18Z4Gs5uxA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

date: Mon, 25 Jul 2022 06:03:10 GMT
server: nginx
access-control-allow-origin: *
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control: no-cache
content-type: text/html; charset=UTF-8
access-control-allow-headers: Origin
keep-alive: timeout=10

GET
H2 200 sync
ads.servenobid.com/ Frame 1DE2 0
357 B 928ms
927ms Image
image/avif 34.251.34.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=333&uid=Yt4yHeOqxxPUPVfqqZmVRgAABKUAAAIB
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.34.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-34-15.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 06:03:10 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2 200 vbl.gif
pre.glotgrx.com/ Frame DE7C 26 B
304 B 49ms
18ms Image
image/gif 2606:4700::6810:79c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/vbl.gif?cb=1658728990137&rnd=c76dyu3k2ogh&ifm=1&uai=1&cid=1041&s=androidmtk.com&p=undefined&x=&adtg=&ats=0&atf=&nsi=&si=&nci=&nai=&pft=0&iip=0&adb=1&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=&idl=&ttduid=&id5=&emh=
Requested by: Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1658728986638&secure=true&version=9&uuid=af02ae5d-38c1-40fb-b40f-0107a516a90c&title=Download%20LG%20Firmware%20Extract%20Tool%20(.kdz%20.dz%20extract%20tool)&url=https%3A%2F%2Fandroidmtk.com%2Flg-firmware-extract-tool
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:79c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mantodea.mantisadnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 06:03:10 GMT
cf-cache-status: HIT
last-modified: Wed, 20 Jul 2022 04:32:25 GMT
server: cloudflare
age: 450
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 7302b0dcbcb59bb2-FRA
content-length: 26
expires: Mon, 25 Jul 2022 08:03:10 GMT

GET
H2 200 nflrc.gif
pre.glotgrx.com/ Frame DE7C 26 B
88 B 49ms
18ms Image
image/gif 2606:4700::6810:79c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/nflrc.gif?cb=1658728990104799&ver=1.2r81&qid=83233313f553333313f513430313&p=undefined&s=androidmtk.com&x=&cid=1041&od1=&od2=&adtg=&nci=&nai=&si=&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=c76dyu3k2ogh&impid=&idl=&ttduid=&id5=&emh=&tps=2&ver1=2.2.3&1=6e17c7e6c7e27084bd785b066e2c005e&2=0.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%220%22%3A%22Chrome%2520PDF%2520Plugin%2520-%2520%2520-%2520internal-pdf-viewer%2520-%2520Portable%2520Document%2520Formatfl_br%22%2C%221%22%3A%22Chrome%2520PDF%2520Viewer%2520-%2520%2520-%2520mhjfbmdgcfjbbpaeojofohoefgiehjai%2520-%2520fl_br%22%2C%222%22%3A%22Native%2520Client%2520-%2520%2520-%2520internal-nacl-plugin%2520-%2520fl_br%22%7D%7D&6=2&7={%22e%22:%2211%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=1041&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=1&icpl=27&icp=https%253A//androidmtk.com/&irfl=27&irf=https%253A//androidmtk.com/&cty=4&fcs=0&flky=ver-fl-6-qid-fl-28-p-fl-9-s-fl-14-x-fl-0-cid-fl-4-od1-fl-0-od2-fl-0-adtg-fl-0-nci-fl-0-nai-fl-0-si-fl-0-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-idl-fl-0-ttduid-fl-0-id5-fl-0-emh-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-&spfp=0&spfnp=0&sp1=Chromefl_andWindows&sp2=Chromefl_andWindows&adv=0&det=1&adb=1&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=0x0&gpu=Intel%20Iris%20OpenGL%20Engine&ncf=4g_10_undefined_null_0_undefined_false&chua={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}&fli=&flerr=0&trim=&fio=47
Requested by: Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1658728986638&secure=true&version=9&uuid=af02ae5d-38c1-40fb-b40f-0107a516a90c&title=Download%20LG%20Firmware%20Extract%20Tool%20(.kdz%20.dz%20extract%20tool)&url=https%3A%2F%2Fandroidmtk.com%2Flg-firmware-extract-tool
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:79c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mantodea.mantisadnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 06:03:10 GMT
cf-cache-status: HIT
last-modified: Wed, 20 Jul 2022 04:32:25 GMT
server: cloudflare
age: 455
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 7302b0dcbcb69bb2-FRA
content-length: 26
expires: Mon, 25 Jul 2022 08:03:10 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1A1C 31 KB
10 KB 10ms
8ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c3d3e53145b2e47ef3c4a2a08c8a644b8acf51380859a40d48a39447646e9a02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Mon, 25 Jul 2022 06:03:10 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Jul 2022 20:44:25 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=10483
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9450
Expires: Mon, 25 Jul 2022 08:57:53 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 1A1C 284 B
536 B 47ms
10ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?us_privacy=1---
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/jpg

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 1A1C 0
239 B 16ms
11ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&us_privacy=1---
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
364 B 28ms
27ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=androidmtk.com_fluid_lb%2Bsq_mtk_post&e=ufp&dsReferer=aHR0cHM6Ly9hbmRyb2lkbXRrLmNvbS9sZy1maXJtd2FyZS1leHRyYWN0LXRvb2w=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nf-request-id: 01G3GV2YDY73DC02Y3JKA054T1
date: Mon, 25 Jul 2022 06:03:11 GMT
cf-cache-status: HIT
age: 863399
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7302b0e55bd16927-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
364 B 15ms
15ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=androidmtk.com_auto_728x90_sticky_display_bottom&e=ufp&dsReferer=aHR0cHM6Ly9hbmRyb2lkbXRrLmNvbS9sZy1maXJtd2FyZS1leHRyYWN0LXRvb2w=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nf-request-id: 01G3GV2YDY73DC02Y3JKA054T1
date: Mon, 25 Jul 2022 06:03:11 GMT
cf-cache-status: HIT
age: 863399
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7302b0e55bd26927-FRA

Verdicts & Comments Add Verdict or Comment

144 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

61 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
live.demand.supply/	1970-01-20 22:16:40	Name: demandSupplyTi Value: e64bd91b-86fa-4780-acde-bfdca20fcae5
.androidmtk.com/	1970-01-20 22:16:40	Name: _ga Value: GA1.2.1190992647.1658728986
.androidmtk.com/	1970-01-20 04:46:55	Name: _gid Value: GA1.2.252135958.1658728986
.androidmtk.com/	1970-01-20 04:45:29	Name: _gat_gtag_UA_49440195_1 Value: 1
.adnxs.com/	1970-01-20 06:55:04	Name: icu Value: ChgIvahBEAoYASABKAEwmuT4lgY4AUABSAEQmuT4lgYYAA..
.adnxs.com/	1970-01-20 06:55:04	Name: uuid2 Value: 4887541690117213452
.lijit.com/	1970-01-20 13:31:04	Name: ljt_reader Value: FCHrtRZHvpAIpFvpTweyNc0S
.yahoo.com/	1970-01-20 13:31:26	Name: A3 Value: d=AQABBB0y3mICEA6GRzv5kNTygz2JX74PdAwFEgEBAQGD32LoYgAAAAAA_eMAAA&S=AQAAAjnqE1_60pD3QxzqComwWTc
.servenobid.com/	1970-01-20 04:55:33	Name: pid_312 Value: 4887541690117213452
.casalemedia.com/	1970-01-20 13:31:04	Name: CMID Value: Yt4yHeOqxxPUPVfqqZmVRgAA
.casalemedia.com/	1970-01-20 06:55:04	Name: CMPS Value: 1124
.ads.pubmatic.com/	1970-01-20 04:46:55	Name: KCCH Value: YES
.analytics.yahoo.com/	1970-01-20 13:31:04	Name: IDSYNC Value: 196n~267i
.lijit.com/	1970-01-20 13:31:04	Name: _ljtrtb_273657 Value: 273657
.smartadserver.com/	1970-01-20 14:15:43	Name: pid Value: 4946848829712526122
.gumgum.com/	1970-01-20 13:31:04	Name: vst Value: e_43892000-77dd-43f1-8481-12f8389edad3
.servenobid.com/	1970-01-20 04:55:33	Name: pid_339 Value: y-3j..nalE2uFT_r4x4AV1o06xUn1Ufqsml6ay3Ww-~A
.servenobid.com/	1970-01-20 04:55:33	Name: pid_310 Value: FCHrtRZHvpAIpFvpTweyNc0S
.servenobid.com/	1970-01-20 04:55:33	Name: pid_337 Value: y-3j..nalE2uFT_r4x4AV1o06xUn1Ufqsml6ay3Ww-~A
.servenobid.com/	1970-01-20 04:55:33	Name: pid_327 Value: 99471318-277a-43f5-b3f6-3c4e9bf911f1
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0NjQwNzc3MjIwNTI2MLE0MRTiM9TNLw1ycXR2zY_IKfMGAC6BqpslAAAA
.rfihub.com/	1970-01-20 14:07:04	Name: rud Value: H4sIAAAAAAAA_-MSNjU0NjQwNzc3MjIwNTI2MLE0MRTiM9TNLw1ycXR2zY_IKfMGAC6BqpslAAAA
.rfihub.com/	1970-01-20 14:07:04	Name: eud Value: H4sIAAAAAAAA_zslzmtoZmphbmRhaWFpaWoCAJ5g_IAQAAAA
.casalemedia.com/	1970-01-20 06:55:04	Name: CMPRO Value: 1189
.casalemedia.com/	1970-01-20 04:46:55	Name: CMST Value: Yt4yHWLeMh0A
.casalemedia.com/	1970-01-20 13:31:04	Name: CMRUM3 Value: f162de321d05a0&4062de321d05a0&e662de321d2760&9862de321d05a00&c462de321d05a0&bf62de321d05a0&2d62de321d05a0&2762de321d0b40
.1rx.io/	1970-01-20 13:31:04	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-95176ab3-5c00-4be0-b91f-7ccafb0d0091-003%22%2C%22zdxidn%22%3A%221506%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D%22%7D
.servenobid.com/	1970-01-20 04:55:33	Name: pid_317 Value: 4946848829712526122
.servenobid.com/	1970-01-20 04:55:33	Name: pid_324 Value: 5131077722052304941
.mathtag.com/	1970-01-20 14:11:24	Name: uuid Value: 8fcc62de-321e-4600-9ada-5fc76f13a6d2
.openx.net/	1970-01-20 13:31:04	Name: i Value: f6e52580-443f-4740-9db1-490b5a6caf66\|1658728990
.bidswitch.net/	1970-01-20 13:31:04	Name: tuuid Value: 64645efe-197f-470b-8434-e59b87da493d
.bidswitch.net/	1970-01-20 13:31:04	Name: c Value: 1658728990
.bidswitch.net/	1970-01-20 13:31:04	Name: tuuid_lu Value: 1658728990
.emxdgt.com/	1970-01-20 05:28:40	Name: euid Value: 50801658728990146679f1
.creativecdn.com/	1970-01-20 13:31:04	Name: u Value: 6ppXcRtZLDbfWdRZoNTY
.creativecdn.com/	1970-01-20 13:31:04	Name: ts Value: 1658728990
.dyntrk.com/	1970-01-20 13:31:04	Name: dyn_u Value: 03030001_62de321e25beb
.emxdgt.com/	1970-01-20 05:28:40	Name: eapn_id Value: 4887541690117213452
.everesttech.net/	1970-01-20 13:31:04	Name: everest_g_v2 Value: g_surferid~Yt4yHgABcvvSCwAK
.servenobid.com/	1970-01-20 04:55:33	Name: pid_309 Value: e_43892000-77dd-43f1-8481-12f8389edad3
.doubleclick.net/	1970-01-20 14:07:04	Name: IDE Value: AHWqTUkrgQexKmQXNVMk0N7-TS7XR2343oD5o5iftbyqP9iqn9uJf1NCn7PV_QrUKgY
.brand-display.com/	1970-01-20 22:16:40	Name: _knxq_ Value: b32dfaae-4770-ca60-5f9a1042.1658728990.0.1658728990.1658728990
.adform.net/	1970-01-20 05:30:07	Name: C Value: 1
.smartadserver.com/	1970-01-20 13:31:04	Name: csync Value: 69:03030001_62de321e25beb
.adform.net/	1970-01-20 06:11:41	Name: uid Value: 4286716817077151229
.yieldlift.com/	1970-01-20 13:31:04	Name: xuids Value: eyJ4dWlkIjoiNDZlNzk4MDUtMDUzNy00Y2NmLTkzMDEtYjRlOTlmNGJhZDI0IiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wNy0yNVQwNjowMzoxMC4yMjg2MjlaIn0=
.servenobid.com/	1970-01-20 04:55:33	Name: pid_314 Value: eyJ4dWlkIjoiNDZlNzk4MDUtMDUzNy00Y2NmLTkzMDEtYjRlOTlmNGJhZDI0IiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wNy0yNVQwNjowMzoxMC4yMjg2MjlaIn0=
.technoratimedia.com/	1970-01-22 00:33:28	Name: tads_uid Value: GDPR
.disqus.com/	1970-01-20 13:31:04	Name: zeta-ssp-user-id Value: 778e9758-ed20-bec4-3141-bf25ed4d3746
.outbrain.com/	1970-01-20 06:55:04	Name: obuid Value: 7f01e866-6f4d-4825-8902-bb87b2c7a4dc
.servenobid.com/	1970-01-20 04:55:33	Name: pid_346 Value: 778e9758-ed20-bec4-3141-bf25ed4d3746
.360yield.com/	1970-01-20 06:55:04	Name: tuuid Value: b3de45f8-10c8-4f52-a413-3bb3d09980cb
.360yield.com/	1970-01-20 06:55:04	Name: tuuid_lu Value: 1658728990
sync.srv.stackadapt.com/	1970-01-20 13:31:04	Name: sa-user-id Value: s%3A0-7998408d-b96a-4113-5ef5-a40a6a8e6f10.ufO%2BixufOywzBMXqK%2BYvAzSQpIKEXFqMMe74JgyfrHM
.srv.stackadapt.com/	1970-01-20 13:31:04	Name: sa-user-id-v2 Value: s%3AeZhAjblqQRNe9aQKao5vECU6OQE.IaWG8m6ENFswK%2Fqk1cEEBYEmEa9nH89GIYW8KaBQqus
.ipredictive.com/	1970-01-20 13:31:04	Name: cu Value: 760c17f0-0bdf-11ed-bc57-97e675ec6313\|1658728990447
.zemanta.com/	1970-01-20 13:31:04	Name: zuid Value: VLsVheWy-vEbIsf6NinZ
.casalemedia.com/	1970-01-20 06:55:04	Name: CMTS Value: 1156
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: fb5a3db4dc881579
.servenobid.com/	1970-01-20 04:55:33	Name: pid_333 Value: Yt4yHeOqxxPUPVfqqZmVRgAABKUAAAIB

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ad.360yield.com
ads.pubmatic.com
ads.servenobid.com
androidmtk.com
ap.lijit.com
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
btlr.sharethrough.com
buysellads-d.openx.net
c.amazon-adsystem.com
c1.adform.net
c2shb.ssp.yahoo.com
cdn.id5-sync.com
cdn4.buysellads.net
ce.lijit.com
cm.g.doubleclick.net
contextual.media.net
creativecdn.com
cs.admanmedia.com
cs.emxdgt.com
dmp.brand-display.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
g2.gumgum.com
googleads.g.doubleclick.net
gu.dyntrk.com
hb-api.omnitagjs.com
hbopenbid.pubmatic.com
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
lb.eu-1-id5-sync.com
live.demand.supply
mantodea.mantisadnetwork.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
mp.4dex.io
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
pixel.yabidos.com
pr-bh.ybp.yahoo.com
pre.glotgrx.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
r.casalemedia.com
rtb-csync.smartadserver.com
s.amazon-adsystem.com
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
srv.buysellads.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.extend.tv
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.technoratimedia.com
tg.socdm.com
token.rubiconproject.com
u.openx.net
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
x.yieldlift.com
104.111.215.191
104.16.200.58
104.18.18.126
104.18.19.126
108.138.4.10
129.158.42.199
141.95.98.71
142.250.185.194
147.75.85.234
151.101.193.108
151.101.194.49
162.19.138.116
162.19.80.92
172.217.18.2
178.162.133.149
178.250.2.131
178.62.198.146
18.66.112.30
185.184.8.90
185.255.84.151
185.29.134.244
185.64.189.112
185.64.190.78
185.86.139.102
185.86.139.114
192.124.249.19
193.0.160.129
198.148.27.139
2.18.235.93
202.241.208.56
209.54.182.161
213.19.147.44
216.52.2.39
216.52.2.48
23.205.235.133
23.35.236.201
23.75.240.210
2606:4700:20::681a:8a9
2606:4700::6810:79c3
2606:4700::6810:8516
2606:4700::6812:272
2a00:1450:4001:801::200e
2a00:1450:4001:806::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2003
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:829::2008
2a00:1450:4001:831::200e
2a00:1450:400c:c1b::9b
2a02:2638::3
2a05:d018:d29:3602:80b2:ded:f09c:81b2
3.126.56.137
3.127.61.11
3.74.89.102
34.107.148.139
34.111.151.213
34.192.115.74
34.200.181.104
34.225.35.162
34.247.233.198
34.251.34.15
35.244.159.8
37.157.3.30
37.252.172.123
37.252.173.38
38.91.45.7
46.105.202.126
50.19.106.30
50.31.142.191
51.89.9.252
52.223.40.198
52.28.203.152
52.48.21.211
52.50.170.21
52.59.116.64
52.7.59.203
54.146.39.184
54.155.185.156
64.202.112.31
66.155.71.25
69.173.144.138
69.173.144.139
88.214.206.247
94.31.29.32
04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674
05009765587cd8f46252ad40f4fa775e11ed75ad67f575d31956f92be981f0c4
05fcc4a9e07bfcb89759334b07d0c41698d2ac60f2036797bee40451d6a13b06
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08757054e9cdfafff389bac4e51255b2ea6b4e733a4ee90919c0b13d9140d28e
0926862541cd4c5f25b513c405e3d724e923d3315f60749824758dad45752cc5
09632fc32655b4266de845ac8d15dddc6bbc219993d570236608355e159e0ae8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ceee87b4f5030bcea1406c18ab6534743fd5f65a37fafd864cc47af46ba79bc
121851f1309529e1fd5f53c11b52fdd432161a019648f7b7e9d6f1c2a59efd77
155c9af0f27f3742c031083e19fc9f49eaf456ca36b08503ca77262be14d51d3
160d660e72443d4a7d8200baf275376a46989c23c4a7596f2ac2154721c2d9a6
1881dae6aa1793eabf98457aebc1e6323810ed63526e6634ed8a5f2e7a8afa2b
1abfbaa1b77dba3975ce276d997a46123e224d85ff39eaae705d25626b5a1d15
1cb70eb8a8d93c610cee835680e114a485549f7b252788c343660f509fa39e3c
1cdb51384fc4f0c2ec674d2a676b56264f56eed4744f8bac4548302c32bfd07b
1d8a681267255be49e6df60cc423278e78c81bd9707b754a1d418f4d2a1028b4
1e8a4f91d8cc7113d9602d29610bf67af8eb280e2632697c94480e414fe39b6f
227ce3ae565770cf34f8d2a0b84dacb46763002afbb6dfcd80d4f16f0d9776c1
2de23783fc533f3b32f9e94e02904a89da12effb076ec3637fa95ed7ed3ffce7
2debda357ba18f68d849642dfa450680f23b3382ee41806b3d910efffacc0088
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c09cbf81f03753d7cb52a4479242661d792e17938ba57d77372b0525eeff418
3cf8b62db24277978593cf6bea1610e06eccc08405724bf678d3950819e8d78d
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
458839e2731d5100b4b0cf21a39f2dc95840256e7d5daf193fde2e1bc8893011
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4cf0498d6f16d928751dae8b235dab5e250f65d561f43e2dc20d982efac6016f
4dd3add41db8abc760b3080112cea48bfc819d5d4a44d69bb89d4a9665a21464
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51f699f062d9be05d523300ac5fbc6ac10f6ea9cfb19d8830b093c2a55898315
561aec52e5ec804ee143532298b8677dcf6da42fec6541484f50cdb94611d65b
62eccd78e0d87a7ecf5dd7895c9e26cad111fe109ea355d275e0230fd3570363
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b53fd6f830ab1a5e29609df77a03ca0e33bd03c1502fdfd632eb34a2ad4c2c1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d223d7a692d32c260f1fbd09b4bc090c19a214d3934a7e02a61c8358d9163b2
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
761229c523160fe8d5d3fb1a904043918eb66c7c6ffebcbd5d7280f7fbbcf246
7d44e5960e50212c5996ab9a12b47cfb8b019b5a26f6077ccc7de8e6ebf09809
7fb31a5109ed475ca69aa607e74dc8c5d121e50e7832b5bad1418efd4e7699bb
82e3811cdfceb32fce78d37685ff4189f3927def60304312c3519603939f0ba8
83ed95482d7f3126b555efe2a06c4812af9f6df7d7ac26a809e8b4aecffa78d1
87d98c58214039d8317f6519c1441b13d920e83988a58cfc51ea5dbcbe7094e0
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e135e7de211ea21dd838640138d510b9bf19cdf36aeccd0ccfe6bd90590cdd1
927bee46c9c494dda2d19fdc9b195e4b1ee547a786b6131bdfd842746c8f368b
956fff8f655ec034c4c9b5ea6d09934ac0460bf6cf42f6e3c5b0e6697e71562d
95b9a52e25b63bd15cddae44ad414eb77c60b2f07300648bc8776ef39810a013
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
99dcc802592d9913a80b91fa639b9004541385c343f76abf3cd3f1be919b6f50
a07e73bdd25c1487f3eea35339867d704932429cd7c1fdf362423e08abc1e93a
a0a005bfa8389eda8a2bf8c1350bfd9c7f0d2d4bca970ba16915ce2c439f23c7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a7235a4bfe4fc44112cd4251eca419eb99a5a2e543557456d43e3e23e1fc8dfa
ac102e5ac32bf9d04852bd46b1ed524a61e99ea7216b222f990a61ad937a7d25
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
aeb2eb778ac5b2e53d183a580cf865d2a81989c06e8e239062abe92f9c5ea667
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6
b6d1f6662fba6c649c4b906368c6c758a51a9ffc03639875681c3fc4ce2f8998
b95939599754deb2250672a0ecba1494e7af2352a3598695df9684d77f953d73
b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
c1ba233081200a5f9a126278eb189aa1c192b633751acee9cf57752f7018290a
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3d3e53145b2e47ef3c4a2a08c8a644b8acf51380859a40d48a39447646e9a02
c53b74b6a2fb530b4d0742a73c2a325e1b51211c889f499c627d025fb615c2ac
c65f3abade1a3d19cd5431994709a9281326871c0523984a9e04b0220e05e143
cf99cfb5ddd705ffb0ca32e221ab207947968503732683f40f6751a40baf1898
d015f0372f200235060d8f837007953c1e256eef7345d844458fb2443ef990c8
d25b470928984e737126b7d9718a4217c2acfbc03314ae65fa2de9c63dea6092
d9072535eb75df61d1f25407ed1e62119004fb8a6be26c63861efb96a4946406
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e960b2a590f56ef4f387973205d6d2ccb0e0f46e4b18c75353ca5c72f282e1f6
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
f1583164547ac35e4412d03037278be4701a2727f4300f78d157a305235e24c5
f163028487915d2362724581276315a30de18de25e9033627d10a5bdd4abe03e
f3a946a116a4f108ff7d03411595427e2743afcf9f6f535fcb411dbd9456002b
f4ed4a399498c9997be6dc3e1d7a18c2b4d89a063a314068db739d9457338aec
ff3313a1cd4ff13a2b2064cae80ad23117f15ae8381de9fe8ca31b832d3961b5

androidmtk.com Open in urlscan Pro 192.124.249.19 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

150 Requests

81 %HTTPS

18 %IPv6

64 Domains

89 Subdomains

58 IPs

10 Countries

1341 kBTransfer

3533 kBSize

61 Cookies

9 Outgoing links

Redirected requests

150 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

androidmtk.com Open in urlscan Pro
192.124.249.19 Public Scan

Screenshot
Live screenshot

Full Image

150
Requests

81 %
HTTPS

18 %
IPv6

64
Domains

89
Subdomains

58
IPs

10
Countries

1341 kB
Transfer

3533 kB
Size

61
Cookies

150 HTTP transactions
5 data transactions