urlscan.io logo urlscan.io
SecurityTrails logo

anotepad.com Open in urlscan Pro
207.244.104.157  Public Scan

Go To Rescan Add Verdict Report
URL: https://anotepad.com/notes/8mgfm8k4
Submission: On October 13 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 86 IPs in 10 countries across 87 domains to perform 332 HTTP transactions. The main IP is 207.244.104.157, located in Alexandria, United States and belongs to LEASEWEB-USA-WDC, US. The main domain is anotepad.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 20th 2020. Valid for: a year.
This is the only time anotepad.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 207.244.104.157 30633 (LEASEWEB-...)
1 142.250.184.200 15169 (GOOGLE)
2 104.18.10.207 13335 (CLOUDFLAR...)
6 13.226.155.102 16509 (AMAZON-02)
7 172.67.68.60 13335 (CLOUDFLAR...)
2 142.250.185.170 15169 (GOOGLE)
4 184.30.24.121 16625 (AKAMAI-AS)
5 35.201.71.192 15169 (GOOGLE)
1 23.218.209.154 16625 (AKAMAI-AS)
2 142.250.186.46 15169 (GOOGLE)
1 74.125.133.154 15169 (GOOGLE)
1 4 13.226.155.52 16509 (AMAZON-02)
1 4 216.58.212.132 15169 (GOOGLE)
1 35.241.45.217 15169 (GOOGLE)
4 142.250.185.98 15169 (GOOGLE)
1 1 104.21.192.118 13335 (CLOUDFLAR...)
1 172.67.70.134 13335 (CLOUDFLAR...)
5 142.250.186.162 15169 (GOOGLE)
1 3 142.250.185.166 15169 (GOOGLE)
1 104.26.3.70 13335 (CLOUDFLAR...)
11 13.226.155.24 16509 (AMAZON-02)
1 130.211.23.194 15169 (GOOGLE)
3 5 91.228.74.133 16509 (AMAZON-02)
1 18.66.242.153 16509 (AMAZON-02)
20 35.244.159.8 15169 (GOOGLE)
5 34.149.20.76 15169 (GOOGLE)
9 18.197.116.184 16509 (AMAZON-02)
2 54.77.232.22 16509 (AMAZON-02)
2 178.250.0.165 44788 (ASN-CRITE...)
5 11 185.33.221.88 29990 (ASN-APPNEX)
10 35.157.246.167 16509 (AMAZON-02)
2 185.64.189.112 62713 (AS-PUBMATIC)
2 69.173.144.141 26667 (RUBICONPR...)
2 18.192.135.64 16509 (AMAZON-02)
2 184.31.84.150 16625 (AKAMAI-AS)
6 54.80.147.122 14618 (AMAZON-AES)
6 151.101.130.133 54113 (FASTLY)
2 52.57.27.215 16509 (AMAZON-02)
1 18.66.248.11 16509 (AMAZON-02)
2 142.250.74.194 15169 (GOOGLE)
4 142.250.185.129 15169 (GOOGLE)
8 99.81.41.171 16509 (AMAZON-02)
2 151.101.2.133 54113 (FASTLY)
1 1 52.44.110.4 14618 (AMAZON-AES)
16 20 142.250.184.194 15169 (GOOGLE)
7 12 76.223.111.131 16509 (AMAZON-02)
3 35.244.174.68 15169 (GOOGLE)
1 2 104.92.72.137 16625 (AKAMAI-AS)
6 7 3.125.70.222 16509 (AMAZON-02)
1 1 46.228.164.13 56396 (AMOBEE)
6 6 185.29.132.245 30419 (MEDIAMATH...)
4 4 151.101.130.49 54113 (FASTLY)
1 1 216.46.185.183 13649 (ASN-VINS)
1 64.58.232.180 13649 (ASN-VINS)
2 6 185.64.189.115 62713 (AS-PUBMATIC)
1 1 107.178.240.89 15169 (GOOGLE)
10 142.250.185.226 15169 (GOOGLE)
25 142.250.184.225 15169 (GOOGLE)
2 216.58.212.130 15169 (GOOGLE)
2 178.250.2.130 44788 (ASN-CRITE...)
2 172.217.23.98 15169 (GOOGLE)
2 172.217.23.102 15169 (GOOGLE)
2 178.250.2.146 44788 (ASN-CRITE...)
18 87.248.118.23 34010 (YAHOO-IRD)
7 23.218.208.200 16625 (AKAMAI-AS)
4 184.30.20.198 16625 (AKAMAI-AS)
2 2 213.155.156.183 1299 (TWELVE99 ...)
2 26 185.64.190.80 62713 (AS-PUBMATIC)
1 1 178.250.2.151 44788 (ASN-CRITE...)
2 5 159.253.128.188 36351 (SOFTLAYER)
5 6 37.157.4.28 198622 (ADFORM)
4 185.64.189.114 62713 (AS-PUBMATIC)
1 67.202.105.22 32748 (STEADFAST)
2 151.101.65.108 54113 (FASTLY)
4 16 2.21.141.232 16625 (AKAMAI-AS)
2 104.109.78.125 16625 (AKAMAI-AS)
11 12 3.123.82.137 16509 (AMAZON-02)
2 2 35.210.178.101 15169 (GOOGLE)
1 1 85.114.159.118 ()
16 16 52.16.151.94 16509 (AMAZON-02)
3 3 185.86.139.89 201081 (SMARTADSE...)
3 3 198.148.27.139 ()
1 1 162.55.6.213 24940 (HETZNER-AS)
3 3 213.19.147.44 3356 (LEVEL3)
1 1 188.165.137.78 16276 (OVH)
1 72.251.241.204 29791 (VOXEL-DOT...)
1 172.67.74.129 13335 (CLOUDFLAR...)
1 2 104.18.13.5 13335 (CLOUDFLAR...)
1 2 151.101.129.44 54113 (FASTLY)
1 169.197.150.7 398989 (DEEPINTENT)
6 6 3.123.163.175 16509 (AMAZON-02)
1 1 38.27.122.126 174 (COGENT-174)
1 1 34.201.255.167 14618 (AMAZON-AES)
2 2 146.59.148.16 16276 (OVH)
2 3 18.156.0.31 16509 (AMAZON-02)
1 2 212.82.100.176 34010 (YAHOO-IRD)
1 2 89.207.16.201 41041 (VCLK-EU-SE)
2 2 66.155.71.150 13768 (COGECO-PEER1)
1 1 46.228.164.11 56396 (AMOBEE)
1 1 178.62.202.251 14061 (DIGITALOC...)
1 1 34.98.107.212 15169 (GOOGLE)
1 2 185.33.221.15 29990 (ASN-APPNEX)
1 52.48.175.241 16509 (AMAZON-02)
1 1 34.199.172.6 14618 (AMAZON-AES)
1 1 143.204.209.115 16509 (AMAZON-02)
2 2 18.195.183.48 ()
4 104.16.200.58 13335 (CLOUDFLAR...)
2 4 52.46.154.242 16509 (AMAZON-02)
1 54.205.198.41 14618 (AMAZON-AES)
4 104.16.64.54 13335 (CLOUDFLAR...)
3 3 69.173.144.139 26667 (RUBICONPR...)
4 69.173.144.165 26667 (RUBICONPR...)
1 52.18.85.49 16509 (AMAZON-02)
1 1 54.236.220.178 ()
1 2 52.48.137.92 16509 (AMAZON-02)
332 86
2    207.244.104.157 (Alexandria, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
PTR: anotepad.com
anotepad.com
1    142.250.184.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f8.1e100.net
www.googletagmanager.com
2    104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
6    13.226.155.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-102.dus51.r.cloudfront.net
cdn.anotepad.com
7    172.67.68.60 (United States)

ASN13335 (CLOUDFLARENET, US)
a.pub.network
2    142.250.185.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f10.1e100.net
ajax.googleapis.com
4    184.30.24.121 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-121.deploy.static.akamaitechnologies.com
s7.addthis.com
v1.addthisedge.com
m.addthis.com
5    35.201.71.192 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 192.71.201.35.bc.googleusercontent.com
d.pub.network
c.pub.network
1    23.218.209.154 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-209-154.deploy.static.akamaitechnologies.com
z.moatads.com
2    142.250.186.46 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f14.1e100.net
www.google-analytics.com
1    74.125.133.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f154.1e100.net
stats.g.doubleclick.net
4    13.226.155.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-52.dus51.r.cloudfront.net
sb.scorecardresearch.com
4    216.58.212.132 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f132.1e100.net
www.google.com
1    35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com
pghub.io
4    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
www.googletagservices.com
1    104.21.192.118 (None, )

ASN13335 (CLOUDFLARENET, US)
freestar-io.videoplayerhub.com
1    172.67.70.134 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
5    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
securepubads.g.doubleclick.net
3    142.250.185.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net
ad.doubleclick.net
1    104.26.3.70 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
11    13.226.155.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-24.dus51.r.cloudfront.net
tagan.adlightning.com
1    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
5    91.228.74.133 (United Kingdom)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    18.66.242.153 (United States)

ASN16509 (AMAZON-02, US)
dggaenaawxe8z.cloudfront.net
20    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
freestar-d.openx.net
eu-u.openx.net
us-u.openx.net
5    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
9    18.197.116.184 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-116-184.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
2    54.77.232.22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-232-22.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
2    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
11    185.33.221.88 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
10    35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    69.173.144.141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    18.192.135.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-135-64.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
2    184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
6    54.80.147.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-80-147-122.compute-1.amazonaws.com
mantodea.mantisadnetwork.com
ecs.mantisadnetwork.com
6    151.101.130.133 (United States)

ASN54113 (FASTLY, US)
cdn.krxd.net
2    52.57.27.215 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-27-215.eu-central-1.compute.amazonaws.com
uat5-b.investingchannel.com
1    18.66.248.11 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
adservice.google.com
4    142.250.185.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f1.1e100.net
d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com
8    99.81.41.171 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-41-171.eu-west-1.compute.amazonaws.com
beacon.krxd.net
2    151.101.2.133 (United States)

ASN54113 (FASTLY, US)
consumer.krxd.net
1    52.44.110.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-110-4.compute-1.amazonaws.com
usermatch.krxd.net
20    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
cm.g.doubleclick.net
12    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
3    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
2    104.92.72.137 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-72-137.deploy.static.akamaitechnologies.com
stags.bluekai.com
tags.bluekai.com
7    3.125.70.222 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
ps.eyeota.net
1    46.228.164.13 (United Kingdom)

ASN56396 (AMOBEE, GB)
d.turn.com
6    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    216.46.185.183 (United States)

ASN13649 (ASN-VINS, US)
global.ib-ibi.com
1    64.58.232.180 (United States)

ASN13649 (ASN-VINS, US)
ib.mookie1.com
6    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    107.178.240.89 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 89.240.178.107.bc.googleusercontent.com
fei.pro-market.net
10    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
pagead2.googlesyndication.com
25    142.250.184.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f1.1e100.net
tpc.googlesyndication.com
2    216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net
googleads.g.doubleclick.net
2    178.250.2.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net
googleads4.g.doubleclick.net
2    172.217.23.102 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f102.1e100.net
s0.2mdn.net
2    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
18    87.248.118.23 (Frankfurt am Main, Germany)

ASN34010 (YAHOO-IRD, GB)
PTR: e2.ycpi.vip.deb.yahoo.com
pr.ybp.yahoo.com
cdn.js7k.com
s.yimg.com
beap-bc.yahoo.com
7    23.218.208.200 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-200.deploy.static.akamaitechnologies.com
ads.pubmatic.com
4    184.30.20.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-198.deploy.static.akamaitechnologies.com
aktrack.pubmatic.com
2    213.155.156.183 (Uppsala, Sweden)

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-183.teliacarrier-cust.com
d5p.de17a.com
26    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
5    159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
6    37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
4    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
image4.pubmatic.com
1    67.202.105.22 (United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
2    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
16    2.21.141.232 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-232.deploy.static.akamaitechnologies.com
js-sec.indexww.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
2    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
12    3.123.82.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-82-137.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    35.210.178.101 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 101.178.210.35.bc.googleusercontent.com
a.volvelle.tech
1    85.114.159.118 (None, )

ASN- ()
dsp.adfarm1.adition.com
16    52.16.151.94 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-151-94.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
3    185.86.139.89 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
3    198.148.27.139 (None, )

ASN- ()
bh.contextweb.com
1    162.55.6.213 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.213.6.55.162.clients.your-server.de
csync.loopme.me
3    213.19.147.44 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    188.165.137.78 (France)

ASN16276 (OVH, FR)
PTR: ip78.ip-188-165-137.eu
green.erne.co
1    72.251.241.204 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
1    172.67.74.129 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
2    104.18.13.5 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
match.taboola.com
1    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
6    3.123.163.175 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-163-175.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    38.27.122.126 (Chestertown, United States)

ASN174 (COGENT-174, US)
match.bnmla.com
1    34.201.255.167 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-201-255-167.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    146.59.148.16 (France)

ASN16276 (OVH, FR)
PTR: pikafka-2.cloudy.ovh
pixel.onaudience.com
3    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    212.82.100.176 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: pr-bh-ing.pbp.vip.ir2.yahoo.com
pr-bh.ybp.yahoo.com
2    89.207.16.201 (Roydon, United Kingdom)

ASN41041 (VCLK-EU-SE, US)
PTR: ams04-usadmm.dotomi.com
pubmatic-match.dotomi.com
casale-match.dotomi.com
2    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    178.62.202.251 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    34.98.107.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 212.107.98.34.bc.googleusercontent.com
ads.playground.xyz
2    185.33.221.15 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
1    52.48.175.241 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-175-241.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
1    34.199.172.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-172-6.compute-1.amazonaws.com
sync.ipredictive.com
1    143.204.209.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-209-115.fra53.r.cloudfront.net
cm.smadex.com
2    18.195.183.48 (None, )

ASN- ()
rtb.mfadsrvr.com
4    104.16.200.58 (None, )

ASN13335 (CLOUDFLARENET, US)
pixel.yabidos.com
4    52.46.154.242 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    54.205.198.41 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-198-41.compute-1.amazonaws.com
rtb.adentifi.com
4    104.16.64.54 (None, )

ASN13335 (CLOUDFLARENET, US)
pre.glotgrx.com
3    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    52.18.85.49 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-85-49.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    54.236.220.178 (None, )

ASN- ()
sync.extend.tv
2    52.48.137.92 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-137-92.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
Apex Domain
Subdomains		 Transfer
49 pubmatic.com
hbopenbid.pubmatic.com
image6.pubmatic.com
ads.pubmatic.com
aktrack.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
simage4.pubmatic.com
image4.pubmatic.com
126 KB
39 googlesyndication.com
d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
276 KB
33 doubleclick.net
stats.g.doubleclick.net
securepubads.g.doubleclick.net
ad.doubleclick.net
cm.g.doubleclick.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
192 KB
21 yahoo.com
c2shb.ssp.yahoo.com
pr.ybp.yahoo.com
beap-bc.yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
21 KB
20 openx.net
freestar-d.openx.net
eu-u.openx.net
us-u.openx.net
4 KB
17 krxd.net
cdn.krxd.net
beacon.krxd.net
consumer.krxd.net
usermatch.krxd.net
178 KB
16 bidr.io
match.prod.bidr.io
7 KB
15 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
44 KB
14 casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
23 KB
14 bidswitch.net
grid.bidswitch.net
x.bidswitch.net
7 KB
12 adsrvr.org
match.adsrvr.org
5 KB
12 pub.network
a.pub.network
d.pub.network
c.pub.network
352 KB
11 rubiconproject.com
fastlane.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
15 KB
11 adlightning.com
tagan.adlightning.com
267 KB
9 sharethrough.com
btlr.sharethrough.com
991 B
8 yimg.com
s.yimg.com
292 KB
8 anotepad.com
anotepad.com
cdn.anotepad.com
21 KB
7 eyeota.net
ps.eyeota.net
4 KB
6 w55c.net
pm.w55c.net
5 KB
6 adform.net
c1.adform.net
3 KB
6 mathtag.com
sync.mathtag.com
3 KB
6 mantisadnetwork.com
mantodea.mantisadnetwork.com
ecs.mantisadnetwork.com
2 KB
6 33across.com
ssc.33across.com
ssc-cms.33across.com
924 B
6 google.com
www.google.com
adservice.google.com
2 KB
5 simpli.fi
um.simpli.fi
2 KB
5 criteo.com
bidder.criteo.com
gum.criteo.com
dis.criteo.com
6 KB
5 quantserve.com
secure.quantserve.com
pixel.quantserve.com
10 KB
4 glotgrx.com
pre.glotgrx.com
555 B
4 amazon-adsystem.com
s.amazon-adsystem.com
3 KB
4 yabidos.com
pixel.yabidos.com
50 KB
4 indexww.com
js-sec.indexww.com
4 KB
4 js7k.com
cdn.js7k.com
57 KB
4 everesttech.net
sync-tm.everesttech.net
964 B
4 googletagservices.com
www.googletagservices.com
138 KB
4 scorecardresearch.com
sb.scorecardresearch.com
2 KB
3 contextweb.com
bh.contextweb.com
1 KB
3 smartadserver.com
rtb-csync.smartadserver.com
2 KB
3 rlcdn.com
idsync.rlcdn.com
id.rlcdn.com
460 B
3 addthis.com
s7.addthis.com
m.addthis.com
140 KB
2 crwdcntrl.net
bcp.crwdcntrl.net
1 KB
2 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
2 sitescout.com
pixel-sync.sitescout.com
947 B
2 dotomi.com
pubmatic-match.dotomi.com
casale-match.dotomi.com
290 B
2 onaudience.com
pixel.onaudience.com
719 B
2 taboola.com
trc.taboola.com
match.taboola.com
558 B
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 1rx.io
sync.1rx.io
1 KB
2 volvelle.tech
a.volvelle.tech
1 KB
2 de17a.com
d5p.de17a.com
634 B
2 2mdn.net
s0.2mdn.net
71 KB
2 criteo.net
static.criteo.net
55 KB
2 turn.com
d.turn.com
ad.turn.com
968 B
2 bluekai.com
stags.bluekai.com
tags.bluekai.com
1020 B
2 investingchannel.com
uat5-b.investingchannel.com
445 B
2 yieldmo.com
ads.yieldmo.com
443 B
2 btloader.com
btloader.com
api.btloader.com
23 KB
2 google-analytics.com
www.google-analytics.com
20 KB
2 googleapis.com
ajax.googleapis.com
100 KB
2 bootstrapcdn.com
stackpath.bootstrapcdn.com
32 KB
1 extend.tv
sync.extend.tv
546 B
1 demdex.net
dpm.demdex.net
1 adentifi.com
rtb.adentifi.com
88 B
1 smadex.com
cm.smadex.com
525 B
1 ipredictive.com
sync.ipredictive.com
522 B
1 gumgum.com
rtb.gumgum.com
238 B
1 playground.xyz
ads.playground.xyz
485 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 stackadapt.com
sync.srv.stackadapt.com
653 B
1 bnmla.com
match.bnmla.com
917 B
1 deepintent.com
match.deepintent.com
44 B
1 ad4m.at
ad4m.at
915 B
1 adgrx.com
cm.adgrx.com
408 B
1 erne.co
green.erne.co
326 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
535 B
1 loopme.me
csync.loopme.me
217 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 pro-market.net
fei.pro-market.net
327 B
1 mookie1.com
ib.mookie1.com
992 B
1 ib-ibi.com
global.ib-ibi.com
488 B
1 quantcount.com
rules.quantcount.com
1 KB
1 cloudfront.net
dggaenaawxe8z.cloudfront.net
3 KB
1 ad-delivery.net
ad-delivery.net
996 B
1 videoplayerhub.com
freestar-io.videoplayerhub.com
529 B
1 pghub.io
pghub.io
2 KB
1 addthisedge.com
v1.addthisedge.com
325 B
1 moatads.com
z.moatads.com
1 KB
1 googletagmanager.com
www.googletagmanager.com
38 KB
332 87
Domain Requested by
25 tpc.googlesyndication.com anotepad.com
d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com
tagan.adlightning.com
tpc.googlesyndication.com
20 cm.g.doubleclick.net 16 redirects eu-u.openx.net
16 match.prod.bidr.io 16 redirects
16 simage2.pubmatic.com ads.pubmatic.com
12 x.bidswitch.net 11 redirects
12 match.adsrvr.org 7 redirects eu-u.openx.net
ssum-sec.casalemedia.com
11 ib.adnxs.com 5 redirects a.pub.network
acdn.adnxs.com
11 tagan.adlightning.com a.pub.network
tagan.adlightning.com
10 eu-u.openx.net a.pub.network
eu-u.openx.net
10 image2.pubmatic.com 2 redirects ads.pubmatic.com
10 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
10 c2shb.ssp.yahoo.com a.pub.network
9 btlr.sharethrough.com a.pub.network
8 us-u.openx.net eu-u.openx.net
8 s.yimg.com anotepad.com
8 beacon.krxd.net cdn.krxd.net
7 ads.pubmatic.com anotepad.com
a.pub.network
ads.pubmatic.com
7 ps.eyeota.net 6 redirects
7 a.pub.network anotepad.com
a.pub.network
tagan.adlightning.com
6 ssum-sec.casalemedia.com 2 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
6 pm.w55c.net 6 redirects
6 c1.adform.net 5 redirects ads.pubmatic.com
6 image6.pubmatic.com 2 redirects ads.pubmatic.com
6 sync.mathtag.com 6 redirects
6 cdn.krxd.net anotepad.com
cdn.krxd.net
tagan.adlightning.com
6 cdn.anotepad.com anotepad.com
cdn.anotepad.com
5 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
5 um.simpli.fi 2 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
5 ssc.33across.com a.pub.network
5 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
anotepad.com
4 pixel.rubiconproject.com
4 pre.glotgrx.com mantodea.mantisadnetwork.com
4 s.amazon-adsystem.com 2 redirects ssum-sec.casalemedia.com
4 pixel.yabidos.com mantodea.mantisadnetwork.com
pixel.yabidos.com
4 js-sec.indexww.com a.pub.network
ssum-sec.casalemedia.com
4 aktrack.pubmatic.com anotepad.com
4 cdn.js7k.com tagan.adlightning.com
4 pr.ybp.yahoo.com a.pub.network
4 c.pub.network a.pub.network
4 sync-tm.everesttech.net 4 redirects
4 pixel.quantserve.com 3 redirects
4 d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
tagan.adlightning.com
4 mantodea.mantisadnetwork.com a.pub.network
4 www.googletagservices.com a.pub.network
d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com
4 www.google.com 1 redirects tagan.adlightning.com
d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com
4 sb.scorecardresearch.com 1 redirects a.pub.network
3 token.rubiconproject.com 3 redirects
3 ups.analytics.yahoo.com 2 redirects ssum-sec.casalemedia.com
3 bh.contextweb.com 3 redirects
3 rtb-csync.smartadserver.com 3 redirects
3 ad.doubleclick.net 1 redirects d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com
2 bcp.crwdcntrl.net 1 redirects ssum-sec.casalemedia.com
2 ecs.mantisadnetwork.com mantodea.mantisadnetwork.com
2 rtb.mfadsrvr.com 2 redirects
2 secure.adnxs.com 1 redirects ssum-sec.casalemedia.com
2 pixel-sync.sitescout.com 2 redirects
2 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
2 pixel.onaudience.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 sync.1rx.io 2 redirects
2 a.volvelle.tech 2 redirects
2 eus.rubiconproject.com a.pub.network
eus.rubiconproject.com
2 acdn.adnxs.com a.pub.network
2 simage4.pubmatic.com ads.pubmatic.com
2 beap-bc.yahoo.com cdn.js7k.com
2 d5p.de17a.com 2 redirects
2 gum.criteo.com tagan.adlightning.com
gum.criteo.com
2 s0.2mdn.net d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com
2 googleads4.g.doubleclick.net anotepad.com
2 static.criteo.net a.pub.network
static.criteo.net
2 googleads.g.doubleclick.net d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com
2 idsync.rlcdn.com
2 consumer.krxd.net cdn.krxd.net
2 adservice.google.com tagan.adlightning.com
2 uat5-b.investingchannel.com dggaenaawxe8z.cloudfront.net
2 htlb.casalemedia.com a.pub.network
2 grid.bidswitch.net a.pub.network
2 fastlane.rubiconproject.com a.pub.network
2 hbopenbid.pubmatic.com a.pub.network
2 bidder.criteo.com a.pub.network
2 ads.yieldmo.com a.pub.network
2 freestar-d.openx.net a.pub.network
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 s7.addthis.com anotepad.com
s7.addthis.com
2 ajax.googleapis.com anotepad.com
2 stackpath.bootstrapcdn.com anotepad.com
2 anotepad.com ajax.googleapis.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 sync.extend.tv 1 redirects
1 dpm.demdex.net ssum-sec.casalemedia.com
1 id.rlcdn.com
1 rtb.adentifi.com ssum-sec.casalemedia.com
1 cm.smadex.com 1 redirects
1 sync.ipredictive.com 1 redirects
1 rtb.gumgum.com ads.pubmatic.com
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 ad.turn.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 tags.bluekai.com ads.pubmatic.com
1 sync.srv.stackadapt.com 1 redirects
1 match.bnmla.com 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 ad4m.at ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 green.erne.co 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 csync.loopme.me 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 ssc-cms.33across.com a.pub.network
1 dis.criteo.com 1 redirects
1 fei.pro-market.net 1 redirects
1 ib.mookie1.com
1 global.ib-ibi.com 1 redirects
1 d.turn.com 1 redirects
1 stags.bluekai.com 1 redirects
1 usermatch.krxd.net 1 redirects
1 rules.quantcount.com secure.quantserve.com
1 dggaenaawxe8z.cloudfront.net a.pub.network
1 secure.quantserve.com a.pub.network
1 api.btloader.com freestar-io.videoplayerhub.com
1 ad-delivery.net
1 btloader.com
1 freestar-io.videoplayerhub.com 1 redirects
1 pghub.io a.pub.network
1 stats.g.doubleclick.net www.google-analytics.com
1 m.addthis.com s7.addthis.com
1 v1.addthisedge.com s7.addthis.com
1 z.moatads.com s7.addthis.com
1 d.pub.network a.pub.network
1 www.googletagmanager.com anotepad.com
332 136
Subject Issuer Validity Valid
anotepad.com
Sectigo RSA Domain Validation Secure Server CA		 2020-12-20 -
2022-01-20		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh
*.anotepad.com
Amazon		 2021-03-02 -
2022-03-31		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-04-25 -
2022-04-27		 a year crt.sh
*.pub.network
Go Daddy Secure Certificate Authority - G2		 2021-03-17 -
2022-04-18		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-01-21 -
2022-01-25		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.pghub.io
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-09 -
2022-02-16		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.adlightning.com
Amazon		 2021-06-24 -
2022-07-23		 a year crt.sh
api.btloader.com
GTS CA 1D4		 2021-08-28 -
2021-11-26		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2021-09-28 -
2021-12-27		 3 months crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
*.yieldmo.com
Amazon		 2021-05-25 -
2022-06-23		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-30 -
2022-02-23		 6 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
grid.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2021-09-27 -
2022-10-23		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.mantisadnetwork.com
Amazon		 2020-11-13 -
2021-12-12		 a year crt.sh
cdn.krxd.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2021-02-08 -
2022-02-07		 a year crt.sh
*.investingchannel.com
Go Daddy Secure Certificate Authority - G2		 2020-05-26 -
2022-06-01		 2 years crt.sh
*.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-13 -
2022-01-07		 a year crt.sh
consumer.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-13 -
2022-07-12		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.eyeota.net
R3		 2021-08-27 -
2021-11-25		 3 months crt.sh
ib.mookie1.com
DigiCert SHA2 High Assurance Server CA		 2019-10-07 -
2021-11-12		 2 years crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
*.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-09-06 -
2021-10-27		 2 months crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-04-25 -
2022-04-26		 a year crt.sh
*.pbp.bf2.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-18 -
2021-11-17		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-17 -
2022-02-09		 6 months crt.sh
adentifi.com
Amazon		 2021-09-04 -
2022-10-03		 a year crt.sh
*.glotgrx.com
Go Daddy Secure Certificate Authority - G2		 2020-12-14 -
2022-01-12		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-02 -
2022-01-02		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh

This page contains 58 frames:

Primary Page: https://anotepad.com/notes/8mgfm8k4
Frame ID: 66E1A015DEB4DB63A488084365305A93
Requests: 111 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: D3FB1CBCF5DA9199E733477FB87D233D
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 72A189F3DA102101A14EF3A47B6A6ECB
Requests: 1 HTTP requests in this frame

Frame: https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9F40C78C2C0538DFD4AD11BB968CA09D
Requests: 1 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: 4D0B355AB1D3606AA97058BB67D8EBB9
Requests: 15 HTTP requests in this frame

Frame: https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 06E0BD7E3D94AC9FABF2FDC353F7F534
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8960441935629234263/728x90/banner/index.html
Frame ID: 3099AFF2463F8ACCFA78A9BE8BB7C8C1
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 04EC9B78E29A92301B46352576E55C26
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 7A4EB6561CD0BC6B37109C0907793021
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F8AF0A7234874091C212F068CE961035
Requests: 2 HTTP requests in this frame

Frame: https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 46E3BCF7FCFAF5A46BB8C3EC3A712909
Requests: 11 HTTP requests in this frame

Frame: https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EB985C328F8D0D92DB13DE9E59B656DD
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B5A962F3442A59766C678B295AE05C7E
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 04349392F5734299E4093A99A0CF337C
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=anotepad.com
Frame ID: AE18F7CD545CE586E8D6714465F875BD
Requests: 2 HTTP requests in this frame

Frame: https://tagan.adlightning.com/freestar/blacklist_script.js
Frame ID: E2444432E684EC668697A35FDB9D8611
Requests: 7 HTTP requests in this frame

Frame: https://tagan.adlightning.com/freestar/blacklist_script.js
Frame ID: 10993A09C7ADAEF20ADAD1961BF21BF3
Requests: 7 HTTP requests in this frame

Frame: https://tagan.adlightning.com/freestar/blacklist_script.js
Frame ID: 258BD5A675D8490FAE4EA4C414515A1C
Requests: 6 HTTP requests in this frame

Frame: https://tagan.adlightning.com/freestar/blacklist_script.js
Frame ID: 71BB48C582E8D241C457B0738372451B
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 3140EAE01B98AFEA4B6BAB8A4CD83C43
Requests: 11 HTTP requests in this frame

Frame: https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156696&siteId=269885&adId=1325175&adType=10&adServerId=243&kefact=0.023436&kaxefact=0.023436&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=9&kltstamp=1634151971&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.024669&dcId=3&tldId=42295754&passback=0&svr=BID22530U&adsver=_1972006031&adsabzcid=0&cls=BID&ekefact=Iy5nYRaEBAAFBWnTXqJdwE-uqu0uqjTupzl-qTGsd0aHqUsY&ekaxefact=Iy5nYSCEBADuOJWp9UnanKynze3OqOSr_H4E1g7g_dkDgYOG&ekpbmtpfact=Iy5nYSmEBADaFCVkUgw6GnHEYfXrRIYgWRc4_CIk7YfYkPOZ&enpp=Iy5nYTKEBACJi9uDG9vSY0tbyJN0zXe2sMcoJ4UEuviPMSGP&pfi=1&domId=14458936769757509276&dc=AMS&pubBuyId=32802&crID=3565346&lpu=pramac.com&ucrid=3274319656763099746&campaignId=23026&creativeId=0&pctr=0.000000&wDSPByrId=OATH102139000&wDspId=452&wbId=2&wrId=0&wAdvID=969113&wDspCampId=1657127&isRTB=1&rtbId=2FDC6CAB-7618-4CB9-A72F-C362ED16F14F&imprId=5231F024-CB08-4799-AB53-82CF81DD63C7&oid=5231F024-CB08-4799-AB53-82CF81DD63C7&cntryId=232&domain=anotepad.com&pageURL=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4&sec=1&pAuSt=3
Frame ID: 289719A1CFBE7DE432A2BA780EEBEA4B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 519853E7AA0949B38B8C8990A367CD99
Requests: 2 HTTP requests in this frame

Frame: https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156696&siteId=269885&adId=1325177&adType=10&adServerId=243&kefact=0.023184&kaxefact=0.023184&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=9&kltstamp=1634151971&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.024404&dcId=3&tldId=42295754&passback=0&svr=BID22481U&adsver=_1972006031&adsabzcid=0&cls=BID&ekefact=Iy5nYbyfAgDNXWU5hOzy5OJgFLi2bQlx3WjjU0NUSN8MXvAV&ekaxefact=Iy5nYcyfAgCEPTOOQ8JcU2ch7pput4rJZVvKRT1uKKjHTdTs&ekpbmtpfact=Iy5nYdqfAgBR9iNXzAKKKZ1Y35xxkHMB68gFea2RnrxgOr3R&enpp=Iy5nYeefAgBM3jr38BMJYV8TZTqxc2sMo46MW4h7dj8F0B8t&pfi=1&domId=14458936769757509276&dc=AMS&pubBuyId=32802&crID=3565397&lpu=pramac.com&ucrid=18076241996797128328&campaignId=23026&creativeId=0&pctr=0.000000&wDSPByrId=OATH102139000&wDspId=452&wbId=3&wrId=0&wAdvID=969113&wDspCampId=1657127&isRTB=1&rtbId=7EA8FC61-4FB3-4B7B-8FF5-7D49B3A839F2&imprId=26A3B764-06C6-4D4A-AA71-0A3EEA6FDA86&oid=26A3B764-06C6-4D4A-AA71-0A3EEA6FDA86&cntryId=232&domain=anotepad.com&pageURL=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4&sec=1&pAuSt=3
Frame ID: 5F8F18FB5A12402C01C5E5629FDC855F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: CF3847085AA1F1CD1E3D5908822EC552
Requests: 2 HTTP requests in this frame

Frame: https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156696&siteId=269885&adId=1325175&adType=10&adServerId=243&kefact=0.023436&kaxefact=0.023436&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=9&kltstamp=1634151971&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.024669&dcId=3&tldId=42295754&passback=0&svr=BID22535U&adsver=_1972006031&adsabzcid=0&cls=BID&ekefact=Iy5nYWORAgCgtTX4aDAJlwywFlzlPXzPNyYGFmLJNXG-_kMD&ekaxefact=Iy5nYYGRAgBJBXZdYsx14r2sspZ7STc-bEUOa9t9nFuFinDY&ekpbmtpfact=Iy5nYZuRAgByyXcI_eshNtjAGyJOCILf9y8e8FUcoARKTeaK&enpp=Iy5nYbWRAgBaP1OD2bgfBthp9p7-gN1RzbjtA2oFrtnbS-KV&pfi=1&domId=14458936769757509276&dc=AMS&pubBuyId=32802&crID=3565477&lpu=pramac.com&ucrid=17007508701686110183&campaignId=23026&creativeId=0&pctr=0.000000&wDSPByrId=OATH102139000&wDspId=452&wbId=2&wrId=0&wAdvID=969113&wDspCampId=1657127&isRTB=1&rtbId=83D17088-EB4B-487D-B31F-C4B38678C072&imprId=70F8BC06-6D29-4518-8E52-3A066EC494E9&oid=70F8BC06-6D29-4518-8E52-3A066EC494E9&cntryId=232&domain=anotepad.com&pageURL=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4&sec=1&pAuSt=3
Frame ID: 83B260DF26FF4626DFFAB7B14611EB76
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 89925A29A6712A4DAEEB7443A1E9E513
Requests: 1 HTTP requests in this frame

Frame: https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156696&siteId=269885&adId=1325177&adType=10&adServerId=243&kefact=0.022455&kaxefact=0.022455&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=9&kltstamp=1634151971&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.023637&dcId=3&tldId=42295754&passback=0&svr=BID22432U&adsver=_1972006031&adsabzcid=0&cls=BID&ekefact=Iy5nYRK-AgBtaFeGCQKjjM1JYsZ1o9bn3mjeTJktJBp1_Pk6&ekaxefact=Iy5nYTG-AgBZ-HEaMy7aLIWuRf7KJ-JQcyz2-aJ3Zn7jUX_J&ekpbmtpfact=Iy5nYUu-AgDbn9ri8QWsgT7L0oLtSiYcfLkNEGMBNKQJD6Xn&enpp=Iy5nYWW-AgDSLpDL9TRfnaUhMHcZQNLNTR4AZcoVkDaKecA2&pfi=1&domId=14458936769757509276&dc=AMS&pubBuyId=32802&crID=3565303&lpu=pramac.com&ucrid=1294549814952021847&campaignId=23026&creativeId=0&pctr=0.000000&wDSPByrId=OATH102139000&wDspId=452&wbId=3&wrId=0&wAdvID=969113&wDspCampId=1657127&isRTB=1&rtbId=42205F63-DB57-414D-A2F2-7E9C0ACC492D&imprId=9CB24EAC-9B2A-491F-81B4-314AA8335D33&oid=9CB24EAC-9B2A-491F-81B4-314AA8335D33&cntryId=232&domain=anotepad.com&pageURL=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4&sec=1&pAuSt=3
Frame ID: F1EA70BCB2BB460FFBFC69A3E551A909
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=405855181577769890
Frame ID: 85992DB587011A7A6DFAAB0C6AC188D6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 92379E1F0DDA99E992D3CD99D3B8F703
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cNQLIgg3Or7iD1aKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 0FB4FE0BF96D8162CE240C996ABE9E35
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 90443489504D0651B5ED58C0852A9AD7
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: C1C8F2C1CAFE8932047AE6AC824A506B
Requests: 17 HTTP requests in this frame

Frame: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1634151971273&secure=true&version=9&uuid=e8ee395f-23a7-468f-b509-e92ed9d74faf&title=Online%20Notepad%20-%20Cheating%20In%20Casino%20Gambling&url=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4
Frame ID: 96D2B90D444070FEC836708735ADB53E
Requests: 6 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: A89670081ABCA69F48C147A0D298D53C
Requests: 1 HTTP requests in this frame

Frame: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1634151971243&secure=true&version=9&uuid=e8ee395f-23a7-468f-b509-e92ed9d74faf&title=Online%20Notepad%20-%20Cheating%20In%20Casino%20Gambling&url=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4
Frame ID: 8D2985A9ED1CB5F530F5485773B7F38C
Requests: 6 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 068682261E7EDC5498544240DE9D36F6
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 6F87ABAAD801EB2C8C0CBBF98B913B41
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Frame ID: 3291D1E6FFAF9B4664090EF83B3B847F
Requests: 11 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Frame ID: 0567865FB1032E139BF8FAD4734D1DC9
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 1A10877A20E04060AE38098BF1FD4832
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 4E959F1B8A37B04188DCD1C197A4BDAF
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=4051A24A-49C2-4797-987F-724EE6681D5C
Frame ID: 480A391C595B831A0B2B3F04F37F800F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7018629302215702668
Frame ID: 71515A96A53FD127CAE13C1C1B09A7D7
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAB7k07CzlwAABYbmZ_6bQ
Frame ID: 74DBCEC625666F82B7975B4EFCD594D5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: D630B0CE3A0000D42A31AC4D43828091
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-d4cfffca-1acd-41f0-9345-444160c45c87-003
Frame ID: DB387645096C19207F83C7D6153EDA90
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=pUBnjyMuCN86HOs5w0aFXpDa
Frame ID: F62BBD3B6D80C0107E0279507822C3E5
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 4B79289AE0FD9E60669E8E7E8F159CE4
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: B83F1B3FCD9684F54D59DDA792064DFC
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 68B80D6D9988897ED9AC486481B4EE7C
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=392d9e7a-0486-4aa0-b5b7-08fd4c96584c-tuct860b3a9&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: B1E3C6443FBF65AFD57633F6C5024625
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: EF536FDD59D6CD6192960921AF883270
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:heZBLr3p1MAJzX5&gdpr=0&gdpr_consent=
Frame ID: 559224FB7C284AD16E91907054B937CD
Requests: 1 HTTP requests in this frame

Frame: https://um.simpli.fi/match_redirect?sifi_redir=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
Frame ID: 39BDFEDE6386739D7AECEFAC8BBF9424
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:188C7BC606E34701BFD67991850CF15D
Frame ID: BE68643C3B7A79555DF6C970EF877889
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=dxwe_XiuRmxQmUo1KPzaFNiDcm0
Frame ID: 672048B9AA2751BE814E13E6064331DC
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://anotepad.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: AD320F89C66F0380382EAB5E81344829
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://anotepad.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 68893C28B0F8048CBB4E2B732FA30F78
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Online Notepad - Cheating In Casino Gambling

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

332
Requests

100 %
HTTPS

0 %
IPv6

87
Domains

136
Subdomains

86
IPs

10
Countries

2569 kB
Transfer

6583 kB
Size

117
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • https://freestar-io.videoplayerhub.com/gallery.js HTTP 301
  • https://btloader.com/tag?h=freestar-io&upapi=true
Request Chain 31
  • https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_ucfr=1&ns__t=1634151970602&ns_c=UTF-8&cv=3.5&c8=Online%20Notepad%20-%20Cheating%20In%20Casino%20Gambling&c7=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1634151970602&ns_c=UTF-8&cv=3.5&c8=Online%20Notepad%20-%20Cheating%20In%20Casino%20Gambling&c7=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4&c9=
Request Chain 103
  • https://usermatch.krxd.net/um/v2?partner=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T2EwQVRIak8 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEHUdrj81d_SktZBs_0-MXko&google_cver=1
Request Chain 104
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T2EwQVRIak8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm=&google_hm=T2EwQVRIak8&google_tc= HTTP 302
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEFr6_fkXorbe3dWmipKNnq8&google_cver=1
Request Chain 105
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=krux&ttd_tpi=1&ttd_puid=Oa0ATHjO&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=krux&ttd_tpi=1&ttd_puid=Oa0ATHjO&gdpr=0 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=ttd&partner_uid=1477a98c-c8a7-46df-ac54-fc4002216f30
Request Chain 107
  • https://stags.bluekai.com/site/26357?id=Oa0ATHjO&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DOa0ATHjO%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID HTTP 302
  • https://beacon.krxd.net/usermatch.gif?_kuid=Oa0ATHjO&partner=bluekai&bk_uuid=$_BK_UUID
Request Chain 109
  • https://ps.eyeota.net/match?bid=i0r4o4v&uid=Oa0ATHjO HTTP 302
  • https://ps.eyeota.net/match/bounce/?bid=i0r4o4v&uid=Oa0ATHjO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MnptNXhsMjh1NUZ6ekNGcFBJT3dySTMxQzB2VHdIeEVvSGpxQTROaDQ2QTQ&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=i0r4o4v& HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=i0r4o4v&google_gid=CAESELPul2wpdcB2J8czFJcNJK4&google_cver=1 HTTP 302
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=2&dc_mr=5&dc_orig=i0r4o4v& HTTP 302
  • https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=2417546668163973526&newuser=1&dc_rc=2&dc_mr=5&dc_orig=i0r4o4v& HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10015&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D7vi0rg0%26uid%3D%5BMM_UUID%5D%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3Di0r4o4v%26 HTTP 302
  • https://ps.eyeota.net/match?bid=7vi0rg0&uid=50066167-2e23-4200-b5ed-83ea8910f6fa&dc_rc=3&dc_mr=5&dc_orig=i0r4o4v& HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3Di0r4o4v%26 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3Di0r4o4v%26&_test=YWcuIwAI3Dkr6gAT HTTP 302
  • https://ps.eyeota.net/match?uid=YWcuIwAI3Dkr6gAT&bid=0rijhbu&dc_rc=4&dc_mr=5&dc_orig=i0r4o4v&&_test=YWcuIwAI3Dkr6gAT HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1 HTTP 302
  • https://ps.eyeota.net/match?uid=1477a98c-c8a7-46df-ac54-fc4002216f30&bid=1e2n4ou
Request Chain 110
  • https://ib.adnxs.com/getuid?https://beacon.krxd.net/usermatch.gif?adnxs_uid=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fadnxs_uid%3D%24UID HTTP 302
  • https://beacon.krxd.net/usermatch.gif?adnxs_uid=580923692186269670
Request Chain 111
  • https://global.ib-ibi.com/image.sbxx?go=247532&pid=314&xid=Oa0ATHjO HTTP 302
  • https://ib.mookie1.com/image.sbxx?go=247532&pid=314&xid=Oa0ATHjO
Request Chain 112
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dpubmatic%26partner_uid%3D%23PM_USER_ID HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dpubmatic%26partner_uid%3D%23PM_USER_ID&rdf=1 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=pubmatic&partner_uid=4051A24A-49C2-4797-987F-724EE6681D5C
Request Chain 113
  • https://fei.pro-market.net/engine?mimetype=img&du=88&csync=Oa0ATHjO HTTP 302
  • https://idsync.rlcdn.com/398696.gif?partner_uid=-6492044713090923506
Request Chain 122
  • https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B26469436.313919222;dc_trk_aid=506387288;dc_trk_cid=157683014;ord=683217727;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B26469436.313919222;dc_pre=CLmGpb6KyPMCFca43godj9oCIg;dc_trk_aid=506387288;dc_trk_cid=157683014;ord=683217727;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
Request Chain 138
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 214
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=405855181577769890
Request Chain 215
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 216
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDA1MUEyNEEtNDlDMi00Nzk3LTk4N0YtNzI0RUU2NjgxRDVD&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 217
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIK-vNmaHiHB7QQ4HcrbcSk&google_cver=1
Request Chain 219
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1477a98c-c8a7-46df-ac54-fc4002216f30
Request Chain 220
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3262634136460960445
Request Chain 221
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:50066167-2e23-4200-b5ed-83ea8910f6fa&gdpr=0&gdpr_consent=
Request Chain 222
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=580923692186269670&gdpr=0&gdpr_consent=
Request Chain 223
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ZK1Iy2D5TM9_qEjFav9TyWSsTp9_qkjPa65q7KpM
Request Chain 239
  • https://x.bidswitch.net/sync?ssp=themediagrid HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid HTTP 302
  • https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=themediagrid&bsw_uid=b817ecbe-4596-42f2-812d-121e492a4d7d HTTP 302
  • https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=themediagrid&bsw_uid=b817ecbe-4596-42f2-812d-121e492a4d7d HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=9fd31095-4a89-42cb-88e2-2fb3d7416935&ssp=themediagrid
Request Chain 242
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7018629302215702668
Request Chain 243
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFKN1NrN0N6bHdBQUdZcnFuU1lBdw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAB7k07CzlwAABYbmZ_6bQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=7129270743775468267 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAB7k07CzlwAABYbmZ_6bQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D7129270743775468267%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?userid=7129270743775468267&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAB7k07CzlwAABYbmZ_6bQ&pid=558502&do=add HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAB7k07CzlwAABYbmZ_6bQ
Request Chain 244
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 245
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4869990950 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/1477a98c-c8a7-46df-ac54-fc4002216f30 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-d4cfffca-1acd-41f0-9345-444160c45c87-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-d4cfffca-1acd-41f0-9345-444160c45c87-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-d4cfffca-1acd-41f0-9345-444160c45c87-003
Request Chain 246
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=pUBnjyMuCN86HOs5w0aFXpDa
Request Chain 249
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 250
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=392d9e7a-0486-4aa0-b5b7-08fd4c96584c-tuct860b3a9&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 252
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:heZBLr3p1MAJzX5&gdpr=0&gdpr_consent=
Request Chain 253
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D HTTP 302
  • https://um.simpli.fi/match_redirect?sifi_redir=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
Request Chain 254
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:188C7BC606E34701BFD67991850CF15D
Request Chain 255
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=dxwe_XiuRmxQmUo1KPzaFNiDcm0
Request Chain 256
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QFGiSknCR5eYf3JO5mgdXA%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 257
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=50066167-2e23-4200-b5ed-83ea8910f6fa
Request Chain 258
  • https://pixel.onaudience.com/?partner=214&mapped=4051A24A-49C2-4797-987F-724EE6681D5C HTTP 302
  • https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
  • https://tags.bluekai.com/site/33141?&id=adf0f4ffc908924b
Request Chain 259
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4051A24A-49C2-4797-987F-724EE6681D5C&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4051A24A-49C2-4797-987F-724EE6681D5C&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-74L8i5ZE2uWMT.A.Jr4nxkt1UVIUKlQ-~A&gdpr=0&gdpr_consent=
Request Chain 261
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=3262634136460960445&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b817ecbe-4596-42f2-812d-121e492a4d7d&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 262
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YWcuIwAI3Dkr6gAT&gdpr=0&gdpr_consent=
Request Chain 264
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=19ddf919-9d85-4694-a31e-99813f5eb0f0-61672e29-5553&gdpr=0&gdpr_consent=
Request Chain 265
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2417546668163973526&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 266
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:c55f9c48-2d33-4738-a9ba-9209d72d983f&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 267
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=580923692186269670
Request Chain 269
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=a4f6459b-2c58-11ec-932f-e7cb121077e6&gdpr=0&gdpr_consent=
Request Chain 271
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=heZBLr3p1MAJzX5
Request Chain 272
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=openx&bds_param=b817ecbe-4596-42f2-812d-121e492a4d7d HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=ec0c6671-8053-41e7-b8b5-29277fcc1c56&expires=10&ssp=openx&bsw_param=b817ecbe-4596-42f2-812d-121e492a4d7d HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=b817ecbe-4596-42f2-812d-121e492a4d7d
Request Chain 273
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=580923692186269670
Request Chain 274
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCN2swN0N6bHdBQUJZYm1aXzZiUQ&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAB7k07CzlwAABYbmZ_6bQ&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csas%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAB7k07CzlwAABYbmZ_6bQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAB7k07CzlwAABYbmZ_6bQ&pid=558502&do=add HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAB7k07CzlwAABYbmZ_6bQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=ox&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=2640019365190326786 HTTP 303
  • https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAB7k07CzlwAABYbmZ_6bQ
Request Chain 275
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=50066167-2e23-4200-b5ed-83ea8910f6fa
Request Chain 276
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=r7gPmavsC520vQ-XoeoUm6-5Cc20vw-doLvHM4Ql
Request Chain 277
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3262634136460960445
Request Chain 280
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKoK4fM6GiUw4QjpWoWS2bE&google_cver=1
Request Chain 281
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=heZBLr3p1MAJzX5
Request Chain 282
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=b817ecbe-4596-42f2-812d-121e492a4d7d HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=b817ecbe-4596-42f2-812d-121e492a4d7d HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=0996444b-9ba3-4bc5-8923-398e9d97941b&ssp=openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=b817ecbe-4596-42f2-812d-121e492a4d7d
Request Chain 283
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=580923692186269670
Request Chain 284
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAB7k07CzlwAABYbmZ_6bQ&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpp%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dox%26bee_sync_hop_count%3D1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAB7k07CzlwAABYbmZ_6bQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dox%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cox&bee_sync_current_partner=sas&bee_sync_initiator=ox&bee_sync_hop_count=2&userid=2640019365190326786 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAB7k07CzlwAABYbmZ_6bQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D2640019365190326786%26bee_sync_partners%3Dox%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dox%26bee_sync_hop_count%3D3 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?userid=2640019365190326786&bee_sync_partners=ox&bee_sync_current_partner=pp&bee_sync_initiator=ox&bee_sync_hop_count=3&ev=AAB7k07CzlwAABYbmZ_6bQ&pid=558502&do=add HTTP 303
  • https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAB7k07CzlwAABYbmZ_6bQ
Request Chain 285
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=50066167-2e23-4200-b5ed-83ea8910f6fa
Request Chain 286
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=r7gPmavsC520vQ-XoeoUm6-5Cc20vw-doLvHM4Ql
Request Chain 287
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3262634136460960445
Request Chain 290
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKoK4fM6GiUw4QjpWoWS2bE&google_cver=1
Request Chain 291
  • https://ssum-sec.casalemedia.com/usermatch?d=https://anotepad.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://anotepad.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 293
  • https://ssum-sec.casalemedia.com/usermatch?d=https://anotepad.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://anotepad.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 296
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rjrqv8k&ttd_tpi=1 HTTP 302
  • https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=1477a98c-c8a7-46df-ac54-fc4002216f30
Request Chain 298
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rjrqv8k&ttd_tpi=1 HTTP 302
  • https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=1477a98c-c8a7-46df-ac54-fc4002216f30
Request Chain 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YWcuKXcdJmeWZh6XTy2EpgAABFwAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEOaUnrCkY_xq3LTTz6FSkVI&google_cver=1
Request Chain 303
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YWcuKXcdJmeWZh6XTy2EpgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELVeFFKYq1scvqLaT2mhQGI&google_cver=1&gdpr=1
Request Chain 304
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YWcuKXcdJmeWZh6XTy2EpgAABFwAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YWcuKXcdJmeWZh6XTy2EpgAABFwAAAIB&dcc=t
Request Chain 305
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://um.simpli.fi/no_match_opted_out
Request Chain 312
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/KLaXixrFxeVXszbQoXRTwsn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7355253253163526979
Request Chain 313
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=50066167-2e23-4200-b5ed-83ea8910f6fa&expires=28
Request Chain 314
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YWcuIwAI3Dkr6gAT
Request Chain 315
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VQVlcyTTQtMjMtR1dLSg==
Request Chain 318
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESED5k8K1GoYt7LSAx6kMIqyE&google_cver=1
Request Chain 319
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODAzYTlmNjNjZjFkOGYzY2FkNjExOTQ4OGUwMjQzODQ1YWUyZjY2NA
Request Chain 323
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YWcuKXcdJmeWZh6XTy2EpQAABJ4AAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YWcuKXcdJmeWZh6XTy2EpQAABJ4AAAAB&dcc=t
Request Chain 324
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YWcuKXcdJmeWZh6XTy2EpgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELVeFFKYq1scvqLaT2mhQGI&google_cver=1&gdpr=1
Request Chain 325
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YWcuKXcdJmeWZh6XTy2EpQAABJ4AAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEOaUnrCkY_xq3LTTz6FSkVI&google_cver=1
Request Chain 327
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=17212407-78fc-4f88-ac15-1af53dbd5bea
Request Chain 328
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1634238377&gdpr=1
Request Chain 329
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YWcuKXcdJmeWZh6XTy2EpQAA%261182?gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YWcuKXcdJmeWZh6XTy2EpQAA%261182?gdpr_consent=&us_privacy=&gdpr=1

332 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 8mgfm8k4
anotepad.com/notes/ 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://anotepad.com/notes/8mgfm8k4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
207.244.104.157 Alexandria, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
anotepad.com
Software
Microsoft-IIS/8.5 /
Resource Hash
39635ca85c2a296acd8b9a656a0865e68d96a1c3f8853882e90f0f02d69dc437
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Host
anotepad.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/8.5
X-Frame-Options
SAMEORIGIN
Date
Wed, 13 Oct 2021 19:06:08 GMT
Content-Length
5169
js
www.googletagmanager.com/gtag/ 		95 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-8870545-1
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/8mgfm8k4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
9e1fdb1ea85275831affe13cf72a4ee6166b19ab02e60794ded6e7232dac63fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:10 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38579
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 13 Oct 2021 19:06:10 GMT
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/3.4.1/css/ 		119 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/8mgfm8k4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://anotepad.com/
Origin
https://anotepad.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 617, 617
age
14995586
cdn-cachedat
2021-04-23 07:18:34
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
f5c7c3d0862c0081497e5f86ecb14a19
cf-ray
69dad7f6094418e5-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
site-css
cdn.anotepad.com/bundles/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.anotepad.com/bundles/site-css?v=CZ4oNS7H5ccbxtJz5ubVUmeoRG_0LsB0TrEWnjgYtm81
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/8mgfm8k4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.155.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-102.dus51.r.cloudfront.net
Software
Microsoft-IIS/8.5 /
Resource Hash
7f941b8c4190696ffe563cd65d648faee92c126c608c71e2b0bfa1a3b2129a1e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 05:03:50 GMT
content-encoding
gzip
last-modified
Thu, 07 Oct 2021 05:03:50 GMT
server
Microsoft-IIS/8.5
age
568939
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=utf-8
via
1.1 0406d08716a9781a5c19ff86db2debd3.cloudfront.net (CloudFront)
cache-control
public
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
FHPMTvTzSTjW8wDHJj0EfEKPJekfL1S5w55Fxbp-1Ih0bekWtM1YGA==
expires
Fri, 07 Oct 2022 05:03:50 GMT
cls.css
a.pub.network/core/pubfig/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/pubfig/cls.css
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/8mgfm8k4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d510e16e6e569e573980fd67a55221795d539fd56688ecaca8d284255e86ee6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=kjwd8A==, md5=KtQsmezne0blpCqFIHo3UA==
date
Wed, 13 Oct 2021 19:06:10 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ADPycdtrTevFbk7Vu7N60aMsgamGhbdQmHleKw983OPNQA6YmPgC6SWLjwiTnWzvvyaQaxBvFbrvPHDQjSwaS2nW0BI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-type
text/css
last-modified
Tue, 11 May 2021 20:31:48 GMT
server
cloudflare
etag
W/"2ad42c99ece77b46e5a42a85207a3750"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IwWLwfLBiIVl4N4NdZTdYxr%2FW%2FFPKfm8LjpRy95CkA5mGccsbqqbCUo%2BIvRqXREXMxK60ih1qg4%2BXVH9T0KjsoMu0aG6tASvFS700X9KfbTkgi34HsQWJSOjf97oc%2Bw%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620765108454625
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
1752
cf-ray
69dad7f61d0a4e5b-FRA
expires
Wed, 13 Oct 2021 19:16:57 GMT
anotepad.svg
cdn.anotepad.com/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.anotepad.com/images/anotepad.svg
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/8mgfm8k4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.155.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-102.dus51.r.cloudfront.net
Software
Microsoft-IIS/8.5 /
Resource Hash
00a1081b52175533a7f3b857f50cd13add6909e438464b56998e51d827ada440
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 15:28:41 GMT
content-encoding
gzip
last-modified
Sat, 13 Feb 2021 21:52:25 GMT
server
Microsoft-IIS/8.5
age
99447
x-frame-options
SAMEORIGIN
etag
W/"8fdbe283522d71:0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 0406d08716a9781a5c19ff86db2debd3.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
3wNBVB9kFCEiN7T7PtN5ZciIyGzSDe4_lD76pBXlEcXsGKHIaS74lg==
pubfig.min.js
a.pub.network/anotepad-com/ 		118 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/anotepad-com/pubfig.min.js
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/8mgfm8k4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d60560d22e6264effb7f9b776f7e377ec41642d25d7e123f7b0ee603d83e6385

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=ak2NYQ==, md5=0SW6aby1062PgdbKZ4Nmzw==
date
Wed, 13 Oct 2021 19:06:10 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ADPycdv8S2LUSLjtFUAaunvr3ohN0bZ5qtHKVcR4huVOMwQ2cwvqcGOQHLOcwGrNv-KfAvEbXYOrSyWY0URbZXazTg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Fri, 08 Oct 2021 17:19:50 GMT
server
cloudflare
etag
W/"d125ba69bcb5d3ad8f81d6ca678366cf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W9tTwDQf%2FEfKQEZcS0xUuAjVqSXZa1hNRtV3T6FFSiUYEBtUqG2Ho%2FMtxEUf0SQb2%2FQFLUDtomcyeiFEUfsn067yHcZTHmbkbqOz71xCnEjC7tikFxSHEOCgkdfbWjw%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1633713590172745
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=1800
x-goog-stored-content-length
120818
cf-ray
69dad7f61d0d4e5b-FRA
expires
Fri, 08 Oct 2021 17:21:28 GMT
badge_applestore.png
cdn.anotepad.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.anotepad.com/images/badge_applestore.png
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/8mgfm8k4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.155.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-102.dus51.r.cloudfront.net
Software
Microsoft-IIS/8.5 /
Resource Hash
7f9164a13476744c911fea7dbab9a2924750f69f82ec1d51d2a09e64638952c0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 23:49:58 GMT
via
1.1 0406d08716a9781a5c19ff86db2debd3.cloudfront.net (CloudFront)
last-modified
Sun, 12 Jan 2020 18:32:03 GMT
server
Microsoft-IIS/8.5
age
501371
etag
"82bdb9576c9d51:0"
x-frame-options
SAMEORIGIN
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
3050
x-amz-cf-id
8eoNqJuC1vJXNAHwo7eJ4KTuuJ8t2weKp-vJUkajlRRpbhRrLVBIqA==
badge_playstore.png
cdn.anotepad.com/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.anotepad.com/images/badge_playstore.png
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/8mgfm8k4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.155.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-102.dus51.r.cloudfront.net
Software
Microsoft-IIS/8.5 /
Resource Hash
f45f42097ab97da2bd3034f5f7331e2283a38f7147638825cd71912fe8dcbbb6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 16:18:55 GMT
via
1.1 0406d08716a9781a5c19ff86db2debd3.cloudfront.net (CloudFront)
last-modified
Sun, 12 Jan 2020 18:32:03 GMT
server
Microsoft-IIS/8.5
age
144604
etag
"bf8eda9576c9d51:0"
x-frame-options
SAMEORIGIN
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
3709
x-amz-cf-id
2OBQ-CLiM97bcY64rCuW867jPWRYgNjRu48gf5MdIAw7DUpbgI8Sew==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/8mgfm8k4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 16:26:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9603
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Thu, 13 Oct 2022 16:26:07 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/ 		248 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/8mgfm8k4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
sffe /
Resource Hash
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:13:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
546758
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67948
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Fri, 07 Oct 2022 11:13:32 GMT
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/3.4.1/js/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/8mgfm8k4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://anotepad.com/
Origin
https://anotepad.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617
age
14995585
cdn-cachedat
2021-04-23 06:11:59
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
ce0ee7c1deeabc2fccc7eb3e522a42fd
cf-ray
69dad7f6094618e5-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
site-js
cdn.anotepad.com/bundles/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.anotepad.com/bundles/site-js?v=kttB7rWa1OhJrZEQB_jo6c8DT7h4Y8UywN47d92TrNQ1
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/8mgfm8k4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.155.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-102.dus51.r.cloudfront.net
Software
Microsoft-IIS/8.5 /
Resource Hash
ca4a64f25051d73e715e78148b0d5e8f9b9bcc30d1f7555ac7739fb69fc919c6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 05:28:01 GMT
content-encoding
gzip
last-modified
Tue, 13 Jul 2021 05:28:01 GMT
server
Microsoft-IIS/8.5
age
7997889
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 0406d08716a9781a5c19ff86db2debd3.cloudfront.net (CloudFront)
cache-control
public
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
Iz6VG6iJ59YgoZXfPCUvMDteBjS3p8oucgx7e9ufml6VdHPhJ3wTOA==
expires
Wed, 13 Jul 2022 05:28:01 GMT
addthis_widget.js
s7.addthis.com/js/300/ 		353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/8mgfm8k4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-121.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
date
Wed, 13 Oct 2021 19:06:10 GMT
x-host
s7.addthis.com
content-length
116325
icon_addthis.svg
cdn.anotepad.com/Images/ 		347 B
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.anotepad.com/Images/icon_addthis.svg
Requested by
Host: cdn.anotepad.com
URL: https://cdn.anotepad.com/bundles/site-css?v=CZ4oNS7H5ccbxtJz5ubVUmeoRG_0LsB0TrEWnjgYtm81
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.155.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-102.dus51.r.cloudfront.net
Software
Microsoft-IIS/8.5 /
Resource Hash
39c6ec590be39bedd2592cbd4130f22e0d758b15ccb5c4be6f3569ce29df3247
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.anotepad.com/bundles/site-css?v=CZ4oNS7H5ccbxtJz5ubVUmeoRG_0LsB0TrEWnjgYtm81
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 20:55:25 GMT
via
1.1 0406d08716a9781a5c19ff86db2debd3.cloudfront.net (CloudFront)
last-modified
Sun, 14 Feb 2021 19:56:45 GMT
server
Microsoft-IIS/8.5
age
425443
etag
"b322f485b3d71:0"
x-frame-options
SAMEORIGIN
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=604800
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
347
x-amz-cf-id
ww_mqJj9VHFWK_rUv0DMvngZqIDcFTAi-7vCVh5H00M1c7IdIePHVQ==
init
d.pub.network/v2/ 		24 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/v2/init?siteId=2321&env=PROD
Requested by
Host: a.pub.network
URL: https://a.pub.network/anotepad-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
41cb25ed917ce280cfeb5f5a41fc8be429fcf924173d92c3fef0edf95f872163

Request headers

Accept
application/json, text/plain, */*
Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:10 GMT
content-encoding
gzip
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
loadcomment
anotepad.com/note/ 		523 B
604 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://anotepad.com/note/loadcomment
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
207.244.104.157 Alexandria, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
anotepad.com
Software
Microsoft-IIS/8.5 /
Resource Hash
c4cbcc68d7a949e09034b1bdf19f4da6d9727b7f0d91bfaa146579d84d027f25
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
cors
Origin
https://anotepad.com
Accept-Encoding
gzip, deflate, br
Accept-Language
de-DE,de;q=0.9
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Cookie
fsbotchecked=true
Connection
keep-alive
Content-Length
19
Pragma
no-cache
Host
anotepad.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Cache-Control
no-cache
Referer
https://anotepad.com/notes/8mgfm8k4
Sec-Fetch-Site
same-origin
Accept
*/*
Referer
https://anotepad.com/notes/8mgfm8k4
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Wed, 13 Oct 2021 19:06:08 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Cache-Control
private
Content-Length
360
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.218.209.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-209-154.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:10 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
D5503D14AA2F06AA
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=54796
accept-ranges
bytes
content-length
948
x-amz-id-2
JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-8870545-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 28 Sep 2021 21:34:48 GMT
server
Golfe2
age
3904
date
Wed, 13 Oct 2021 18:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19887
expires
Wed, 13 Oct 2021 20:01:06 GMT
collect
www.google-analytics.com/j/ 		2 B
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j94&a=490125532&t=pageview&_s=1&dl=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4&ul=en-us&de=UTF-8&dt=Online%20Notepad%20-%20Cheating%20In%20Casino%20Gambling&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1936510871&gjid=2030834990&cid=1441146338.1634151970&tid=UA-8870545-1&_gid=624907572.1634151970&_r=1&gtm=2ouab0&z=894856094
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://anotepad.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-56846750fb16a611/ 		166 B
325 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/ra-56846750fb16a611/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-121.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:10 GMT
content-encoding
gzip
etag
659743217
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=32, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
154
300lo.json
m.addthis.com/live/red_lojson/ 		89 B
249 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m.addthis.com/live/red_lojson/300lo.json?si=61672e229dbaa986&bkl=0&bl=1&pdt=536&sid=61672e229dbaa986&pub=ra-56846750fb16a611&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=anotepad.com&fp=notes%2F8mgfm8k4&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=0&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1634151970482&jsl=1&uvs=61672e22c4ec4af2000&skipb=1&callback=addthis.cbs.jsonp__67350745116583320
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-121.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
19dde9d1e3e5bc2362fe50ac24c84279f68223d2e4a4cb5eb13fcd5dd560e497

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:10 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-disposition
attachment; filename=1.txt
content-length
89
content-type
application/javascript;charset=utf-8
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame D3FB 		0
0
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 72A1 		71 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-121.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:method
GET
:authority
s7.addthis.com
:scheme
https
:path
/static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://anotepad.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/

Response headers

server
nginx/1.15.8
content-type
text/html
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
etag
W/"5f971164-11adc"
timing-allow-origin
*
cache-control
public, max-age=86313600
p3p
CP="NON ADM OUR DEV IND COM STA"
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
content-length
26421
date
Wed, 13 Oct 2021 19:06:10 GMT
vary
Accept-Encoding
x-host
s7.addthis.com
collect
stats.g.doubleclick.net/j/ 		2 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-8870545-1&cid=1441146338.1634151970&jid=1936510871&gjid=2030834990&_gid=624907572.1634151970&_u=YEBAAUAAAAAAAC~&z=178957825
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.133.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 13 Oct 2021 19:06:10 GMT
content-type
text/plain
access-control-allow-origin
https://anotepad.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/anotepad-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.155.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-52.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 02:23:39 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
60161
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
jBvHRvIhAmr9nYHN--TqlonXQKFfotXPZPuCt1J8Wh6o3S42JAZRHA==
pubfig.engine.4.23.1.535fe0f4586de520edb0ca93a1249020044721f7.js
a.pub.network/core/pubfig/ 		324 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/pubfig/pubfig.engine.4.23.1.535fe0f4586de520edb0ca93a1249020044721f7.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/anotepad-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29d1e5453401263d835235fd249bf5891fbc3ffcecd82cc3fed01f7b79770d5a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=lx9SPQ==, md5=fPs/gsJe0WJAnr2cqv0P+A==
date
Wed, 13 Oct 2021 19:06:10 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ADPycduEG-yFSJzvwIab3BAcmwgszvhe3H76aIbhSZQDIBh2d6NRiuYThmE9i1XH1coOD7eshbyp5lerAZr1ck09RPA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
cf-ray
69dad7f7b8844e5b-FRA
last-modified
Fri, 08 Oct 2021 15:29:24 GMT
server
cloudflare
etag
W/"7cfb3f82c25ed162409ebd9caafd0ff8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t8d%2FcwYUemkuIPC07X7PVtC1lC2AKidbFsQqiQ5cOepj51nby4HyHHbd06mdH0KnBI3ZiV9RPSKqPxOQKJQnkLLFdeCN7DS%2Bdn5hUHf0DP9pcw4ofbdefGxdPF44vNc%3D"}],"group":"cf-nel","max_age":604800}
content-language
en
access-control-allow-origin
*
x-goog-generation
1633706964029958
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
332200
content-type
application/javascript
expires
Fri, 08 Oct 2021 18:19:53 GMT
ga-audiences
www.google.com/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-8870545-1&cid=1441146338.1634151970&jid=1936510871&_u=YEBAAUAAAAAAAC~&z=1416350799
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.132 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f132.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pandg-sdk.js
pghub.io/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pghub.io/js/pandg-sdk.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.23.1.535fe0f4586de520edb0ca93a1249020044721f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
217.45.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
443d41c905362e5073c79212ec86c5f69ddcfbc38f5530c6409b73c604e74259

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 04:11:29 GMT
content-encoding
gzip
age
53681
x-guploader-uploadid
ADPycdtH_Ao_JrASYespLZ_zyITguleUATKwB-t35cYUp_1YUj9jjhGyDn0WzjJ9EY9cWsNO6-rReJmLKhzjpcG6vS4
x-goog-storage-class
MULTI_REGIONAL
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1482
x-goog-meta-
last-modified
Wed, 07 Apr 2021 18:40:01 GMT
server
UploadServer
etag
"dd7e4933d35d1a7cb610442e9bea8b94"
vary
Accept-Encoding
x-goog-hash
crc32c=dtXWGA==, md5=3X5JM9NdGny2EEQum+qLlA==
x-goog-generation
1617820801121016
cache-control
public,max-age=3600
x-goog-stored-content-length
1482
accept-ranges
bytes
content-type
application/javascript
gpt.js
www.googletagservices.com/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.23.1.535fe0f4586de520edb0ca93a1249020044721f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
db6b891d30969b23b48a2c0b7c78ba3c102473280fe008f34ba0a2e40b5ed15f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1015 / 891 of 1000 / last-modified: 1634151087"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27145
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 13 Oct 2021 19:06:10 GMT
tag
btloader.com/
Redirect Chain
  • https://freestar-io.videoplayerhub.com/gallery.js
  • https://btloader.com/tag?h=freestar-io&upapi=true
110 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?h=freestar-io&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.70.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e158993abf3136f7d9c35ea1ace32e2a2add10adcc544937eab9c72f2711b8f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
69dad7f8e9151756-FRA
date
Wed, 13 Oct 2021 19:06:10 GMT
via
1.1 google
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2899
etag
W/"83f37fa84f8640acec4a3d5feb0e0227"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=URdPBHYeMJAY69P2nif3Ua086xbRpp2puv0Bdg80BacuhyFqT%2BfFWTMg0EqWgudrTT11g%2FoK1GhIIx%2F6DwPbISX%2FwNu7KZml8NDxMSML5H%2FxUlM4cXFYGIMdRdQ2uA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800, must-revalidate
content-encoding
br

Redirect headers

date
Wed, 13 Oct 2021 19:06:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kx3Nk9Kws2H1G%2F17oXI9S%2FgWMte%2FCYA6%2FO3evCgnfirwShDXyDqvwa7xKxQPATNJbfKAqz5c7rEVwhc917mxDPOaggaKbgi3rr%2FpQ%2FN%2F%2FOpqqJdtDQCpdUEV3iHS9ePaWPjXl%2BhAiNEu9avS5Mjd1g%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://btloader.com/tag?h=freestar-io&upapi=true
cache-control
max-age=3600
cf-ray
69dad7f89f6d4131-PRG
expires
Wed, 13 Oct 2021 20:06:10 GMT
prebid-analytics-4.42.6.js
a.pub.network/core/ 		454 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/prebid-analytics-4.42.6.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.23.1.535fe0f4586de520edb0ca93a1249020044721f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c9adacf90f2c434aef36301ba50b24bfe9b10651508fd1ff8880247106872c1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=/naSAQ==, md5=kgFsZ5XU+mBrDiHSNTa40w==
date
Wed, 13 Oct 2021 19:06:10 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ADPycdsW8OLHl2jOFVT8Kq_jVKE_rYqivW4cjreyK0smw2vWVVr1ymiLDwhZGu906-B1WIpajV_Qx8yXI2SEsaKYbSkjEJddPA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
cf-ray
69dad7f839d34e5b-FRA
last-modified
Thu, 05 Aug 2021 15:36:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k5Nhet2A72o5E93yzYu0p1KKM0QVZtkHcXjANV9cyC0q8Zvnpdy5Z0ElLZs16%2B36ZhIk%2FFrl3L6GKQJGuIhH5qDbhVh%2FNlLAdf82XCy65y5pwl2PhGe86x5AFQPqGL8%3D"}],"group":"cf-nel","max_age":604800}
content-language
en
access-control-allow-origin
*
x-goog-generation
1628177807921390
access-control-expose-headers
*
cache-control
private, max-age=86400
x-goog-stored-content-length
464928
content-type
text/html
expires
Thu, 13 Oct 2022 17:20:01 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_ucfr=1&ns__t=1634151970602&ns_c=UTF-8&cv=3.5&c8=Online%20Notepad%20-%20Cheating%20In%20Casino%20Gambling&c7=https%3A%2F%2Fanotepad.com%2Fnotes...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1634151970602&ns_c=UTF-8&cv=3.5&c8=Online%20Notepad%20-%20Cheating%20In%20Casino%20Gambling&c7=https%3A%2F%2Fanotepad.com%2Fnote...
64 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1634151970602&ns_c=UTF-8&cv=3.5&c8=Online%20Notepad%20-%20Cheating%20In%20Casino%20Gambling&c7=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.155.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-52.dus51.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:10 GMT
via
1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
fqOg9lcyXyDt_DZNcjPnToyoue4YmM-N3Av8WvHNA2zOBRvAZ4YEaw==

Redirect headers

date
Wed, 13 Oct 2021 19:06:10 GMT
via
1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1634151970602&ns_c=UTF-8&cv=3.5&c8=Online%20Notepad%20-%20Cheating%20In%20Casino%20Gambling&c7=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4&c9=
content-length
235
x-amz-cf-id
6aQqopRztG_zRbAKrUSflXnFgwdSkDcDY8rQOVE010d3Yz4s4FlEgg==
pubads_impl_2021100701.js
securepubads.g.doubleclick.net/gpt/ 		366 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
74e0705ba9740aea8c7f1f7a8e582ae656c55e1c8d047b212683fadb5e623fa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126551
x-xss-protection
0
last-modified
Thu, 07 Oct 2021 08:38:34 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 13 Oct 2021 19:06:10 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		90 B
738 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=anotepad.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
8a152fa7d63042de67cd9f5f88a298cb1745da2f35510fadade49f651de13dc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Oct 2021 19:06:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
81
x-xss-protection
0
expires
Wed, 13 Oct 2021 19:06:10 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
685 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 04:50:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51346
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Oct 2021 04:50:24 GMT
px.gif
ad-delivery.net/ 		43 B
996 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.407793186498399
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date
Wed, 13 Oct 2021 19:06:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
134
x-guploader-uploadid
ABg5-UzSZ-Kt1WbGdd88HlCnZf7YcJGLu-DR5tPwPS9bXoxAsvJYwt4jGn6LAHoZbG34sctt0vecv7iFCJZExLBCcbRvF7nEjw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-type
image/gif
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5bMkkqix76UVVNHL3PjK53ZIm%2Fzvh902M%2Bp%2BuAASyTlUhEHxx0%2FWfTpt%2Fn%2FvFBpMycRvywKFbcv9J6oiHS%2BOF83uOgKrZHFt1JepDw21tw4v0eZ4kS0C944IYyhJTqiegQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620242732037093
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
69dad7f929cd5b7a-FRA
expires
Wed, 13 Oct 2021 19:45:22 GMT
op.js
tagan.adlightning.com/freestar/ 		59 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/op.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.23.1.535fe0f4586de520edb0ca93a1249020044721f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.155.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-24.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
03357e64ce1abe69e09ec26ec18fcc7d46b47c886733e4d2efe0a1f50a8f6e17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
McdH5MkW_SEl1iEOmNqDbRShwQRxesTS
content-encoding
gzip
etag
"3d42d58b3b42a10c6cf570a5bfb56644"
age
2033
x-cache
Hit from cloudfront
content-length
24567
x-amz-meta-git_commit
7b120a5
last-modified
Tue, 12 Oct 2021 13:46:46 GMT
server
AmazonS3
date
Wed, 13 Oct 2021 18:32:18 GMT
content-type
application/javascript
via
1.1 892b66fb24658030c9f86276c7abeda5.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-amz-cf-id
7WCC82NqLqg3gGurnLZd2ZBeqPXBVwZ8wkdXM7lei1rZkxbZccOtwA==
pv
api.btloader.com/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=XUXDmRI4Im&w=5749887104712704&o=5714937848528896&cv=2.0.2-2-gfdc9054&r=false&pageURL=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4&upapi=true
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 13 Oct 2021 19:06:10 GMT
cache-control
no-cache, no-store, must-revalidate
vary
Origin
alt-svc
clear
via
1.1 google
quant.js
secure.quantserve.com/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.23.1.535fe0f4586de520edb0ca93a1249020044721f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.133 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2d452ca7bf499867307ebfa48373084a42e1f56ec0a26e5bb2e12f01888c3cc9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:10 GMT
content-encoding
gzip
etag
"XUylRaJiJNdi08iU32oNYQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Wed, 20 Oct 2021 19:06:10 GMT
freestar.js
dggaenaawxe8z.cloudfront.net/ic/audiencesegment/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dggaenaawxe8z.cloudfront.net/ic/audiencesegment/freestar.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.23.1.535fe0f4586de520edb0ca93a1249020044721f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.242.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
da3c5a2e809324e17c200da5501c0504fa5abe3acbd74dc7b53f4d61a06b66c6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 04:17:47 GMT
content-encoding
gzip
last-modified
Wed, 13 Oct 2021 04:14:50 GMT
server
AmazonS3
age
53304
etag
W/"875dd76c5784ab5abc64ac0e780a24ae"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 5297df6326448099cefed6e96fd7b00b.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
0WVVCVax5QDEjfjg4QSeFyDr_XOYvAk6wRYn8orMnmJCfCY12Dmyeg==
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
arj
freestar-d.openx.net/w/1.0/ 		173 B
555 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=08125a1a-59a1-4042-b75b-4ccbb7b1f392&nocache=1634151970838&pubcid=09e0592b-6e94-4c2e-b800-bc290207e5e5&schain=1.0%2C1!freestar.com%2C1036%2C1%2C%2C%2C&aus=728x90%2C970x90&divids=anotepad_adhesion&aucs=%252F15184186%252C21641952176%252Fanotepad_adhesion%252Fanotepad_adhesion&auid=539181725
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
1a682828281f9fb726ae86df4806749876d584f6c38928f088a04828c4d80a1a

Request headers

Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:10 GMT
content-encoding
gzip
server
OXGW/16.217.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://anotepad.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
hb
ssc.33across.com/api/v1/ 		65 B
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cNQLIgg3Or7iD1aKlKyvbs
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
a35ef16718abb35df0887bcc5c7b49eed91e0604d5594bad347846bc59993496

Request headers

Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 13 Oct 2021 19:06:10 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
hb
ssc.33across.com/api/v1/ 		65 B
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cNQLIgg3Or7iD1aKlKyvbs
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
d35e9ff7b6333910cedef6d54c93a010d3ea782a54424b902dc4e8cb964bc53c

Request headers

Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 13 Oct 2021 19:06:10 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
hb
ssc.33across.com/api/v1/ 		65 B
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cNQLIgg3Or7iD1aKlKyvbs
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
30ce1b3726b3649359e42cbdec0beece95f3a7b5e72d4820929a6f715d7219e0

Request headers

Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 13 Oct 2021 19:06:10 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.116.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-116-184.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://anotepad.com
date
Wed, 13 Oct 2021 19:06:10 GMT
access-control-allow-credentials
true
vary
Origin
prebid
ads.yieldmo.com/exchange/ 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.42.1&p=%5B%7B%22placement_id%22%3A%22anotepad_adhesion%22%2C%22callback_id%22%3A%22100e29be1211019%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B970%2C90%5D%5D%2C%22ym_placement_id%22%3A%222662464007037722661%22%7D%5D&page_url=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4&bust=1634151970842&pr=&scrd=1&dnt=false&description=aNotepad.com%20is%20your%20online%20notepad%20on%20the%20web.%20It%20allows%20you%20to%20store%20notes%20on%20the%20GO%20without%20having%20to%20Login.%20You%20can%20use%20a%20rich%20text%20editor%2C%20sort%20notes%20by%20date%20or%20title%20and%20make%20notes%20private.%20Best%20of%20all%20-%20anotepad%20is%20a%20fast%2C%20clean%2C%20simple%20to%20use%20and%20FREE%20online%20web%20notepad.&title=Online%20Notepad%20-%20Cheating%20In%20Casino%20Gambling&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pubcid=09e0592b-6e94-4c2e-b800-bc290207e5e5&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%221036%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.232.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-232-22.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://anotepad.com
pragma
no-cache
date
Wed, 13 Oct 2021 19:06:11 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
cdb
bidder.criteo.com/ 		0
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.42.1&cb=13153930117
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://anotepad.com
date
Wed, 13 Oct 2021 19:06:09 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		138 B
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
787116c5ad8ef6cf6dad39e648c1fa029d3c9edc936b5e3727e492fefc9758e8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 13 Oct 2021 19:06:10 GMT
X-Proxy-Origin
216.131.114.109; 216.131.114.109; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
18ba3bcf-e64b-4d30-9d71-dac15704d760
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://anotepad.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df35500551&pos=8a9694120174744413194708f0170a00&cmd=bid&req=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
2559f5eef5639041de7068e61f60bfd08fdf8128ac6bf64876377416d8953395

Request headers

Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 13 Oct 2021 19:06:10 GMT
Server
ATS/7.1.2.138
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://anotepad.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df35500551&pos=8a9698b40175759a19619dee240d0031&cmd=bid&req=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
655631c663058b15595742823ab8a838b415dda58b5e2727f6cc8907104703d0

Request headers

Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 13 Oct 2021 19:06:10 GMT
Server
ATS/7.1.2.138
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://anotepad.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
translator
hbopenbid.pubmatic.com/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://anotepad.com
date
Wed, 13 Oct 2021 19:06:09 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		568 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=2177788&size_id=2&alt_size_ids=55&rp_schain=1.0,1!freestar.com,1036,1,,,&rf=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4&tg_i.name=anotepad-com&tg_i.domain=anotepad.com&tg_i.cat=IAB5&tg_i.sectioncat=IAB5&tg_i.pagecat=IAB5&tg_i.page=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4&tg_i.fs_ad_product=stickyFooter&tg_i.dfp_ad_unit_code=15184186%2C21641952176%2Fanotepad_adhesion&tg_i.pbadslot=15184186%2C21641952176%2Fanotepad_adhesion%2Fanotepad_adhesion&tk_flint=pbjs_lite_v4.42.1&x_source.tid=08125a1a-59a1-4042-b75b-4ccbb7b1f392&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.20564494499889396
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
e9072a5beab750c324a03039ba66828e3dc768c990cf80b894d209d74fc9d920

Request headers

Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 13 Oct 2021 19:06:11 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://anotepad.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
568
Expires
Wed, 17 Sep 1975 21:32:10 GMT
hbjson
grid.bidswitch.net/ 		2 B
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.135.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-135-64.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://anotepad.com
Date
Wed, 13 Oct 2021 19:06:11 GMT
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Content-Length
2
Content-Type
application/json; charset=UTF-8
cygnus
htlb.casalemedia.com/ 		25 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=676941&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2227403dfc6497089%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.42.1%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%221036%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22287556812bbf6c3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22676941%22%2C%22sid%22%3A%22728x90%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2C21641952176%2Fanotepad_adhesion%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%222906dbbc6761b7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22676941%22%2C%22sid%22%3A%22970x90%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2C21641952176%2Fanotepad_adhesion%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f2851c9f31a30e8744129c5fed3319b0b2c1769e35b8e9272bc72f46e2627e24

Request headers

Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:11 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[216.131.114.109], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://anotepad.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Wed, 13 Oct 2021 19:06:11 GMT
display
mantodea.mantisadnetwork.com/prebid/ 		56 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mantodea.mantisadnetwork.com/prebid/display?tz=0&buster=1634151970850&secure=true&version=9&title=Online%20Notepad%20-%20Cheating%20In%20Casino%20Gambling&url=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4&measurable=true&bids[0][bidId]=31c1a40b0a42d2b&bids[0][config][property]=5c3404d83e048a00261ad27f&bids[0][config][zone]=anotepad_adhesion&bids[0][sizes][0][width]=728&bids[0][sizes][0][height]=90&bids[0][sizes][1][width]=970&bids[0][sizes][1][height]=90&property=5c3404d83e048a00261ad27f&foo
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.80.147.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-147-122.compute-1.amazonaws.com
Software
/ Express
Resource Hash
41d43d8ed3eef60e6893cb833691b0dce72210ae423a0a8612da786af079bce2

Request headers

Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:11 GMT
x-powered-by
Express
etag
W/"38-sw+5TQ9lMGn8evLl0DNBG4gNZ7I"
vary
Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://anotepad.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
56
expires
-1
fslogo-green.svg
a.pub.network/core/imgs/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.pub.network/core/imgs/fslogo-green.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecc20ed3c5dedbe5bbe73d1e7b14270c65a85f7d0ec4c94c4f0c9f0071e471a2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=Jh+rSg==, md5=Mm1svZd2V+EgW9YW0fL6yg==
date
Wed, 13 Oct 2021 19:06:10 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ADPycdvc6wdj3QRU7v2ElxAwAXCq5Ip5cNmBjWMcv6OyV2m9jnO_q4AF54RXzcA3OTi5vhshBfgaUAzclHoTTRi6ul0
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-type
image/svg+xml
last-modified
Tue, 08 Sep 2020 17:04:37 GMT
server
cloudflare
etag
W/"326d6cbd977657e1205bd616d1f2faca"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LFI%2FDQuck32ZR5VYOXtzw3%2B6nCQTyHfS8yP4EONblXo5agGiYjFd%2BPBV%2BcB5xFYOm%2BS9RNDwqK7KUV8dEdUyKtvg7%2BNmWuPeejnaQcPcrH6urUCXLbu%2Bh3%2FGIM7Plr0%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1599584677716817
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
1193
cf-ray
69dad7f9dd754e5b-FRA
expires
Wed, 13 Oct 2021 19:02:32 GMT
b-7b120a5-b3bdc5bb.js
tagan.adlightning.com/freestar/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/b-7b120a5-b3bdc5bb.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.155.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-24.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
922851ab1a5fce51fbdb9306f1329bf8e80919b6c443b38792b183da23d15314

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 04:56:59 GMT
content-encoding
gzip
age
3506952
x-cache
Hit from cloudfront
content-length
28519
x-amz-meta-git_commit
7b120a5
last-modified
Mon, 16 Aug 2021 16:44:53 GMT
server
AmazonS3
etag
"740bb6532e59e4676cc74228cc09fc36"
x-amz-version-id
7vSoDick1OFIZRTjmPdylyGMRRN80fGd
via
1.1 892b66fb24658030c9f86276c7abeda5.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
wRFDclIrVpontwDzBYyl4YoaIJkH2yEMU6MDj0-AR-iLaPf1n1fHtA==
bl-e1f86f1-b76b56dd.js
tagan.adlightning.com/freestar/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/bl-e1f86f1-b76b56dd.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.155.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-24.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
812120e5ae14c01f8e582a6f65d8edd5be512183469167e1b4aa44babf4f16fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 14:07:53 GMT
content-encoding
gzip
age
104298
x-cache
Hit from cloudfront
content-length
20181
x-amz-meta-git_commit
e1f86f1
last-modified
Tue, 12 Oct 2021 13:45:57 GMT
server
AmazonS3
etag
"5eb30c80051cf1068fd5977c36ebf0e1"
x-amz-version-id
spQNSK2k7inCQ_SvbouhGWqjPSU15D2l
via
1.1 892b66fb24658030c9f86276c7abeda5.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
C8JcxNtmDlACBJfKDf1HYGt5PqjYFTjZ3H8MOKnL0K9lP5Do9kIMsQ==
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
92e649098eefaf82db65282d7cbb4e65c738aca33c3fc8073a9c770fbcb0623d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
womptv2nm.js
cdn.krxd.net/controltag/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/womptv2nm.js
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/8mgfm8k4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e1023fc5b7b2cb762dd4ad14fcf4787fa945fca4a37518cd0d6b411c248dc201

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Wed, 13 Oct 2021 19:06:10 GMT
via
1.1 varnish, 1.1 varnish
age
254
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
3716
x-served-by
config-service-a002-ash-prod.krxd.net, cache-bwi5153-BWI, cache-hhn4054-HHN
x-response-time
0
x-do-esi
esi
x-timer
S1634151971.990346,VS0,VE0
etag
"fa213313d0f749c73627133b4ab4942a6489b2c7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 1, 86
logs
uat5-b.investingchannel.com/ 		0
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://uat5-b.investingchannel.com/logs?gdprapplicable=false&uspstatus=NOT_APPLICABLE
Requested by
Host: dggaenaawxe8z.cloudfront.net
URL: https://dggaenaawxe8z.cloudfront.net/ic/audiencesegment/freestar.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.27.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-27-215.eu-central-1.compute.amazonaws.com
Software
Jetty(9.4.12.v20180830) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 13 Oct 2021 19:06:11 GMT
server
Jetty(9.4.12.v20180830)
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
logs
uat5-b.investingchannel.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://uat5-b.investingchannel.com/logs?gdprapplicable=false&uspstatus=NOT_APPLICABLE
Protocol
H2
Server
52.57.27.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-27-215.eu-central-1.compute.amazonaws.com
Software
Jetty(9.4.12.v20180830) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://anotepad.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 13 Oct 2021 19:06:10 GMT
content-length
0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers Accept-Encoding, User-Agent
access-control-allow-origin
https://anotepad.com
access-control-allow-methods
POST
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
server
Jetty(9.4.12.v20180830)
rules-p-UeXruRVtZz7w6.js
rules.quantcount.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 18:46:02 GMT
content-encoding
gzip
age
1209
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Thu, 07 Dec 2017 17:06:25 GMT
server
AmazonS3
etag
W/"cbc97d16c77ea1fcbbf42d246001e982"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 5b9a6276a0cfe21df57da85d975de2dd.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
9Ot3kUWg1MY_m1W9zRnUB4aMWjuF1PFl4DVwE-CZeEgstlf-VFOFjA==
cygnus
htlb.casalemedia.com/ 		21 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=676941&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2232236629695022%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A2%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A2%2C%22ren%22%3Afalse%2C%22version%22%3A%224.42.1%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%221036%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22338f85ca1a001f2%22%2C%22ext%22%3A%7B%22siteID%22%3A%22676941%22%2C%22sid%22%3A%22728x90%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2C21641952176%2Fanotepad_leaderboard_atf%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2234fa81daacc4df1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22676941%22%2C%22sid%22%3A%22970x90%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2C21641952176%2Fanotepad_leaderboard_atf%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22359920b3d84933a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22676941%22%2C%22sid%22%3A%22300x250%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2C21641952176%2Fanotepad_leaderboard_atf%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22367dead83c97017%22%2C%22ext%22%3A%7B%22siteID%22%3A%22676941%22%2C%22sid%22%3A%22970x250%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2C21641952176%2Fanotepad_leaderboard_atf%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2237cb3d3c5fee4b8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22676941%22%2C%22sid%22%3A%22336x280%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2C21641952176%2Fanotepad_leaderboard_atf%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22381cf2f3544a98d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22676941%22%2C%22sid%22%3A%22728x90%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2C21641952176%2Fanotepad_leaderboard_btf%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%223929dfe9fc209a2%22%2C%22ext%22%3A%7B%22siteID%22%3A%22676941%22%2C%22sid%22%3A%22970x90%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2C21641952176%2Fanotepad_leaderboard_btf%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22409fb9715528e2c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22676941%22%2C%22sid%22%3A%22300x250%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2C21641952176%2Fanotepad_leaderboard_btf%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2241f6673e8003fa7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22676941%22%2C%22sid%22%3A%22970x250%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2C21641952176%2Fanotepad_leaderboard_btf%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2242507250ae0c796%22%2C%22ext%22%3A%7B%22siteID%22%3A%22676941%22%2C%22sid%22%3A%22336x280%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2C21641952176%2Fanotepad_leaderboard_btf%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c7b3818acee15b65e636d1c8f2581f30af6d3e9958e110162eea6606426f2dd2

Request headers

Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:11 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[216.131.114.109], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://anotepad.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
9640
x-ak-client-geo
12
expires
Wed, 13 Oct 2021 19:06:11 GMT
cdb
bidder.criteo.com/ 		0
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.42.1&cb=98050941735
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://anotepad.com
date
Wed, 13 Oct 2021 19:06:10 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
translator
hbopenbid.pubmatic.com/ 		35 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
919727cb167ed24ef364bcd297ffba4502a429638d8b786738724850d494363f

Request headers

Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://anotepad.com
date
Wed, 13 Oct 2021 19:06:09 GMT
content-encoding
gzip
x-openrtb-version
2.3
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ 		250 B
930 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
06a4e715241e257811d0814deb54b98c3588c5074d06acb10a4a5376273ea1fb
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 13 Oct 2021 19:06:11 GMT
X-Proxy-Origin
216.131.114.109; 216.131.114.109; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
5f422909-b409-4b79-ab91-51bd180ad9b2
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://anotepad.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
250
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
freestar-d.openx.net/w/1.0/ 		173 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=6fd5d68f-6d76-4211-8176-648f37cbdc91%2C3e1369f4-8cff-4a06-8391-3e61d761b6cf&nocache=1634151971126&pubcid=09e0592b-6e94-4c2e-b800-bc290207e5e5&schain=1.0%2C1!freestar.com%2C1036%2C1%2C%2C%2C&aus=728x90%2C970x90%2C300x250%2C970x250%2C336x280%7C728x90%2C970x90%2C300x250%2C970x250%2C336x280&divids=anotepad_leaderboard_atf%2Canotepad_leaderboard_btf&aucs=%252F15184186%252C21641952176%252Fanotepad_leaderboard_atf%252Fanotepad_leaderboard_atf%2C%252F15184186%252C21641952176%252Fanotepad_leaderboard_btf%252Fanotepad_leaderboard_btf&auid=539181725%2C539181725
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
37a61a2b1f65e5d0cdd76735704c8ff6fb4da51719a25e31e679b2d345c024e9

Request headers

Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:11 GMT
content-encoding
gzip
server
OXGW/16.217.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://anotepad.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.116.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-116-184.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://anotepad.com
date
Wed, 13 Oct 2021 19:06:11 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.116.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-116-184.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://anotepad.com
date
Wed, 13 Oct 2021 19:06:11 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.116.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-116-184.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://anotepad.com
date
Wed, 13 Oct 2021 19:06:11 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.116.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-116-184.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://anotepad.com
date
Wed, 13 Oct 2021 19:06:11 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.116.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-116-184.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://anotepad.com
date
Wed, 13 Oct 2021 19:06:11 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.116.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-116-184.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://anotepad.com
date
Wed, 13 Oct 2021 19:06:11 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.116.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-116-184.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://anotepad.com
date
Wed, 13 Oct 2021 19:06:11 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.116.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-116-184.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://anotepad.com
date
Wed, 13 Oct 2021 19:06:11 GMT
access-control-allow-credentials
true
vary
Origin
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cNQLIgg3Or7iD1aKlKyvbs
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
4fd83dba0f21a9793a134726c15e494e5639741f7712404a51aa0da90a37511e

Request headers

Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 13 Oct 2021 19:06:11 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cNQLIgg3Or7iD1aKlKyvbs
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
18da3d22405e33fb58a4f7baa2dbca9748dc4beccb2152267138a72cdfc6ad1a

Request headers

Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 13 Oct 2021 19:06:11 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
fastlane.json
fastlane.rubiconproject.com/a/api/ 		676 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=2177788&size_id=15&alt_size_ids=2%2C16%2C55%2C57&rp_schain=1.0,1!freestar.com,1036,1,,,&rf=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4&tg_i.name=anotepad-com&tg_i.domain=anotepad.com&tg_i.cat=IAB5&tg_i.sectioncat=IAB5&tg_i.pagecat=IAB5&tg_i.page=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4&tg_i.fs_ad_product=superflex&tg_i.dfp_ad_unit_code=15184186%2C21641952176%2Fanotepad_leaderboard_atf%3B15184186%2C21641952176%2Fanotepad_leaderboard_btf&tg_i.pbadslot=15184186%2C21641952176%2Fanotepad_leaderboard_atf%2Fanotepad_leaderboard_atf%3B15184186%2C21641952176%2Fanotepad_leaderboard_btf%2Fanotepad_leaderboard_btf&tk_flint=pbjs_lite_v4.42.1&x_source.tid=6fd5d68f-6d76-4211-8176-648f37cbdc91%3B3e1369f4-8cff-4a06-8391-3e61d761b6cf&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=2&rand=0.9349455096595978
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
789c1982568cfccb43ffaf842f8d36132c06d43ca0dcd5b1473b3544bf13f9f6

Request headers

Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 13 Oct 2021 19:06:11 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://anotepad.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
676
Expires
Wed, 17 Sep 1975 21:32:10 GMT
hbjson
grid.bidswitch.net/ 		2 B
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.135.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-135-64.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://anotepad.com
Date
Wed, 13 Oct 2021 19:06:11 GMT
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Content-Length
2
Content-Type
application/json; charset=UTF-8
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df35500551&pos=8a9694120174744413194708f3730a02&cmd=bid&req=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
da5c506770b6555bdca727b028f8934b1aadafd2c548fa257e216b4a0f92905d

Request headers

Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 13 Oct 2021 19:06:11 GMT
Server
ATS/7.1.2.138
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://anotepad.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df35500551&pos=8a9694120174744413194708f0170a00&cmd=bid&req=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
914afebab6b302b07f6fff89abb959a296281d0ecf9d9553a3f1574e5eda9431

Request headers

Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 13 Oct 2021 19:06:11 GMT
Server
ATS/7.1.2.138
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://anotepad.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df35500551&pos=8a969412017474441319470184320795&cmd=bid&req=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
ff1397ab953ecaf1d9db1e721b1abc05c882e56d9034cd254b3fdac62c1a61ad

Request headers

Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 13 Oct 2021 19:06:11 GMT
Server
ATS/7.1.2.138
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://anotepad.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df35500551&pos=8a9698b40175759a19619dee240d0031&cmd=bid&req=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
6fa0da507132406b36e8885cf69e12918116bdb2163a96470e83937feff391eb

Request headers

Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 13 Oct 2021 19:06:11 GMT
Server
ATS/7.1.2.138
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://anotepad.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df35500551&pos=8a9694120174744413194708f3730a02&cmd=bid&req=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
3b029861bd353624a716ef3e8b82046fc0f20d73c4f82ae5d557c39aae1b3770

Request headers

Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 13 Oct 2021 19:06:11 GMT
Server
ATS/7.1.2.138
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://anotepad.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df35500551&pos=8a9694120174744413194708f0170a00&cmd=bid&req=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
7c7f3d82f4d447392787ff888d1b2224ce271bb691cd2909938b85d41f6ac018

Request headers

Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 13 Oct 2021 19:06:11 GMT
Server
ATS/7.1.2.138
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://anotepad.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df35500551&pos=8a969412017474441319470184320795&cmd=bid&req=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
bcb11bb88ad0d7ad4e7260a29db09787a3f487623bdab2e631d519b91cd10201

Request headers

Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 13 Oct 2021 19:06:11 GMT
Server
ATS/7.1.2.138
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://anotepad.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df35500551&pos=8a9698b40175759a19619dee240d0031&cmd=bid&req=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
88f495783b4c9529f3af4c7c04c728d9535bc3af700f5511c45bb25fe9d7bcd5

Request headers

Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 13 Oct 2021 19:06:11 GMT
Server
ATS/7.1.2.138
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://anotepad.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
display
mantodea.mantisadnetwork.com/prebid/ 		56 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mantodea.mantisadnetwork.com/prebid/display?tz=0&buster=1634151971135&secure=true&version=9&title=Online%20Notepad%20-%20Cheating%20In%20Casino%20Gambling&url=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4&measurable=true&bids[0][bidId]=105deac3389ca056&bids[0][config][property]=5c3404d83e048a00261ad27f&bids[0][config][zone]=anotepad_leaderboard_atf&bids[0][sizes][0][width]=728&bids[0][sizes][0][height]=90&bids[0][sizes][1][width]=970&bids[0][sizes][1][height]=90&bids[0][sizes][2][width]=300&bids[0][sizes][2][height]=250&bids[0][sizes][3][width]=970&bids[0][sizes][3][height]=250&bids[0][sizes][4][width]=336&bids[0][sizes][4][height]=280&bids[1][bidId]=10684b1370027059&bids[1][config][property]=5c3404d83e048a00261ad27f&bids[1][config][zone]=anotepad_leaderboard_btf&bids[1][sizes][0][width]=728&bids[1][sizes][0][height]=90&bids[1][sizes][1][width]=970&bids[1][sizes][1][height]=90&bids[1][sizes][2][width]=300&bids[1][sizes][2][height]=250&bids[1][sizes][3][width]=970&bids[1][sizes][3][height]=250&bids[1][sizes][4][width]=336&bids[1][sizes][4][height]=280&property=5c3404d83e048a00261ad27f&foo
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.80.147.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-147-122.compute-1.amazonaws.com
Software
/ Express
Resource Hash
fe5b7f6522e28878e714d5189017d9295207fa3389eaf9d7452e27fd88282cb7

Request headers

Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:11 GMT
x-powered-by
Express
etag
W/"38-yJ5GvXImqgd3c27bfImK6jl1/8M"
vary
Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://anotepad.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
56
expires
-1
prebid
ads.yieldmo.com/exchange/ 		0
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.42.1&p=%5B%7B%22placement_id%22%3A%22anotepad_leaderboard_atf%22%2C%22callback_id%22%3A%221080b672d375f083%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B970%2C90%5D%2C%5B300%2C250%5D%2C%5B970%2C250%5D%2C%5B336%2C280%5D%5D%2C%22ym_placement_id%22%3A%222662464007037722661%22%7D%2C%7B%22placement_id%22%3A%22anotepad_leaderboard_btf%22%2C%22callback_id%22%3A%22109c4d55fb797568%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B970%2C90%5D%2C%5B300%2C250%5D%2C%5B970%2C250%5D%2C%5B336%2C280%5D%5D%2C%22ym_placement_id%22%3A%222662464007037722661%22%7D%5D&page_url=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4&bust=1634151971135&pr=&scrd=1&dnt=false&description=aNotepad.com%20is%20your%20online%20notepad%20on%20the%20web.%20It%20allows%20you%20to%20store%20notes%20on%20the%20GO%20without%20having%20to%20Login.%20You%20can%20use%20a%20rich%20text%20editor%2C%20sort%20notes%20by%20date%20or%20title%20and%20make%20notes%20private.%20Best%20of%20all%20-%20anotepad%20is%20a%20fast%2C%20clean%2C%20simple%20to%20use%20and%20FREE%20online%20web%20notepad.&title=Online%20Notepad%20-%20Cheating%20In%20Casino%20Gambling&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pubcid=09e0592b-6e94-4c2e-b800-bc290207e5e5&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%221036%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.232.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-232-22.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://anotepad.com
pragma
no-cache
date
Wed, 13 Oct 2021 19:06:11 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=anotepad.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Oct 2021 19:06:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		96 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2014723637856242&correlator=3867613116523360&output=ldjh&impl=fifs&vrg=2021100701&ptt=17&sc=1&sfv=1-0-38&ecs=20211013&iu_parts=15184186%3A21641952176%2Canotepad_adhesion&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26floors_id%3Dtimeout%26floors_hour%3D19%26fs_placementName%3Danotepad_adhesion%26fs_ad_product%3DstickyFooter%26fsbid%3D0&eri=1&cust_params=user-agent%3DChrome&cookie_enabled=1&bc=31&abxe=1&lmt=1634151971&dt=1634151971257&dlt=1634151970206&idt=556&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=1110&adks=1723632371&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1&msz=1600x-1&ga_vid=1441146338.1634151970&ga_sid=1634151971&ga_hid=490125532&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
904ebf3e0cbb436fc8510c6fb68fb815d85d0fff90a5696c3a206ff75a148de1
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8960441935629234263/728x90/banner/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8960441935629234263/728x90/banner/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPabi76KyPMCFZl24Aod9e0OYw&gqi=&layout=/sadbundle/%24csp%253Der3%24/8960441935629234263/728x90/banner/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8960441935629234263/728x90/banner/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8960441935629234263/728x90/banner/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPabi76KyPMCFZl24Aod9e0OYw&gqi=&layout=/sadbundle/%24csp%253Der3%24/8960441935629234263/728x90/banner/index.html
content-encoding
br
x-content-type-options
nosniff
google-creative-id
-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30787
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
date
Wed, 13 Oct 2021 19:06:11 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://anotepad.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9F40 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://anotepad.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 13 Oct 2021 19:06:11 GMT
expires
Thu, 13 Oct 2022 19:06:11 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
controltag.js.a1705c5ac5f06cf0c202ff70908fc042
cdn.krxd.net/ctjs/ 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/womptv2nm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Wed, 13 Oct 2021 19:06:11 GMT
content-encoding
gzip
age
1192734
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
3017321
content-length
84509
x-served-by
cache-hhn4054-HHN
last-modified
Mon, 02 Aug 2021 12:06:17 GMT
x-timer
S1634151971.273389,VS0,VE0
etag
"a1705c5ac5f06cf0c202ff70908fc042"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Thu, 31 Jul 2031 12:06:16 GMT
pixel;r=1356279498;rf=0;a=p-UeXruRVtZz7w6;url=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4;uht=2;fpan=1;fpa=P0-650376597-1634151971266;pbc=;ns=0;ce=1;qjs=1;qv=00a3769c-20210929173447;cm=;gdpr=0;re...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1356279498;rf=0;a=p-UeXruRVtZz7w6;url=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4;uht=2;fpan=1;fpa=P0-650376597-1634151971266;pbc=;ns=0;ce=1;qjs=1;qv=00a3769c-20210929173447;cm=;gdpr=0;ref=;d=anotepad.com;je=0;sr=1600x1200x24;dst=0;et=1634151971266;tzo=0;ogl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.133 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:11 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
proxy.3d2100fd7107262ecb55ce6847f01fa5.html
cdn.krxd.net/partnerjs/xdi/ Frame 4D0B 		805 B
826 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9

Request headers

:method
GET
:authority
cdn.krxd.net
:scheme
https
:path
/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://anotepad.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/

Response headers

last-modified
Tue, 21 Feb 2017 17:50:54 GMT
etag
"3d2100fd7107262ecb55ce6847f01fa5"
cache-control
public, max-age=315360000
expires
Fri, 19 Feb 2027 17:50:50 GMT
content-type
text/html
x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
content-encoding
gzip
accept-ranges
bytes
date
Wed, 13 Oct 2021 19:06:11 GMT
via
1.1 varnish
age
1709931
x-served-by
cache-hhn4054-HHN
x-cache
HIT
x-cache-hits
807047
x-timer
S1634151971.313127,VS0,VE0
vary
Accept-Encoding
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length
525
optout_check
beacon.krxd.net/ 		73 B
233 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.krxd.net/optout_check?callback=Krux.ns.investingchannelinc.kxjsonp_optOutCheck
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.41.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-41-171.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ac828be9eacb996ccdf11871690f6b8b83aadcb4deac680f260678056051707e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:11 GMT
cache-control
private, max-age=0, s-max-age=0
x-request-time
D=25 t=1634151971
x-served-by
beacon-n002-dub-prod.krxd.net
content-type
text/javascript
womptv2nm.js
cdn.krxd.net/controltag/ Frame 4D0B 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/womptv2nm.js
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e1023fc5b7b2cb762dd4ad14fcf4787fa945fca4a37518cd0d6b411c248dc201

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Wed, 13 Oct 2021 19:06:11 GMT
via
1.1 varnish, 1.1 varnish
age
254
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
3716
x-served-by
config-service-a002-ash-prod.krxd.net, cache-bwi5153-BWI, cache-hhn4054-HHN
x-response-time
0
x-do-esi
esi
x-timer
S1634151971.334719,VS0,VE0
etag
"fa213313d0f749c73627133b4ab4942a6489b2c7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 1, 87
controltag.js.a1705c5ac5f06cf0c202ff70908fc042
cdn.krxd.net/ctjs/ Frame 4D0B 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/womptv2nm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Wed, 13 Oct 2021 19:06:11 GMT
content-encoding
gzip
age
1192734
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
3017322
content-length
84509
x-served-by
cache-hhn4054-HHN
last-modified
Mon, 02 Aug 2021 12:06:17 GMT
x-timer
S1634151971.343321,VS0,VE0
etag
"a1705c5ac5f06cf0c202ff70908fc042"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Thu, 31 Jul 2031 12:06:16 GMT
9427dd0d-835c-471c-a5db-ab01ae8a681c
consumer.krxd.net/consent/get/ 		249 B
438 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/9427dd0d-835c-471c-a5db-ab01ae8a681c?idt=device&dt=kxcookie&callback=Krux.ns.investingchannelinc.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5195609afbc1fca03f3200b50d97a90a8eb0e4652108db990a1aa9a1c9f7a0af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:11 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a002-dub-prod.krxd.net, cache-hhn4025-HHN
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1634151971.382652,VS0,VE29
content-length
199
x-cache-hits
0, 0
9427dd0d-835c-471c-a5db-ab01ae8a681c
consumer.krxd.net/consent/get/ Frame 4D0B 		234 B
293 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/9427dd0d-835c-471c-a5db-ab01ae8a681c?idt=device&dt=kxcookie&callback=Krux.ns.investingchannelinc.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fe914b2850623c749a0252c42fa922e6add7ddcffa938a4e99e24528cbcee3d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:11 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a014-dub-prod.krxd.net, cache-hhn4025-HHN
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1634151971.382750,VS0,VE30
content-length
193
x-cache-hits
0, 0
get
cdn.krxd.net/userdata/ 		387 B
497 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/userdata/get?pub=9427dd0d-835c-471c-a5db-ab01ae8a681c&technographics=1&callback=Krux.ns.investingchannelinc.kxjsonp_userdata
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8408a222365247c42810574093e699b11e32d773fb94360a0263d5053b05bd2b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date
Wed, 13 Oct 2021 19:06:11 GMT
content-encoding
gzip
age
0
x-served-by
userdata-a017-ash-prod.krxd.net, cache-hhn4054-HHN
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript
via
1.1 varnish
cache-control
private, max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1634151971.433545,VS0,VE94
content-length
292
x-cache-hits
0, 0
usermatch.gif
beacon.krxd.net/ Frame 4D0B
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=google
  • https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T2EwQVRIak8
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEHUdrj81d_SktZBs_0-MXko&google_cver=1
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEHUdrj81d_SktZBs_0-MXko&google_cver=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.41.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-41-171.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:11 GMT
cache-control
private, no-cache, no-store
x-request-time
D=27 t=1634151971
x-served-by
beacon-n009-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEHUdrj81d_SktZBs_0-MXko&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
291
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 4D0B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T2EwQVRIak8
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm=&google_hm=T2EwQVRIak8&google_tc=
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEFr6_fkXorbe3dWmipKNnq8&google_cver=1
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEFr6_fkXorbe3dWmipKNnq8&google_cver=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.41.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-41-171.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:11 GMT
cache-control
private, no-cache, no-store
x-request-time
D=29 t=1634151971
x-served-by
beacon-n018-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEFr6_fkXorbe3dWmipKNnq8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
291
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 4D0B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=krux&ttd_tpi=1&ttd_puid=Oa0ATHjO&gdpr=0
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=krux&ttd_tpi=1&ttd_puid=Oa0ATHjO&gdpr=0
  • https://beacon.krxd.net/usermatch.gif?partner=ttd&partner_uid=1477a98c-c8a7-46df-ac54-fc4002216f30
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=ttd&partner_uid=1477a98c-c8a7-46df-ac54-fc4002216f30
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.41.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-41-171.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:11 GMT
cache-control
private, no-cache, no-store
x-request-time
D=31 t=1634151971
x-served-by
beacon-n014-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:11 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://beacon.krxd.net/usermatch.gif?partner=ttd&partner_uid=1477a98c-c8a7-46df-ac54-fc4002216f30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
227
379708.gif
idsync.rlcdn.com/ Frame 4D0B 		42 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/379708.gif?partner_uid=Oa0ATHjO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Oct 2021 19:06:11 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42
usermatch.gif
beacon.krxd.net/ Frame 4D0B
Redirect Chain
  • https://stags.bluekai.com/site/26357?id=Oa0ATHjO&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DOa0ATHjO%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID
  • https://beacon.krxd.net/usermatch.gif?_kuid=Oa0ATHjO&partner=bluekai&bk_uuid=$_BK_UUID
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?_kuid=Oa0ATHjO&partner=bluekai&bk_uuid=$_BK_UUID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.41.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-41-171.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:11 GMT
cache-control
private, no-cache, no-store
x-request-time
D=28 t=1634151971
x-served-by
beacon-n007-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://beacon.krxd.net/usermatch.gif?_kuid=Oa0ATHjO&partner=bluekai&bk_uuid=$_BK_UUID
Date
Wed, 13 Oct 2021 19:06:11 GMT
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
p
sb.scorecardresearch.com/ Frame 4D0B 		64 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=9&c2=8188709&cs_xi=Oa0ATHjO&rn=1634151971
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.155.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-52.dus51.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:11 GMT
via
1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
dzK_s4WBscay0sz4PFZswSMjPr1Rk4fmH8lyzf0VJdTGfI165ocepQ==
match
ps.eyeota.net/ Frame 4D0B
Redirect Chain
  • https://ps.eyeota.net/match?bid=i0r4o4v&uid=Oa0ATHjO
  • https://ps.eyeota.net/match/bounce/?bid=i0r4o4v&uid=Oa0ATHjO
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MnptNXhsMjh1NUZ6ekNGcFBJT3dySTMxQzB2VHdIeEVvSGpxQTROaDQ2QTQ&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&...
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=i0r4o4v&google_gid=CAESELPul2wpdcB2J8czFJcNJK4&google_cver=1
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=2&dc_mr=5&dc_orig=i0r4o4v&
  • https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=2417546668163973526&newuser=1&dc_rc=2&dc_mr=5&dc_orig=i0r4o4v&
  • https://sync.mathtag.com/sync/img?mt_exid=10015&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D7vi0rg0%26uid%3D%5BMM_UUID%5D%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3Di0r4o4v%26
  • https://ps.eyeota.net/match?bid=7vi0rg0&uid=50066167-2e23-4200-b5ed-83ea8910f6fa&dc_rc=3&dc_mr=5&dc_orig=i0r4o4v&
  • https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3Di0r4o4v%26
  • https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3Di0r4o4v%26&_test=YWcuIw...
  • https://ps.eyeota.net/match?uid=YWcuIwAI3Dkr6gAT&bid=0rijhbu&dc_rc=4&dc_mr=5&dc_orig=i0r4o4v&&_test=YWcuIwAI3Dkr6gAT
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1
  • https://ps.eyeota.net/match?uid=1477a98c-c8a7-46df-ac54-fc4002216f30&bid=1e2n4ou
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=1477a98c-c8a7-46df-ac54-fc4002216f30&bid=1e2n4ou
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 13 Oct 2021 19:06:12 GMT
Content-Type
image/gif
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:12 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ps.eyeota.net/match?uid=1477a98c-c8a7-46df-ac54-fc4002216f30&bid=1e2n4ou
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
191
usermatch.gif
beacon.krxd.net/ Frame 4D0B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://beacon.krxd.net/usermatch.gif?adnxs_uid=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fadnxs_uid%3D%24UID
  • https://beacon.krxd.net/usermatch.gif?adnxs_uid=580923692186269670
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?adnxs_uid=580923692186269670
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.41.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-41-171.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:11 GMT
cache-control
private, no-cache, no-store
x-request-time
D=25 t=1634151971
x-served-by
beacon-n019-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Wed, 13 Oct 2021 19:06:11 GMT
X-Proxy-Origin
216.131.114.109; 216.131.114.109; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
5e8caa27-fd8f-4739-bd03-c76d71331c15
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://beacon.krxd.net/usermatch.gif?adnxs_uid=580923692186269670
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
image.sbxx
ib.mookie1.com/ Frame 4D0B
Redirect Chain
  • https://global.ib-ibi.com/image.sbxx?go=247532&pid=314&xid=Oa0ATHjO
  • https://ib.mookie1.com/image.sbxx?go=247532&pid=314&xid=Oa0ATHjO
120 B
992 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.mookie1.com/image.sbxx?go=247532&pid=314&xid=Oa0ATHjO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.58.232.180 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Oct 2021 19:06:12 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3p
CP=\"DSP COR ADM DEV PSA PSD OUR\", CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
X-Server
LAS11
Content-Type
image/png
Content-Length
120
Expires
-1

Redirect headers

Date
Wed, 13 Oct 2021 19:06:15 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Location
https://ib.mookie1.com:443/image.sbxx?go=247532&pid=314&xid=Oa0ATHjO
p3p
CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin
*
Cache-Control
private
X-Server
COR12
Content-Type
text/html; charset=utf-8
Content-Length
193
usermatch.gif
beacon.krxd.net/ Frame 4D0B
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dpubmatic%26partner_uid%3D%23PM_USER_ID
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dpubmatic%26partner_uid%3D%23PM_USER_ID&rdf=1
  • https://beacon.krxd.net/usermatch.gif?partner=pubmatic&partner_uid=4051A24A-49C2-4797-987F-724EE6681D5C
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=pubmatic&partner_uid=4051A24A-49C2-4797-987F-724EE6681D5C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.41.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-41-171.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:11 GMT
cache-control
private, no-cache, no-store
x-request-time
D=25 t=1634151971
x-served-by
beacon-n009-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=pubmatic&partner_uid=4051A24A-49C2-4797-987F-724EE6681D5C
date
Wed, 13 Oct 2021 19:06:09 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
398696.gif
idsync.rlcdn.com/ Frame 4D0B
Redirect Chain
  • https://fei.pro-market.net/engine?mimetype=img&du=88&csync=Oa0ATHjO
  • https://idsync.rlcdn.com/398696.gif?partner_uid=-6492044713090923506
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/398696.gif?partner_uid=-6492044713090923506
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:11 GMT
via
1.1 google
alt-svc
clear
content-length
0

Redirect headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:10 GMT
via
1.1 google
server
Apache-Coyote/1.1
access-control-allow-origin
*
anserver
gapp-eu-4.c.datonics-gcp-01.internal
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://idsync.rlcdn.com/398696.gif?partner_uid=-6492044713090923506
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
clear
content-length
0
expires
Mon, 1 Jan 1990 0:0:0 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=anotepad.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Oct 2021 19:06:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		89 KB
34 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2014723637856242&correlator=3867613116523360&output=ldjh&impl=fifs&vrg=2021100701&ptt=17&sc=1&sfv=1-0-38&ecs=20211013&iu_parts=15184186%3A21641952176%2Canotepad_leaderboard_atf%2Canotepad_leaderboard_btf&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=728x90%7C970x90%7C300x250%7C970x250%7C336x280%2C728x90%7C970x90%7C300x250%7C970x250%7C336x280&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26floors_id%3Dtimeout%26floors_hour%3D19%26fs_placementName%3Danotepad_leaderboard_atf%26fs_ad_product%3Dsuperflex%26fsbid%3D0%26fspbg%3Dfreestar%26freestar_path%3D%252Fnotes%252F8mgfm8k4%26freestar_domain%3Danotepad.com%26custom_bidder_size%3Dpubmatic_728x90%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.08%26hb_adid%3D1143160994ac25b4%26hb_bidder%3Dpubmatic%7Cfsrefresh%3D0%26fsrebid%3D0%26floors_id%3Dtimeout%26floors_hour%3D19%26fs_placementName%3Danotepad_leaderboard_btf%26fs_ad_product%3Dsuperflex%26fsbid%3D0%26fspbg%3Dfreestar%26custom_bidder_size%3Dsuperflex_970x250%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.06%26hb_adid%3Dab696bde-74b4-40aa-b7a1-7736b4bc9128%26hb_bidder%3Dsuperflex&eri=1&cust_params=user-agent%3DChrome&cookie_enabled=1&bc=31&abxe=1&lmt=1634151971&dt=1634151971461&dlt=1634151970206&idt=556&frm=20&biw=1600&bih=1200&oid=2&adxs=436%2C436&adys=345%2C1535&adks=610960399%2C677789411&ucis=2%7C3&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1115x300%7C1115x300&msz=1115x300%7C1115x300&ga_vid=1441146338.1634151970&ga_sid=1634151971&ga_hid=490125532&ga_fc=false&fws=4%2C4&ohw=1115%2C1115&btvi=0%7C1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
867f961f194b5d150ed97de92a5920b39cb7426b9b9882beef7aa71003df01f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34288
x-xss-protection
0
google-lineitem-id
-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://anotepad.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
beacon.krxd.net/ 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/pixel.gif?source=smarttag&fired=report&confid=womptv2nm&_kpid=9427dd0d-835c-471c-a5db-ab01ae8a681c&_kcp_s=Freestar&_kcp_d=anotepad.com&_knifr=3&_kua_kx_tz=0&geo_country=de&geo_region=he&geo_dma=276003&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_kx_tech_browser=Chrome%208&_kua_kx_tech_manufacturer=Microsoft%20Corporation&_kua_kx_tech_device=Computer&_kua_kx_tech_os=Windows%2010&_kua_kx_geo_country=de&_kua_kx_geo_region=he&_kua_kx_geo_dma=276003&_kua_kx_whistle=0&_kpa_url_path_1=notes&_kpa_url_path_2=8mgfm8k4&_kpa_domain=anotepad.com&t_navigation_type=0&t_dns=6&t_tcp=400&t_http_request=-1&t_http_response=1&t_content_ready=693&t_window_load=788&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=true&store_user_after=writpbuqo&userdata_user=Oa0ATHjO%2Cwritpbuqo&sview=1&kplt0=39860&kplt1=47346&jsonp_requests=https%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C131%2Chttps%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F9427dd0d-835c-471c-a5db-ab01ae8a681c%2C63%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C103
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.41.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-41-171.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:11 GMT
cache-control
private, no-cache, no-store
x-request-time
D=48 t=1634151971
x-served-by
beacon-n006-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pubfig.messaging.2.22.4.535fe0f4586de520edb0ca93a1249020044721f7.js
a.pub.network/core/pubfig/ 		182 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/pubfig/pubfig.messaging.2.22.4.535fe0f4586de520edb0ca93a1249020044721f7.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cf833ad810353e51902d525ca24914b6056a1c38b29b03f8315c6757d485362

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=Fyvutg==, md5=NsePhlo24I9sUjcJCDg8DA==
date
Wed, 13 Oct 2021 19:06:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ADPycduf2-8lpovqGZ11POlVmvv5-a_lz54wW0YLlCUZH7DnqO9sKpzY2d_Y_18nrhp5evEaGL1mOe5CufWQsRiQc1vF8_M0CQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
cf-ray
69dad7fe7f8a4e5b-FRA
last-modified
Fri, 08 Oct 2021 15:29:27 GMT
server
cloudflare
etag
W/"36c78f865a36e08f6c52370908383c0c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WYzP9nkEy4Zyo9up%2F9T0o5020IH1z12Rys%2B%2FQ9yKmYYn6pvgltb2nkt38ETCEIlEwUFDImVpvhqCbWMhkaPs0ODXBvtlOty713nsmybmc77tYiWe3fygmJsoLpZKbHk%3D"}],"group":"cf-nel","max_age":604800}
content-language
en
access-control-allow-origin
*
x-goog-generation
1633706967497230
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
186040
content-type
application/javascript
expires
Fri, 08 Oct 2021 18:13:57 GMT
c
c.pub.network/ 		36 B
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.22.4.535fe0f4586de520edb0ca93a1249020044721f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
f6ceb8dacf80b688eac4bab642129b08e42f2a06868a5e245032a37fa19993e1

Request headers

Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 13 Oct 2021 19:06:11 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
alt-svc
clear
content-length
36
container.html
d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 06E0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://anotepad.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 13 Oct 2021 19:06:11 GMT
expires
Thu, 13 Oct 2022 19:06:11 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021100701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
19a01f2044b1b1eb7b56f4d7e70498e95844a27eee6ef8ef5b48f4b0c0986659
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Oct 2021 19:06:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8452
x-xss-protection
0
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8960441935629234263/728x90/banner/ Frame 3099 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8960441935629234263/728x90/banner/index.html
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/8mgfm8k4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
b0d3c714f4853109713859aa132cd874d39ee06b9cf4167c7b4be0efe8a3dfc0
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/8960441935629234263/728x90/banner/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin
*
content-length
870
date
Wed, 13 Oct 2021 05:25:13 GMT
expires
Thu, 13 Oct 2022 05:25:13 GMT
last-modified
Wed, 15 Sep 2021 14:56:20 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
49258
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
B26469436.313919222;dc_pre=CLmGpb6KyPMCFca43godj9oCIg;dc_trk_aid=506387288;dc_trk_cid=157683014;ord=683217727;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/ Frame 06E0
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B26469436.313919222;dc_trk_aid=506387288;dc_trk_cid=157683014;ord=683217727;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua...
  • https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B26469436.313919222;dc_pre=CLmGpb6KyPMCFca43godj9oCIg;dc_trk_aid=506387288;dc_trk_cid=157683014;ord=683217727;dc_lat=;dc_rdid=;tag_...
42 B
63 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B26469436.313919222;dc_pre=CLmGpb6KyPMCFca43godj9oCIg;dc_trk_aid=506387288;dc_trk_cid=157683014;ord=683217727;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
Requested by
Host: d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com
URL: https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:11 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B26469436.313919222;dc_pre=CLmGpb6KyPMCFca43godj9oCIg;dc_trk_aid=506387288;dc_trk_cid=157683014;ord=683217727;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 06E0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=ClnXpIy5nYbb-FJntgQf127uYBsmjuMRlnoavgrwO2tkeEAEg2tfFOWDJBqAB9Li_xQPIAQngAgCoAwHIAwiqBP4BT9BoW3IfNSw6kYk9KYlmfdCveFERDXknX43-r9jDJPOH2DC3w-mNn4VUnI6QtTa5JVSsqKNPU0TdZ0MxkTgh1ecIjXuOh19HUWqyeTLireG8oPJ2Sz2p4VMltH_qmxAtGk51JX75DpXc3wG2tcl2N0t1H_eocMopFZJE1ZWL7qWDzICqJPUkGniUjIw__mq86du42qj8m8GRx-B9KXwa90EKHdBfdNBsmba-lTDfj2smoCeTE0asiwVfxRuJedXbMU4mWAkO7N453w9_rVnUBpF4bIiOzGOIvpCAU22a-2ASf41GRNpj_tOpmUezbCOd-kroRqYJg0YX0CXwcVPABIfI8ZTZA-AEAZIFBAgEGAGSBQQIBRgEoAYugAeZ6pGjAagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwDyBwQQ06AD0ggHCIhhEAEYHYAKA8gLAdgTDdAVAYAXAbIXHgocCAASFHB1Yi0zNjA1MjU3MzYwODUzMTg1GLrIFw&sigh=DcwNQgDb4Eg&template_id=419
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/8mgfm8k4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/ Frame 06E0 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/abg_lite_fy2019.js
Requested by
Host: d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com
URL: https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7691
x-xss-protection
0
server
cafe
etag
14402072889669646931
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Oct 2021 19:06:07 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 06E0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/window_focus_fy2019.js
Requested by
Host: d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com
URL: https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:05:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Oct 2021 19:05:36 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 06E0 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com
URL: https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37935
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1633952256361887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 13 Oct 2021 19:06:11 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 06E0 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com
URL: https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:02:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
215
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6281
x-xss-protection
0
server
cafe
etag
18349783599053866072
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Oct 2021 19:02:36 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Wed, 13 Oct 2021 19:06:11 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 04EC 		143 B
447 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com
URL: https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUnf2-E8aeNELiLthrv3wy6W9-VyedilFSLD2Op1ffoNed7Q85iTIWmijdr_ze0; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 13 Oct 2021 18:54:37 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
694
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 3099 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8960441935629234263/728x90/banner/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:24:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63693
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 14 Oct 2021 01:24:38 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 3099 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8960441935629234263/728x90/banner/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 23:30:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70541
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 13 Oct 2021 23:30:30 GMT
lottie_light.min.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8960441935629234263/728x90/banner/ Frame 3099 		153 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8960441935629234263/728x90/banner/lottie_light.min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8960441935629234263/728x90/banner/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
3d4fe926f70e2866ad9873c60e853ec366cd923a0c93f2965698eea72bbf16ab
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
49257
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42924
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 14:56:20 GMT
server
sffe
date
Wed, 13 Oct 2021 05:25:14 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 13 Oct 2022 05:25:14 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 7A4E 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://anotepad.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Wed, 13 Oct 2021 19:05:04 GMT
expires
Thu, 13 Oct 2022 19:05:04 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
67
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame F8AF 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.132 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f132.1e100.net
Software
GSE /
Resource Hash
cfac7eb5d2110e8d38b369957d0367a02b179529dcd322feff8ab35a2fe03f27
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Q47VxXiusemZzPw1Gt72vA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://anotepad.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 13 Oct 2021 19:06:11 GMT
date
Wed, 13 Oct 2021 19:06:11 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-Q47VxXiusemZzPw1Gt72vA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 06E0 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
75b1fec1f7df37c8e8e3deba868a4935bb1abd71b4bd6cccf677fdc46e469fd4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
data.json
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8960441935629234263/728x90/banner/ Frame 3099 		75 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8960441935629234263/728x90/banner/data.json
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8960441935629234263/728x90/banner/lottie_light.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
84ad400cfc4d16b827aa72aeb3942b71920a59abab300ab54c411b1a138b2fb3
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
49254
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9221
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 14:56:20 GMT
server
sffe
date
Wed, 13 Oct 2021 05:25:17 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 13 Oct 2022 05:25:17 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F8AF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021100701&jk=2014723637856242&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
si
googleads.g.doubleclick.net/pagead/drt/ Frame 04EC
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com
URL: https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUnf2-E8aeNELiLthrv3wy6W9-VyedilFSLD2Op1ffoNed7Q85iTIWmijdr_ze0; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 13 Oct 2021 19:06:12 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Wed, 13-Oct-2021 20:06:12 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 13 Oct 2021 19:06:12 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 13 Oct 2021 19:06:11 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js
pagead2.googlesyndication.com/bg/ Frame 7A4E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
3a9d21d68e1b2c04efe067a4c3cef02c886e221937994810d4f5cb5525545e99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 10:30:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
203757
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13306
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 11:38:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Tue, 11 Oct 2022 10:30:14 GMT
img_0.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8960441935629234263/728x90/banner/images/ Frame 3099 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8960441935629234263/728x90/banner/images/img_0.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
bebe46bc6e34d473754ae363d7be2509ff80e349c3e7f80cf407698ba3fb9906
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
49252
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12234
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 14:56:20 GMT
server
sffe
date
Wed, 13 Oct 2021 05:25:19 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 13 Oct 2022 05:25:19 GMT
img_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8960441935629234263/728x90/banner/images/ Frame 3099 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8960441935629234263/728x90/banner/images/img_1.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
d931d1e6c2e9c92c4e45f49d2b671c33115031d9eca9dc31a85a5fdf3e1d9652
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
49252
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4373
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 14:56:20 GMT
server
sffe
date
Wed, 13 Oct 2021 05:25:19 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 13 Oct 2022 05:25:19 GMT
img_2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8960441935629234263/728x90/banner/images/ Frame 3099 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8960441935629234263/728x90/banner/images/img_2.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
4d9dc9a42d525f6363c5f0137f3065ccb9497639d53f8e28b3aff09a77d5f23d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
49251
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3748
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 14:56:20 GMT
server
sffe
date
Wed, 13 Oct 2021 05:25:20 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 13 Oct 2022 05:25:20 GMT
container.html
d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 46E3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://anotepad.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 13 Oct 2021 19:06:11 GMT
expires
Thu, 13 Oct 2022 19:06:11 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EB98 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://anotepad.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 13 Oct 2021 19:06:11 GMT
expires
Thu, 13 Oct 2022 19:06:11 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
fslogo-green.svg
a.pub.network/core/imgs/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.pub.network/core/imgs/fslogo-green.svg
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.23.1.535fe0f4586de520edb0ca93a1249020044721f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecc20ed3c5dedbe5bbe73d1e7b14270c65a85f7d0ec4c94c4f0c9f0071e471a2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=Jh+rSg==, md5=Mm1svZd2V+EgW9YW0fL6yg==
date
Wed, 13 Oct 2021 19:06:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ADPycdvc6wdj3QRU7v2ElxAwAXCq5Ip5cNmBjWMcv6OyV2m9jnO_q4AF54RXzcA3OTi5vhshBfgaUAzclHoTTRi6ul0
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-type
image/svg+xml
last-modified
Tue, 08 Sep 2020 17:04:37 GMT
server
cloudflare
etag
W/"326d6cbd977657e1205bd616d1f2faca"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k3RzH1xr5c%2F3ZKPgPVVmxcPN4DQrgGsJwWrpDjrub9DUd%2BAuE%2BJjaNSsA9PW20i3Mmr8rAj5pFI6JuBKr4sWsPwaXb%2BzDV6GyJBTNX7OCxKL986tM8BDnADhNLonJXE%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1599584677716817
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
1193
cf-ray
69dad8016f134e5b-FRA
expires
Wed, 13 Oct 2021 19:02:32 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
2581d556ceadd8cdd3eb15509ff94501871552563a71381393fc7b59611cbc1e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:12 GMT
content-encoding
gzip
last-modified
Mon, 04 Oct 2021 12:34:24 GMT
server
nginx
etag
W/"615af4d0-1535c"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 14 Oct 2021 19:06:12 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 46E3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuS-efzOV_oLUR3RuZlPlZfd_zKyIGLUYbpaFWyaYFxdZ2XwCqqC9kMi6cJp3jAH-GpBwKamiIUi-QDTWuqj1U-xGWZb1xLlg4nP3f9pGqBlf6HlFQhMHEBxy5M53AyYjTf6ObdQWA8EWnenjcUcTf61ztTjqC5L5AxA-xQ7eqHYliQbyg_hg7D2BWiTcacP_cpghUL0F2Xju_uLL2cCGA1wYjDItkNfaqpLwX-xR0xc0fpiTrNH095-vFYBjxyhqfrb7oyZeU_6qgsa5UK-CxCAzGL3JjL_MKt2vPFqg2g5_MgzPl5GwONP5Q_SmfcQuoC7Lm8qIk6-TKyxCGn2wbYCwzqv47FU8vClBdvBUrl7KlxBx1flHxcJI6vxQXy3JXLRcMhE6NBX2z9Iwadf9KdoXuPba7IxdZK1e5bH4QmNL6Nje8gQ_j6cP0gC7UZYOvVcys95GBbWtZXnwN0vkZGCxXynP3i2_bdkUvWmhsmc3gZjgprIPQ92JwhGQV5K_yz93dNXbTmYkWZ6XJVE5pd5IQgXVagcMWFiSimUGVEXMv1jYt3D-TGNmGTewj2thaxKemaVvWibVODBRswpz-QO06tsO0KayvmxLyGLnevNcva-zESFW8jw06mHnXJulfQWH3u6WMPM0aiUJtLMOHSIHjpV1n8RdYGGnsVWnYLYQ_1PO5kJ_lFxOD7hXaqYg0gtBnrzsNu3HaN58ZqP59ZME9eWqQAOYtVEp_ibMeEkAWe0KT6aIfSpX-WkycsPmJQ9MPCJfVqoQDTC1RqbugY_YhfZAbtXq7liaOgP35o7lMpJZwiC5aKBkFnNdcKkBZN0tH4qsMtI111r_zVnu9vHDLtaIjAG3r_AbTDI2yHfRteBAP5D9CWKumLpS4oupLRyBvaOo5gPMsd1rojtwnbvIhkgW9jovjgrIhfe3paLXBAHiHw2t4wVD5MolZ5u8vdGv9lPy6mzyGO7nqv98Om09lg89L8zktwnc0iJbQgZ1L24rz2Ee-Pf9qxmMmyyoSc7iYwlvfxF98evqU55v5EITOrqmLK5Znw7D6wVnQqNRo&sai=AMfl-YSa1odNZo01_h8voBGfuoANeTV8dGMOVAM3qatUVGB4A9Ymd7HLFoX9yr3m2vVS5qHoZLtaxenoFVvDOFQlkh65FCQJjBYX2OBGaHd_HgLlPADtErZ79Qwbv_lB_vSy&sig=Cg0ArKJSzPc8NU3VzD2fEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/8mgfm8k4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Wed, 13 Oct 2021 19:06:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 46E3 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/8mgfm8k4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 17:46:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
91188
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Wed, 12 Oct 2022 17:46:24 GMT
m_js_controller_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 46E3 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/m_js_controller_fy2019.js
Requested by
Host: d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com
URL: https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
4b9ec88112cdc4fa1a5fdf1c25ef72fcec2bac8433e46d3563b0fd2a2c4e8a19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:05:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12879
x-xss-protection
0
server
cafe
etag
16202379683927501648
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Oct 2021 19:05:14 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 46E3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/window_focus_fy2019.js
Requested by
Host: d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com
URL: https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:05:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Oct 2021 19:05:36 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 46E3 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com
URL: https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37935
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1633952256361887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 13 Oct 2021 19:06:12 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 46E3 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com
URL: https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:02:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
216
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6281
x-xss-protection
0
server
cafe
etag
18349783599053866072
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Oct 2021 19:02:36 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/ Frame 46E3 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/abg_lite_fy2019.js
Requested by
Host: d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com
URL: https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7691
x-xss-protection
0
server
cafe
etag
14402072889669646931
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Oct 2021 19:06:07 GMT
AHS_Static_300x250_FallCampaign_SpiceUpTheSeason_ShopNow_NA_NA_NA.jpg
s0.2mdn.net/8450851/ Frame 46E3 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/8450851/AHS_Static_300x250_FallCampaign_SpiceUpTheSeason_ShopNow_NA_NA_NA.jpg
Requested by
Host: d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com
URL: https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f102.1e100.net
Software
sffe /
Resource Hash
394bf8b91c1c3866ccb590356e6264a17872a240a53d953eec570bd31a446c14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 17:14:02 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Aug 2021 07:44:48 GMT
server
sffe
age
6730
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36366
x-xss-protection
0
expires
Thu, 14 Oct 2021 17:14:02 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame EB98 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu6pX5S-BWSv4fs5_mNe3rb_PVQPdlKqNYKH711QshbnDIQOIU9nUi5OR3py4Lix19g5_-p9Xs6J5qAR5BkPrCHZ5LNqHi_UZCowISCTb1dcQ5qPoIMv2pJVifIO7BuIX77cKWSTzdiMpBFLwQ2gD1rD1GdlovOEyOZPdgqXDt6vuLP_bIBp1ge-6B4T4Fy3bM8CiTTDGMd6DFdbzcQC-LleMmd1uwGZYZeWMQh-_82yoG-_IiI3cxIBRZ641Df2N0qfX57TcUvyI1UffvVR5HRLWBPtga6yTM9H7hYYBSmbymtVDxcrehsFzDLdfUyIrJcEAw6BKhWJxykMxzph7FHiaLeXOXARILIS-h3-L2a8_fhR56_IaEcHB1R6aoCKe_NmbGC2lb1WkGuHr9P6dh0q4fhTiUciv3gXEZdf4thTEapRKSfoVcDGM6fwYn6rIQeLTFqczRmiwSD6M7JnRdN5msdDDxz5BCPewRZIhc4bSqVNeyOg9MTmoimkaeItds4sws_YO76M8jTWXIyZGDXNGWtDDAbe7IMrtiOh6C7NJiQphyRbXvmIubz55eRU64yWEdR3WFsP72oc9jUM-z6-IV8w1iiH4OlF7dkbkgfFg66s01xDDbft_LRLLxTJCVd9_h2dIIXoJXHP5cyj0gErLl5jAte8Qghzfn3keJMQ1CCPXTjOzhIoJy-9eIY3gBwm6Xoary-JhTgbCJD41Y8iP0AjncVUCb6FetP04p2okz07NwPdcMeydO2yH52R8w9WDoJELoCL2GlHerZT3cGbfx-2Gef8HNA7oAAmL8WEiJxbcz0jZLXSYy7v1mHJKD1ibp5XJNKmkbCq7lPA9pXdLaO0yVk4xZfHabUV9Pk76xnzE9fhxSIsxJXpZMOQdQELOK1CWGa4ZKWsZBRdEwdLqo_Z-25gLmzhtOVBn3DJmACN8jkTe6iyut0V8Pqf3sEeZbxuuMZDsPu1zycI2V4NCO32FtLch-qk9-nAcS4FSgE1byLmW8487ayCMl7bmuplFaNItHvXk-VlvitDV2ZKlTxWU8qrNo4pnPnNsY2l5mmIUUJ&sai=AMfl-YQoEwJIzwH-QH9L1Blzr9xteF6iT8j74Dyi4WRJjLlg4Y3B3Hxc37zGqTRvqxf0_E3Rms_JYSp0ht4DgfBZIPKnc-3qyxcBnac3xSzhvkCQdaBkxW01r1F-5oMx_fEl&sig=Cg0ArKJSzIBBciQuRNtLEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/8mgfm8k4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Wed, 13 Oct 2021 19:06:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
AHS_Static_300x250_FallCampaign_SpiceUpTheSeason_ShopNow_NA_NA_NA.jpg
s0.2mdn.net/8450851/ Frame EB98 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/8450851/AHS_Static_300x250_FallCampaign_SpiceUpTheSeason_ShopNow_NA_NA_NA.jpg
Requested by
Host: d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com
URL: https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f102.1e100.net
Software
sffe /
Resource Hash
394bf8b91c1c3866ccb590356e6264a17872a240a53d953eec570bd31a446c14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 17:14:02 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Aug 2021 07:44:48 GMT
server
sffe
age
6730
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36366
x-xss-protection
0
expires
Thu, 14 Oct 2021 17:14:02 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame EB98 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/8mgfm8k4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 17:46:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
91188
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Wed, 12 Oct 2022 17:46:24 GMT
m_js_controller_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame EB98 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/m_js_controller_fy2019.js
Requested by
Host: d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com
URL: https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
4b9ec88112cdc4fa1a5fdf1c25ef72fcec2bac8433e46d3563b0fd2a2c4e8a19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:05:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12879
x-xss-protection
0
server
cafe
etag
16202379683927501648
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Oct 2021 19:05:14 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame EB98 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/window_focus_fy2019.js
Requested by
Host: d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com
URL: https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:05:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Oct 2021 19:05:36 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EB98 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com
URL: https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37935
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1633952256361887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 13 Oct 2021 19:06:12 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame EB98 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com
URL: https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:02:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
216
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6281
x-xss-protection
0
server
cafe
etag
18349783599053866072
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Oct 2021 19:02:36 GMT
l
www.google.com/ads/measurement/ Frame EB98 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaThbc0a6xqKfUdm2yw9BrRcjbnuAsEvRrVZPDyLRVZn11KVySnfGLN4jDTNpWyIDjehWOg_NYmgtpWThu-zlrXn1P62Tg
Requested by
Host: d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com
URL: https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.132 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/ Frame EB98 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/abg_lite_fy2019.js
Requested by
Host: d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com
URL: https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7691
x-xss-protection
0
server
cafe
etag
14402072889669646931
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Oct 2021 19:06:07 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021100701&jk=2014723637856242&bg=!PT6lPnrNAAbGFvHlxhY7ACkAdvg8WqbKsud8whor2BU0MN2iayX9qgxoinQkdYAExxeeVjGPErAzVgIAAACMUgAAAA9oAQcKANKx6A6258Xdg_5wgVgJp2xFk-MM2awHkOt_fphdPVUX-_Il8Hh-dUZizjiZRGskFuP7gOpn4B464Vu8fEWRItscytVhVpGT6sQcJ-1iFpfYkhrs4G9WyJzgOMqQ6CEoUN8GX8ZnqSPbL1sedZA3xskUZMrTzyDSBSEPiW0aaID2NlWy2ANq9Pz73nW-1gq8HywI1l8D0k8dJrVqyXuskItyaz_LjMrSpQIVr574jXkHXobCp0Y1lDutXYwYJC0EeGSRaLmMqyebG-yzTj9rQzOWfhGZAn5H20TcCfYjAf0JWeEJ_59PntCfyZgNUHYrNsvXmGW82QzUyRs0_vRptjbTG9ksLZ3PPAvpx6Ms5KRcGu2JE4UB37V78D70DC06jC4NOU_jkSYUJYthNcWVQKNbKYl2siA37lQeZXKF-68n0NMYOWDKn6EZ6W6ah-94E-_haP4Qe0MFV90kXXjPl8X3eLRsKcIAWLN2Z8L8hKhPNhrj6Wn5fyB7AAKa821SfOvGYHc3w73Y2TpIPKA9s-Fml72lfrQMKuHhZi_jub2Q9qS7PGzUS4QZi_vxkQYULJY6Ljkphuo4mYOTP1vLwXMbbs3j81stOlDgCz2L70Vp29x_1l98AxgfGjIq5Rqw_r5FvZa3s0dxaqqlgdV8x9OPXzS-geJDNBLEwWGzmAW2oZjpr625y1qSqhTHQs2fViZi_8uLJBAOIbBbMPhVeukEmBn-f2y2ESHNdjyInS6HdQIAMCau3sUgny2G4kNpQLL01o7dx1SDjegi0Im8q7uJfkZhczwFAqdu06dUwVDjvD3E8vYF7MF_wiFnOhUyMwPrHu_IgxEpMnAx8JMlN6oJI2Gxxo7hgUIpadIT8Lv8C0vMQyZQk4E1lCAziQ_xAA1xBa_LA4Dnv6br-Sac6iTYi7a9TJZ0-Smo78hf7rK8Pk-pPs93l-yk2jliC-XamAJfJbjjuXbjT760amE-ufQJzikCEQHec715fxLsgMCveKnaZky9NKDzQ6bxrC6as4bzr2uSBR2QBJOZ9V4lMU9NpW-wy8Q8O2k6oYcX-OTCNeCMU-HV2Jzf1AVVQrSB_gHlQd4-fMEMC6GGAYiAcrWn3y-28c0FDV11v5hIF-5BFB0vnw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c
c.pub.network/ 		36 B
98 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.22.4.535fe0f4586de520edb0ca93a1249020044721f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
f6ceb8dacf80b688eac4bab642129b08e42f2a06868a5e245032a37fa19993e1

Request headers

Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 13 Oct 2021 19:06:12 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
alt-svc
clear
content-length
36
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B5A9 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Tue, 12 Oct 2021 17:46:25 GMT
expires
Wed, 12 Oct 2022 17:46:25 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
91187
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0434 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Tue, 12 Oct 2021 17:46:25 GMT
expires
Wed, 12 Oct 2022 17:46:25 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
91187
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 46E3 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
97d55994dafdc98fa17c99c5c39197d31cec5b963819d585ba4b8c580119947a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame EB98 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
721e1d56c8936ca5c30b770768b5013e0c7859bc5e9f8954ebb242e9d0079e5c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
syncframe
gum.criteo.com/ Frame AE18 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=anotepad.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
9413ac70f0dfa293eae8e934799be6a1cde8cd96db876ce9bd127c41630847ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?origin=publishertag&topUrl=anotepad.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://anotepad.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
1736
set-cookie
uid=669f4cdb-25ac-42e4-beb4-c3a78f8f3c23; expires=Mon, 07 Nov 2022 19:06:12 GMT; domain=.criteo.com; path=/; secure; samesite=none
date
Wed, 13 Oct 2021 19:06:12 GMT
content-length
4683
publishertag.prebid.js
static.criteo.net/js/ld/ 		85 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
2581d556ceadd8cdd3eb15509ff94501871552563a71381393fc7b59611cbc1e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:12 GMT
content-encoding
gzip
last-modified
Mon, 04 Oct 2021 12:34:24 GMT
server
nginx
etag
W/"615af4d0-1535c"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 14 Oct 2021 19:06:12 GMT
Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js
pagead2.googlesyndication.com/bg/ Frame B5A9 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
3a9d21d68e1b2c04efe067a4c3cef02c886e221937994810d4f5cb5525545e99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 10:30:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
203758
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13306
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 11:38:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Tue, 11 Oct 2022 10:30:14 GMT
Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js
pagead2.googlesyndication.com/bg/ Frame 0434 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
3a9d21d68e1b2c04efe067a4c3cef02c886e221937994810d4f5cb5525545e99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 10:30:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
203758
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13306
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 11:38:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Tue, 11 Oct 2022 10:30:14 GMT
blacklist_script.js
tagan.adlightning.com/freestar/ Frame E244 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/blacklist_script.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.23.1.535fe0f4586de520edb0ca93a1249020044721f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.155.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-24.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
812120e5ae14c01f8e582a6f65d8edd5be512183469167e1b4aa44babf4f16fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
iLtm3WArn1UQA7hZE5TQ9ishanoupQoT
content-encoding
gzip
etag
"5eb30c80051cf1068fd5977c36ebf0e1"
age
3357
x-cache
Hit from cloudfront
content-length
20181
x-amz-meta-git_commit
e1f86f1
last-modified
Tue, 12 Oct 2021 13:45:58 GMT
server
AmazonS3
date
Wed, 13 Oct 2021 18:10:16 GMT
content-type
application/javascript
via
1.1 892b66fb24658030c9f86276c7abeda5.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-amz-cf-id
Ga0_tA2Lby1qJ9LoTk9_nXks2PxMtDsekVlpTd_1wogofGwz2bBMLw==
blocking_script.js
tagan.adlightning.com/freestar/ Frame E244 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/blocking_script.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.23.1.535fe0f4586de520edb0ca93a1249020044721f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.155.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-24.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
922851ab1a5fce51fbdb9306f1329bf8e80919b6c443b38792b183da23d15314

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
R.x5oR3GjWAbHx1STHS0QVxqj_adXYaJ
content-encoding
gzip
etag
"740bb6532e59e4676cc74228cc09fc36"
age
86054
x-cache
Hit from cloudfront
content-length
28519
x-amz-meta-git_commit
7b120a5
last-modified
Mon, 16 Aug 2021 16:44:53 GMT
server
AmazonS3
date
Tue, 12 Oct 2021 19:12:11 GMT
content-type
application/javascript
via
1.1 892b66fb24658030c9f86276c7abeda5.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-amz-cf-id
dVlj3G-sBCs1sakPBUjBGGYx6XsA5_lP3LIbLl7ooqV_f4q0nzp0MQ==
AdDisplayTrackerServlet
pr.ybp.yahoo.com/ab/secure/true/imp/6WekskeMtyWnIm8CoU7ifL095vy384r4vU_-HuwKtvo47_ToER6pzp2bu-Nslt1RfKbkqHb-ZX1_KjBoqzihCTy8S6xXcB0BmzTLHHkKCJfMG2Fdyt4biPMdkiLbXUjqpcbOgmkwMFdqgVQMK4Ntci73vM2jAvMYp... Frame E244 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pr.ybp.yahoo.com/ab/secure/true/imp/6WekskeMtyWnIm8CoU7ifL095vy384r4vU_-HuwKtvo47_ToER6pzp2bu-Nslt1RfKbkqHb-ZX1_KjBoqzihCTy8S6xXcB0BmzTLHHkKCJfMG2Fdyt4biPMdkiLbXUjqpcbOgmkwMFdqgVQMK4Ntci73vM2jAvMYpPJNhECGXWYDScTbKTQTcKjDd9tcTd1yMM-NO6g0hos-yjNUm51ZkJGklHa6RKbD7B877cYYwsoJfZ5w2SSno3vS2lmJhqOC2BVvikpxiBmz0VCxQgSLtrrIt0Ypz3cYfilYqzNwlfZcmVox4sH6Rn31uACyu3f_9OG_vHfDxfyI30DEbGp2-snYTPH0N7xjrN2j6gWC3VaggG18KA63-mSYy8m9rxbUAizo9TrJRHNjwXMVxz54O3WEm15bv3L6-ciLy7DhhIWklwCI8w_7r6-yILFmIP-7T2kBOS_H9sNUNYese2DuNusud4z51GVEGieHwSXJaBypsznbj2D0lRRndSt1BgDlumUaiEyAVxP8uLkBr-KBRRqkNNIjVZpEpe6614pMHfJ3h8dpWga1im3xoTk_PzhgmcsOlgR7Kk_Z6CT-RUdDxlTLKlzyrDf6ZAzq9_eWR7bzm22ejXtSiyrjcgHwJ9E1YGMYyVrID0FaYS5ZiOIZJCbHvKyP_MKQ40cDgmTRD7ZTOCNfiuKyItSjJ_t7Ej1Lj9S8N5efORQVTul2hKUI7Ani_DCosgpPdUh2EwzcJ0CzcV0NtRUQVCgC2s7bhPuBn4uZLRnmhIdcALUdiIEY68H6SNcwe-AfXBNTFV9fONcFTVPSQlLSRwqqkP0EQ02Pyv4hO0wh6eNiunYDgOu2mPTLFSW1IhpqYPIwP_xKQfT8C9P2f6_z9CKSkl2WGQVp_Z8Vt351J9AW3oWyuSuL-RrFwccIcU6TCT7IGkR0jQeFLjxZRmMGjCvs_nGVo5aO1W_bF9G2ujdu4MS2uJQNceugCgXslOSb9hgW7h7drKwHcLWRXq5MYcaqVmTgPGwJVv2RN2alg7691N1sIcrLbTHVxB8kmoK1kYoTsdQC-fvwlVCvIJKMfLOWUBLiW3w0KpePa9R8HlTuSRvNlp8a4Xui6U7-B67FqZ_1ipgy4AX3gNTFOj4Re52R1j7B-wLgiH9L37ZJoFvuH9ZOQ6kCrZub7pxqcX5iGqB90x-t6hvbAbwaN90aQYJeM9ad4CxxkDtTX6nuvKzHfXfKqjRT1wQQ_0Lf4v_AVBztwcVaMrZMxpD-mC1dZhHWPqzW0vXIzLTWEytU6sMHIAiSPN-iCblkqRbyPR_ZNDt85ZVQ3NxopfiA9EC6kX0mKXlBJpL9ew1ouTSlk69XDbyN2WyMf1YcR04ju1YI9342oYdfzPOF70hUxtPZTeoa0fmX6_MKKmKcQj_zlWEBdpesR9VfnNiDl_7w7M-Z/wp/0.024669/pclick/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjY5NiZzaXRlSWQ9MjY5ODg1JmFkSWQ9MTMyNTE3NSZrYWRzaXplaWQ9OSZ0bGRJZD00MjI5NTc1NCZjYW1wYWlnbklkPTIzMDI2JmNyZWF0aXZlSWQ9MCZ1Y3JpZD0zMjc0MzE5NjU2NzYzMDk5NzQ2JmFkU2VydmVySWQ9MjQzJmltcGlkPTUyMzFGMDI0LUNCMDgtNDc5OS1BQjUzLTgyQ0Y4MURENjNDNyZwYXNzYmFjaz0w_url=
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.118.23 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
e2.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
7284fb1f16b44072acda2a8e8651f8d65d7d27893040c8cb67b81dad776bb134
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:12 GMT
referrer-policy
no-referrer-when-downgrade
server
ATS
cache-control
no-store, no-cache, must-revalidate, private, max-age=0
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
content-type
text/javascript
x-xss-protection
1; mode=block
expiry
Thu, 01 Jan 1970 00:00:00 GMT
public-key-pins-report-only
max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="2oALgLKofTmeZvoZ1y/fSZg7R9jPMix8eVA6DH4o/q8="; pin-sha256="Gtk3r1evlBrs0hG3fm3VoM19daHexDWP//OCmeeMr5M="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="JbQbUG5JMJUoI6brnx0x3vZF6jilxsapbXGVfjhN8Fg="; pin-sha256="SVqWumuteCQHvVIaALrOZXuzVVVeS7f4FGxxu6V+es4="; pin-sha256="UZJDjsNp1+4M5x9cbbdflB779y5YRBcV6Z6rBMLIrO4="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="cAajgxHlj7GTSEIzIYIQxmEloOSoJq7VOaxWHfv72QM="; pin-sha256="dolnbtzEBnELx/9lOEQ22e6OZO/QNb6VSSX2XHA3E7A="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="iduNzFNKpwYZ3se/XV+hXcbUonlLw09QPa6AYUwpu4M="; pin-sha256="lnsM2T/O9/J84sJFdnrpsFp3awZJ+ZZbYpCWhGloaHI="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc="; includeSubdomains; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only"
content-length
2854
x-content-type-options
nosniff
blacklist_script.js
tagan.adlightning.com/freestar/ Frame 1099 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/blacklist_script.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.23.1.535fe0f4586de520edb0ca93a1249020044721f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.155.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-24.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
812120e5ae14c01f8e582a6f65d8edd5be512183469167e1b4aa44babf4f16fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
iLtm3WArn1UQA7hZE5TQ9ishanoupQoT
content-encoding
gzip
etag
"5eb30c80051cf1068fd5977c36ebf0e1"
age
3357
x-cache
Hit from cloudfront
content-length
20181
x-amz-meta-git_commit
e1f86f1
last-modified
Tue, 12 Oct 2021 13:45:58 GMT
server
AmazonS3
date
Wed, 13 Oct 2021 18:10:16 GMT
content-type
application/javascript
via
1.1 892b66fb24658030c9f86276c7abeda5.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-amz-cf-id
2ucZcPsjnWDqzlrcQvvgHT_BRY0Zjvzlw9Y-6y_pCsEFcHcETaDh0w==
blocking_script.js
tagan.adlightning.com/freestar/ Frame 1099 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/blocking_script.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.23.1.535fe0f4586de520edb0ca93a1249020044721f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.155.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-24.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
922851ab1a5fce51fbdb9306f1329bf8e80919b6c443b38792b183da23d15314

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
R.x5oR3GjWAbHx1STHS0QVxqj_adXYaJ
content-encoding
gzip
etag
"740bb6532e59e4676cc74228cc09fc36"
age
86054
x-cache
Hit from cloudfront
content-length
28519
x-amz-meta-git_commit
7b120a5
last-modified
Mon, 16 Aug 2021 16:44:53 GMT
server
AmazonS3
date
Tue, 12 Oct 2021 19:12:11 GMT
content-type
application/javascript
via
1.1 892b66fb24658030c9f86276c7abeda5.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-amz-cf-id
N_iW_uXFjK3dWKoKpC-an1_8zj2jHojmiC9746ZogNkc2J4qTEmRwg==
AdDisplayTrackerServlet
pr.ybp.yahoo.com/ab/secure/true/imp/35TgWuCNilldQUbS77G8O6Od45vnhR93uTAEaNsU0IiiaxZB6268tSH-fNXhBIF8E-JyzdQaNuDcU5b9eUcpP6MYUELCqZTsWL5xNw0TlMAF3zkJ0EMnpjCZLb6f0qhuQPffTGd_mDwCSiKRCLd6DBum5lI_l7NvL... Frame 1099 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pr.ybp.yahoo.com/ab/secure/true/imp/35TgWuCNilldQUbS77G8O6Od45vnhR93uTAEaNsU0IiiaxZB6268tSH-fNXhBIF8E-JyzdQaNuDcU5b9eUcpP6MYUELCqZTsWL5xNw0TlMAF3zkJ0EMnpjCZLb6f0qhuQPffTGd_mDwCSiKRCLd6DBum5lI_l7NvLwsKFxzzIJ9N3i6vqh5Lw7UyfjGtj0RnkwxOA0IRkIGWWtjdL4dV8pqR1dpgITG1T5FgqIsrhdRHH4BGJdsHPa7SChETy0zvdMGRVnFvje4-Ar-xyYFy_Pru_Y5F4kgQstl8oURfRvIJZwsNVqfojYVYtLVJOvUNaG_NDSYC7ia3xXSze4wG39ZA0jNPWCh49GiyuYLLOB5VdN_jbp1Rai3J0E812shi7p_rn5VEFZfznaYYe8TGXXe8h-WIYvscRDwsEuqMghVBuXp8jRRKvHauU8gM6sSVw0Gon_e9qTzJDxQJl7IYtAlZpKib2pgmRJT8KHIwDdOChBjHeJZ_8MwvB4PibI33y69yZF93OWfW32-4UbO11EDVvztXLHH9r4A5gljHfdAUvzQR7akteOorComaeESQ_8zKNCcFqQcVnGh8HXlpAhhjlmvDlvgf8mCZLm_pf4QoIjhE8ZGQgMeNz8NWwEp1O52CZ9FToMw-IxhrEOs5POAfJX8hz4l1BLf1x0w_rTpack3IgQo8jR3fumKJ_zR3rGHIC5cB4DxQ4bUOCd2oVzNE4p7BmXwyhmcvr5vCtlAn676zTOqwQMA7dhEJM2JAac57C7AJ6-0PbDrYOS58YEV31_QpnvUREIMkgWpaNW42iP2MO9oZQjtq1K08ylcbnQgNel1pm7yE-upbREaPtLUvDzXuLksKaAOO9p4Mnj8TzRXztEsqgAM1uLcvuvopq9j9q81V9OuNtyGcdjK2u6YVFQ34LAf0HQTElj9zg5tV-8VcO99-AJcp4QAIAE-t1QPul4VLejyFQto-qCJJrtSOCRzuwTjEpple4N7DT1keBjtRQbE6n-bINm8K3z-4SvcEpFI16ssgoNvXBdVunhDnMRyD3yYRHx1BEQZcYJbztsNweLc7ytCmu16cnLte5VzuFCIynjJJqiegB8kzXwHIqM7OeahxjFVxxMYtnrU-X9Yk0de_Jikhoxw6Lmh8OT2B04jpBgud_lp_zTkHLeLxI0sWnthqDMNzbvnMVWGqHUR2yUdEayc5wi6e7UJ1Cg9EdDK2VBZHJroiFhlHlUAF6pLuxzJ5JYU8vZdnZWAnelRrFlAoJs8ZMqBKnVAzUqVhGDaAxuUecT8BGlFzCIfoLKzMTya1O3_D4LVMfHdLJpIcgZIdF2s3LTBHixNJd60mokJY4bQydOeh1ifnMu9vDfOCCRjhw8PC2BOAisRpEfTv-vLlvCC-4DFaFVjd/wp/0.023637/pclick/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjY5NiZzaXRlSWQ9MjY5ODg1JmFkSWQ9MTMyNTE3NyZrYWRzaXplaWQ9OSZ0bGRJZD00MjI5NTc1NCZjYW1wYWlnbklkPTIzMDI2JmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xMjk0NTQ5ODE0OTUyMDIxODQ3JmFkU2VydmVySWQ9MjQzJmltcGlkPTlDQjI0RUFDLTlCMkEtNDkxRi04MUI0LTMxNEFBODMzNUQzMyZwYXNzYmFjaz0w_url=
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.118.23 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
e2.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
610defd9499aceaa18d70483d9a22242df0cfa4c7cbcceda9a652e3dfef84285
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:12 GMT
referrer-policy
no-referrer-when-downgrade
server
ATS
cache-control
no-store, no-cache, must-revalidate, private, max-age=0
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
content-type
text/javascript
x-xss-protection
1; mode=block
expiry
Thu, 01 Jan 1970 00:00:00 GMT
public-key-pins-report-only
max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="2oALgLKofTmeZvoZ1y/fSZg7R9jPMix8eVA6DH4o/q8="; pin-sha256="Gtk3r1evlBrs0hG3fm3VoM19daHexDWP//OCmeeMr5M="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="JbQbUG5JMJUoI6brnx0x3vZF6jilxsapbXGVfjhN8Fg="; pin-sha256="SVqWumuteCQHvVIaALrOZXuzVVVeS7f4FGxxu6V+es4="; pin-sha256="UZJDjsNp1+4M5x9cbbdflB779y5YRBcV6Z6rBMLIrO4="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="cAajgxHlj7GTSEIzIYIQxmEloOSoJq7VOaxWHfv72QM="; pin-sha256="dolnbtzEBnELx/9lOEQ22e6OZO/QNb6VSSX2XHA3E7A="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="iduNzFNKpwYZ3se/XV+hXcbUonlLw09QPa6AYUwpu4M="; pin-sha256="lnsM2T/O9/J84sJFdnrpsFp3awZJ+ZZbYpCWhGloaHI="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc="; includeSubdomains; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only"
content-length
2856
x-content-type-options
nosniff
blacklist_script.js
tagan.adlightning.com/freestar/ Frame 258B 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/blacklist_script.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.23.1.535fe0f4586de520edb0ca93a1249020044721f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.155.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-24.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
812120e5ae14c01f8e582a6f65d8edd5be512183469167e1b4aa44babf4f16fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
iLtm3WArn1UQA7hZE5TQ9ishanoupQoT
content-encoding
gzip
etag
"5eb30c80051cf1068fd5977c36ebf0e1"
age
3357
x-cache
Hit from cloudfront
content-length
20181
x-amz-meta-git_commit
e1f86f1
last-modified
Tue, 12 Oct 2021 13:45:58 GMT
server
AmazonS3
date
Wed, 13 Oct 2021 18:10:16 GMT
content-type
application/javascript
via
1.1 892b66fb24658030c9f86276c7abeda5.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-amz-cf-id
gJa7Q1N7fdOaQXCmZu7BLPdcYAqGEj8C3ALRKefBDjsjh4NCn3WeZA==
blocking_script.js
tagan.adlightning.com/freestar/ Frame 258B 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/blocking_script.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.23.1.535fe0f4586de520edb0ca93a1249020044721f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.155.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-24.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
922851ab1a5fce51fbdb9306f1329bf8e80919b6c443b38792b183da23d15314

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
R.x5oR3GjWAbHx1STHS0QVxqj_adXYaJ
content-encoding
gzip
etag
"740bb6532e59e4676cc74228cc09fc36"
age
86054
x-cache
Hit from cloudfront
content-length
28519
x-amz-meta-git_commit
7b120a5
last-modified
Mon, 16 Aug 2021 16:44:53 GMT
server
AmazonS3
date
Tue, 12 Oct 2021 19:12:11 GMT
content-type
application/javascript
via
1.1 892b66fb24658030c9f86276c7abeda5.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-amz-cf-id
T5dHaV0G8qcixHkhAOXY5oZX1jCQqCxQmKzEDqa0PDRAdnNJPqfBAQ==
AdDisplayTrackerServlet
pr.ybp.yahoo.com/ab/secure/true/imp/SP1xRqgeo_6lWnsuOtyeG9NVbk4V80qoI0lCmtDrMy9KjaPdPVaXJzklbGazfd3JbbH1v-3U_JljyNndXvRKmVOmiKBZPyjZhQ6f2fBf7q8m2n_EHfQa1KxsVTlR9owgTpiiKJ7D0X09Tr0m1-V5_W9vY7Z--dC-e... Frame 258B 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pr.ybp.yahoo.com/ab/secure/true/imp/SP1xRqgeo_6lWnsuOtyeG9NVbk4V80qoI0lCmtDrMy9KjaPdPVaXJzklbGazfd3JbbH1v-3U_JljyNndXvRKmVOmiKBZPyjZhQ6f2fBf7q8m2n_EHfQa1KxsVTlR9owgTpiiKJ7D0X09Tr0m1-V5_W9vY7Z--dC-enNiLe4eSXkFCiC9LVnCdj1JhElw6Hw6B-lBOwjSXfogwn0ogg4mj_WZA3kahM0ydQgZXc5OwTke00su-B_haX3IVIX7R3nGeTbbrEFXJ_xFbn4Y5F0FTp5sD-7FHSab00ozimoyWC5wBVKDCvcPAvap3BtbFOYTaZ4focSKpkY4OJDo3okN2Nf6tep-yGqgnnASvWQV6rpaEInUKdLHakW7-XzCK5qft4BE-3mhq7Ye-P_PJYfydT55W6eTzQkm65tL-y6HWU6Z42aWboOmaxhkIjcR-ITpJHD-cUDJkpigmzZCj8AnUE-E-DUw9H8HNj4HBRbYmuetwA8JROGhFlnPtzgJtQWIkMt1N_ySnAIx-IScxXAP6-dcit0CcP7D__Jg0xqWazT2LA7tw9e-nYQLkeYd273XT6IRS1y6G20DANqho5ym0BvflJ87R9OEDNRaeiQ6a5JkCoIcQlTYGs-yOtYsCkS9jFu_44r9DGj8wesg4zVRraCS8yQ2t9jCQa-UR2bdFI5JpO9yHN1ClN4-PScrpE4jgCgqZ0VjXFa1nrq0aYhC-dk2U7Rpx_2iYy5lv4X6YJbZXxrwKLgUmXrtAYewAvqRIBC8cM5OPmnotNYeAWVpZM8ij_8JbWWELT841APWXOx65fl3q6gUfLE9F29jpUcVqP63Xe6JfmHiSS2mIPFToaJX4gQ-5hRP1AR_EDlPMjPFjkZD4s9UvO3IwylfERk8NXwdM2hLdo9lVY9e7fem4EIGN_aVcbdQBrzSiFWtCG3x7InrvLuuBcpoD1GEbAU3a_mJ8_8QjCykVYWGNjS61Sxf4wzxIbyAC4UMff_9Zft8pxdNDXH-YM9H9VrOPW4jFRefkAn3ab2VWuymVfwhOR-BJhFJI6tf-i1sbB9bW0Ju7PpwUKZx2WON8f1W_Ea-Jf-ZsCabyPuGwSHnMu18zU2OV4CwY68M6lOc86IXupJZY6FMQP4IMLpxrcAWoVSSaxPMjsD9yYeAx78CZvwsk6lnL9IzpPV1X1F3RlPjTvXNzlaP71PwGfNtcCT54Rl41alDxpDYBIAnBtU2wu2fQxMEiLbUUx0I7-UUD-_scv3fzkdWmH7eeJZcFkNVrMK0nexr52k2NPgnM8PjJjXjWctd2_LX4TRb80A5ccSCxlKPyIIO_4mzZ4vQ8i3p8VIyx9G93ICQpw_KD5fxDE3K9pQs2fqtlR2gZvS0goVDEIckk_uc5VxX4uMy3JKfuapo1g3zFYT4jD8SnTadfPsoVA/wp/0.024669/pclick/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjY5NiZzaXRlSWQ9MjY5ODg1JmFkSWQ9MTMyNTE3NSZrYWRzaXplaWQ9OSZ0bGRJZD00MjI5NTc1NCZjYW1wYWlnbklkPTIzMDI2JmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xNzAwNzUwODcwMTY4NjExMDE4MyZhZFNlcnZlcklkPTI0MyZpbXBpZD03MEY4QkMwNi02RDI5LTQ1MTgtOEU1Mi0zQTA2NkVDNDk0RTkmcGFzc2JhY2s9MA==_url=
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.118.23 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
e2.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
f4b12f61ea94f67e2cc131eb12848f620dfadcdc1dbedc69dfee55b71af252f3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:12 GMT
referrer-policy
no-referrer-when-downgrade
server
ATS
cache-control
no-store, no-cache, must-revalidate, private, max-age=0
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
content-type
text/javascript
x-xss-protection
1; mode=block
expiry
Thu, 01 Jan 1970 00:00:00 GMT
public-key-pins-report-only
max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="2oALgLKofTmeZvoZ1y/fSZg7R9jPMix8eVA6DH4o/q8="; pin-sha256="Gtk3r1evlBrs0hG3fm3VoM19daHexDWP//OCmeeMr5M="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="JbQbUG5JMJUoI6brnx0x3vZF6jilxsapbXGVfjhN8Fg="; pin-sha256="SVqWumuteCQHvVIaALrOZXuzVVVeS7f4FGxxu6V+es4="; pin-sha256="UZJDjsNp1+4M5x9cbbdflB779y5YRBcV6Z6rBMLIrO4="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="cAajgxHlj7GTSEIzIYIQxmEloOSoJq7VOaxWHfv72QM="; pin-sha256="dolnbtzEBnELx/9lOEQ22e6OZO/QNb6VSSX2XHA3E7A="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="iduNzFNKpwYZ3se/XV+hXcbUonlLw09QPa6AYUwpu4M="; pin-sha256="lnsM2T/O9/J84sJFdnrpsFp3awZJ+ZZbYpCWhGloaHI="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc="; includeSubdomains; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only"
content-length
2844
x-content-type-options
nosniff
blacklist_script.js
tagan.adlightning.com/freestar/ Frame 71BB 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/blacklist_script.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.23.1.535fe0f4586de520edb0ca93a1249020044721f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.155.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-24.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
812120e5ae14c01f8e582a6f65d8edd5be512183469167e1b4aa44babf4f16fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
iLtm3WArn1UQA7hZE5TQ9ishanoupQoT
content-encoding
gzip
etag
"5eb30c80051cf1068fd5977c36ebf0e1"
age
3357
x-cache
Hit from cloudfront
content-length
20181
x-amz-meta-git_commit
e1f86f1
last-modified
Tue, 12 Oct 2021 13:45:58 GMT
server
AmazonS3
date
Wed, 13 Oct 2021 18:10:16 GMT
content-type
application/javascript
via
1.1 892b66fb24658030c9f86276c7abeda5.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-amz-cf-id
UlUtVgXgyUlkf9dyGEEo0tAVzPCx6zWCiVK3ClePmWyIcNEUkORgQg==
blocking_script.js
tagan.adlightning.com/freestar/ Frame 71BB 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/blocking_script.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.23.1.535fe0f4586de520edb0ca93a1249020044721f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.155.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-24.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
922851ab1a5fce51fbdb9306f1329bf8e80919b6c443b38792b183da23d15314

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
R.x5oR3GjWAbHx1STHS0QVxqj_adXYaJ
content-encoding
gzip
etag
"740bb6532e59e4676cc74228cc09fc36"
age
86054
x-cache
Hit from cloudfront
content-length
28519
x-amz-meta-git_commit
7b120a5
last-modified
Mon, 16 Aug 2021 16:44:53 GMT
server
AmazonS3
date
Tue, 12 Oct 2021 19:12:11 GMT
content-type
application/javascript
via
1.1 892b66fb24658030c9f86276c7abeda5.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-amz-cf-id
dAX7uCdGBTuiq7gbyZ_MMNdZOuue5R7sKxQnc0RhopkzTgLFSoGHuQ==
AdDisplayTrackerServlet
pr.ybp.yahoo.com/ab/secure/true/imp/uKWxeKFBgDFNgZkEuD4kf_9MqsfhqKlvSv2AKLsGIPSinkIhDJEMXc7GU0xPpK52L-SSXAn_12cemL15T_jtAEqjmJYQFjK6QrxO7lJqJhVc7TBFQbYpqItUVLmcI4LcRLlj_YZv_0G0CVYtnhmhKmeCXmwxFlF_Y... Frame 71BB 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pr.ybp.yahoo.com/ab/secure/true/imp/uKWxeKFBgDFNgZkEuD4kf_9MqsfhqKlvSv2AKLsGIPSinkIhDJEMXc7GU0xPpK52L-SSXAn_12cemL15T_jtAEqjmJYQFjK6QrxO7lJqJhVc7TBFQbYpqItUVLmcI4LcRLlj_YZv_0G0CVYtnhmhKmeCXmwxFlF_Yw3nVcsZA7yfNhDmkU8fyhOEZ-sFKeV-VKH08-4G9dAp6sS3C9zy9oJM5tyKSE0veS-k0oQP3Pu8dJrU8fM8GDIUheqBiyxSNo4LxJY0-8mVKCMbGVlK4-Oo-0WThhTzl0s1KCJd-qejop0WKKMbYE1RwZStMfUH_lyssmg2zO5Q2jG1LFq_vaS8CVNexwOn7rVMxg9mvtRiVaJRy2wSchix8S--8ylDXs4tJUGwkkcDtgDKoDT9BdpLHorOhessNy4SnXYo6nerBUJ2pbCl5wCtWoLye5Awp4_ez5yg0ih0OBuzkch_bXnWJSWeu-QGPRTN3narCDwOAl7csJStJAdsG-WEdY84EiXdTo38-nmqS_xHnNARCAVOM3E43BG37QMin9r5poVPLAhg5KDPDeKYZzAxjXa8c-xkxbRHsnRbPrYyHNVB8SmzP87AO_eHpKRf5juC_MlcHZbgOGxiM0dY5Jq5STsgqmojegMMZ7VAvWf4QaJIwOocz_69TKYAHTkzZIW2brIAeS6TdJV2Le_4RsXShJ7xt71ruuzXJTL_16t1uXR0EobAO2KWoQUSNKCxf9iHLTv4X0BjIsBre7OoYPAARqCelqyIVW5vurzJO-V5vnBow6aXk7XoIHkZkoGsTZXP9hJ7M3QDIas3MLR1BwQDt4iGktPQAx3V08j52huLa4dwqHWRvbEzogM7KsJYJRG70OOG_1Opadmz3PGfyZhmRLxt3y8mfsd84mmlan2YuegbHkLp-nNXZlkxRYRRCM9ZqnDMnScLCF9mTca0udXi7MSMJX6SncG-HVI-mqBVod9AH3D-3sPwp0_B1hd2LBCeEPA3doA9dqCt9zgWpxeIGPPNR2YJ2GUI44dtFChJqPuuLos-zuw_wYpzSeW0MmpOPn-z-ZrEmZO5Xm5M60cfgz-6z-rBCDytl-KSdT3I20N6_ntskjld5K2Yg9eqwrXwmYRhbjswc9bhWbgmRgr6rjuDDbu4dQ2xcxIgtDpXo6VRfzeV37ngNTyNzxe7SD4-rD0nmw8FyqID1OkchP1uS0-3HoPCkz_o5FXGOamcwbCepHd_MYVCqK65XlLO2nChM0SoIuxoer0iGNGNSFKZhKxSZvH7n7npD-AaIx2ukgpFaF0m0rXMpYpOClUCG6nyDFaAFmuePV1P_Jr7zL8sYc9QVC9Ib80n8wzR3csY64sq5Dh67IkzJ3ipu9xhEJLf-1BHgyTzczgrpX7YIIlfQ7ZSNnaSQLUo6S8/wp/0.024404/pclick/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjY5NiZzaXRlSWQ9MjY5ODg1JmFkSWQ9MTMyNTE3NyZrYWRzaXplaWQ9OSZ0bGRJZD00MjI5NTc1NCZjYW1wYWlnbklkPTIzMDI2JmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xODA3NjI0MTk5Njc5NzEyODMyOCZhZFNlcnZlcklkPTI0MyZpbXBpZD0yNkEzQjc2NC0wNkM2LTRENEEtQUE3MS0wQTNFRUE2RkRBODYmcGFzc2JhY2s9MA==_url=
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.118.23 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
e2.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
883d9e62a7a890a77f352d4d1fefb469880a05b586b6efd5597149076c7758a7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:12 GMT
referrer-policy
no-referrer-when-downgrade
server
ATS
cache-control
no-store, no-cache, must-revalidate, private, max-age=0
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
content-type
text/javascript
x-xss-protection
1; mode=block
expiry
Thu, 01 Jan 1970 00:00:00 GMT
public-key-pins-report-only
max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="2oALgLKofTmeZvoZ1y/fSZg7R9jPMix8eVA6DH4o/q8="; pin-sha256="Gtk3r1evlBrs0hG3fm3VoM19daHexDWP//OCmeeMr5M="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="JbQbUG5JMJUoI6brnx0x3vZF6jilxsapbXGVfjhN8Fg="; pin-sha256="SVqWumuteCQHvVIaALrOZXuzVVVeS7f4FGxxu6V+es4="; pin-sha256="UZJDjsNp1+4M5x9cbbdflB779y5YRBcV6Z6rBMLIrO4="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="cAajgxHlj7GTSEIzIYIQxmEloOSoJq7VOaxWHfv72QM="; pin-sha256="dolnbtzEBnELx/9lOEQ22e6OZO/QNb6VSSX2XHA3E7A="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="iduNzFNKpwYZ3se/XV+hXcbUonlLw09QPa6AYUwpu4M="; pin-sha256="lnsM2T/O9/J84sJFdnrpsFp3awZJ+ZZbYpCWhGloaHI="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc="; includeSubdomains; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only"
content-length
2847
x-content-type-options
nosniff
c
c.pub.network/ 		36 B
98 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.22.4.535fe0f4586de520edb0ca93a1249020044721f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
f6ceb8dacf80b688eac4bab642129b08e42f2a06868a5e245032a37fa19993e1

Request headers

Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 13 Oct 2021 19:06:12 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
alt-svc
clear
content-length
36
inside.js
cdn.js7k.com/rq/iv/ Frame E244 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.js7k.com/rq/iv/inside.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/blocking_script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.118.23 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
e2.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
1b3f1a6337f21366cf59487bb664dd0983c245ccf100be143f4366a07e005d09
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 16:37:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8922
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
content-length
14353
x-amz-id-2
AM8Hkob17YcY/BELs2Ps23H8iQPSaOsiUpYRIxYT9k+EM+AC/fDMtdqNWreIviv6o3JEtlDvMmg=
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Sep 2021 15:05:50 GMT
server
ATS
etag
"8ceeaab271ed688991789ed1090cb398-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
EJ4R4MXNT8E2ZBPK
x-xss-protection
1; mode=block
cache-control
public,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
fa2d478e-1523-41a2-bb4f-d5fc065ee64f.jpeg
s.yimg.com/ch/ Frame E244 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/ch/fa2d478e-1523-41a2-bb4f-d5fc065ee64f.jpeg
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/8mgfm8k4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.118.23 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
e2.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
ac4143ef552c921548a5c4f532cca79fb4199e70297799e5479c4608ac04d500
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 22:04:46 GMT
x-content-type-options
nosniff
age
248488
x-amz-server-side-encryption
AES256
vary
Origin
content-length
73941
x-amz-id-2
DSl8Fm/J4uH/Eb3UDP6zHIFZ5qaBENQjsBmmj1fUAsemrULRihq3k+tYbmD/ZUeo/OdK8vurASo=
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 26 Jul 2021 14:59:45 GMT
server
ATS
etag
"84c38ae63cb97a42243c869404ab0548"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
ZW9JGC2R0N831RY7
x-xss-protection
1; mode=block
cache-control
max-age=15552000, public
x-amz-version-id
null
accept-ranges
bytes
content-type
image/jpeg
adchoicesblue.png
s.yimg.com/ch/icons/adchoices/ Frame E244 		565 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/ch/icons/adchoices/adchoicesblue.png
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/8mgfm8k4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.118.23 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
e2.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion
1
date
Wed, 06 Oct 2021 11:46:59 GMT
x-content-type-options
nosniff
age
631155
x-amz-server-side-encryption
AES256
vary
Origin
content-length
565
x-amz-id-2
bHe94p5pIiGw59rcAvsONHmP0qYixvuQYIAtpZq7VPYbPcR59/iNHS40IW4zmSeUB/bctUKHBAg=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 22 Jul 2020 18:15:42 GMT
server
ATS
etag
"349bad1100a940608cb9109eb2b166a2"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
PTX6DA3TJYG3YBP0
x-xss-protection
1; mode=block
cache-control
max-age=15552000, public
x-amz-version-id
null
accept-ranges
bytes
content-type
image/png
inside-20.js
cdn.js7k.com/rq/iv/ Frame 71BB 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.js7k.com/rq/iv/inside-20.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/blocking_script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.118.23 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
e2.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
b881933fe54cb1f5fff57af861b24625152804dc14462501e7f1fde3b11fe4a1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 17:51:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4463
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
content-length
14351
x-amz-id-2
j+YZBVUbzlIYbKuAK0aKXofd9U/3xm3YgL/b7ZXP5WUKH+GBKOgJx2N+fNZIxCKz3EyipLAmhrE=
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Sep 2021 15:05:50 GMT
server
ATS
etag
"f881746c8b26f5492cfb9be16c44dbcc-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
4PXJSJGF0A0S6CSZ
x-xss-protection
1; mode=block
cache-control
public,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
e41e6d53-70f2-4449-bb44-45ca452937f2.jpeg
s.yimg.com/ch/ Frame 71BB 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/ch/e41e6d53-70f2-4449-bb44-45ca452937f2.jpeg
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/8mgfm8k4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.118.23 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
e2.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
a9d7f40c5bb6d9c8149a3bf36170b958bbf2ba6056ba0bfe691cdba62de6cbc6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 06:37:43 GMT
x-content-type-options
nosniff
age
131311
x-amz-server-side-encryption
AES256
vary
Origin
content-length
81542
x-amz-id-2
HoL+U8BWvwrubDrNFRZYZt9aYgl+FLo81vTZL/IHAEo4BEtKCg3jv4a5OxlVU4bm0p57qZ04FL8=
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 26 Jul 2021 14:59:45 GMT
server
ATS
etag
"87339d618789604b252b3d31a264e27b"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
NHK3VY69VVS2M41S
x-xss-protection
1; mode=block
cache-control
max-age=15552000, public
x-amz-version-id
null
accept-ranges
bytes
content-type
image/jpeg
adchoicesblue.png
s.yimg.com/ch/icons/adchoices/ Frame 71BB 		565 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/ch/icons/adchoices/adchoicesblue.png
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/8mgfm8k4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.118.23 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
e2.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion
1
date
Wed, 06 Oct 2021 11:46:59 GMT
x-content-type-options
nosniff
age
631155
x-amz-server-side-encryption
AES256
vary
Origin
content-length
565
x-amz-id-2
bHe94p5pIiGw59rcAvsONHmP0qYixvuQYIAtpZq7VPYbPcR59/iNHS40IW4zmSeUB/bctUKHBAg=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 22 Jul 2020 18:15:42 GMT
server
ATS
etag
"349bad1100a940608cb9109eb2b166a2"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
PTX6DA3TJYG3YBP0
x-xss-protection
1; mode=block
cache-control
max-age=15552000, public
x-amz-version-id
null
accept-ranges
bytes
content-type
image/png
inside.js
cdn.js7k.com/rq/iv/ Frame 258B 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.js7k.com/rq/iv/inside.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/blocking_script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.118.23 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
e2.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
1b3f1a6337f21366cf59487bb664dd0983c245ccf100be143f4366a07e005d09
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 16:37:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8923
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
content-length
14353
x-amz-id-2
AM8Hkob17YcY/BELs2Ps23H8iQPSaOsiUpYRIxYT9k+EM+AC/fDMtdqNWreIviv6o3JEtlDvMmg=
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Sep 2021 15:05:50 GMT
server
ATS
etag
"8ceeaab271ed688991789ed1090cb398-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
EJ4R4MXNT8E2ZBPK
x-xss-protection
1; mode=block
cache-control
public,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
309fd607-d517-4c17-8561-89959a2a878b.jpeg
s.yimg.com/ch/ Frame 258B 		68 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/ch/309fd607-d517-4c17-8561-89959a2a878b.jpeg
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/8mgfm8k4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.118.23 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
e2.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
47617c6d8393ab518f5158efd1e5316623d9fcb06036d5c15e3f4fdb57fde883
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:42:44 GMT
x-content-type-options
nosniff
age
1920211
x-amz-server-side-encryption
AES256
vary
Origin
content-length
70095
x-amz-id-2
scu9qyUoH6JKGc38hbmfi2407+iZrY/14kO0xceEyjAfZkPXASnK1d6d7s4d0yEA4FZpq8DSvz8=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 25 Aug 2021 13:30:38 GMT
server
ATS
etag
"8b0c39264f128dbd82f95cdd0add61a4"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
4K2FP077280NH2RH
x-xss-protection
1; mode=block
cache-control
max-age=15552000, public
x-amz-version-id
null
accept-ranges
bytes
content-type
image/jpeg
adchoicesblue.png
s.yimg.com/ch/icons/adchoices/ Frame 258B 		565 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/ch/icons/adchoices/adchoicesblue.png
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/8mgfm8k4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.118.23 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
e2.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion
1
date
Wed, 06 Oct 2021 11:46:59 GMT
x-content-type-options
nosniff
age
631156
x-amz-server-side-encryption
AES256
vary
Origin
content-length
565
x-amz-id-2
bHe94p5pIiGw59rcAvsONHmP0qYixvuQYIAtpZq7VPYbPcR59/iNHS40IW4zmSeUB/bctUKHBAg=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 22 Jul 2020 18:15:42 GMT
server
ATS
etag
"349bad1100a940608cb9109eb2b166a2"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
PTX6DA3TJYG3YBP0
x-xss-protection
1; mode=block
cache-control
max-age=15552000, public
x-amz-version-id
null
accept-ranges
bytes
content-type
image/png
inside-5.js
cdn.js7k.com/rq/iv/ Frame 1099 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.js7k.com/rq/iv/inside-5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/blocking_script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.118.23 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
e2.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
94dbc2b8c346e21c33acc3282ad347f68547a5c36db412853677a264389e63e9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 16:37:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8913
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
content-length
14351
x-amz-id-2
LB7k7AV4cAS91n/+e2B4jdvMcWyizZ4lzs0vvrao0pppsEml/tx4Q379aTDgCFxmy0k84qQoIa4=
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Sep 2021 15:05:50 GMT
server
ATS
etag
"ebd5ce30dface9cc8115a8aae27d3a5b-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
RF2K74K81TGGTYFN
x-xss-protection
1; mode=block
cache-control
public,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
89222453-8192-4406-99e4-0c5824b95c09.jpeg
s.yimg.com/ch/ Frame 1099 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/ch/89222453-8192-4406-99e4-0c5824b95c09.jpeg
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/8mgfm8k4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.118.23 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
e2.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
9bbaa256848e7a1e705b8daaa9f6804156473b2a61dda9d3cecc99d8a7518952
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion
1
date
Sat, 04 Sep 2021 13:41:40 GMT
x-content-type-options
nosniff
age
3389075
x-amz-server-side-encryption
AES256
vary
Origin
content-length
69871
x-amz-id-2
P6Q6vFmPZx0xXGpVCP/pupAAjj+N0lqK2pZUIvk53dMKuWu0PtnmTeMMod6fQYL8PnCwNpFHPHs=
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 26 Jul 2021 14:59:45 GMT
server
ATS
etag
"e0e1aa0b1438aba8ca92c2eded91624a"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
P0YH0ZTYPBCD7JDG
x-xss-protection
1; mode=block
cache-control
max-age=15552000, public
x-amz-version-id
null
accept-ranges
bytes
content-type
image/jpeg
adchoicesblue.png
s.yimg.com/ch/icons/adchoices/ Frame 1099 		565 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/ch/icons/adchoices/adchoicesblue.png
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/8mgfm8k4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.118.23 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
e2.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion
1
date
Wed, 06 Oct 2021 11:46:59 GMT
x-content-type-options
nosniff
age
631156
x-amz-server-side-encryption
AES256
vary
Origin
content-length
565
x-amz-id-2
bHe94p5pIiGw59rcAvsONHmP0qYixvuQYIAtpZq7VPYbPcR59/iNHS40IW4zmSeUB/bctUKHBAg=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 22 Jul 2020 18:15:42 GMT
server
ATS
etag
"349bad1100a940608cb9109eb2b166a2"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
PTX6DA3TJYG3YBP0
x-xss-protection
1; mode=block
cache-control
max-age=15552000, public
x-amz-version-id
null
accept-ranges
bytes
content-type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame 06E0 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv9sUTlotMmi5XeumCTUHYKYddk0bb_PRNa-5a7FaZoFWSg1D-O9mes6SBcbh8ZQ5Hhmd5xN9algsmXqchfoxy_UNsuoIKQj79-jLaIgt7CPhzIeX8&sai=AMfl-YS6JdOg5a-prZfx-X7q9dTLhNSlgo-fS36t_XfktHL3vyHcdjmz-Ombu7rWs4llut9P1ITai-aXoUJL8EsUZHKGVetWH2vfASyc_MadnyR6f1q9VzlUFOY9kx3jeUg&sig=Cg0ArKJSzF8jK33tRNvVEAE&id=lidar2&mcvt=2500&p=0,0,90,728&asp=1110,436,1200,1164&mtos=2500,2500,2500,2500,2500&tos=2500,0,0,0,0&v=20211011&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=1723632371&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634151971686&rpt=161&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c
c.pub.network/ 		36 B
98 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.22.4.535fe0f4586de520edb0ca93a1249020044721f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
f6ceb8dacf80b688eac4bab642129b08e42f2a06868a5e245032a37fa19993e1

Request headers

Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 13 Oct 2021 19:06:14 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://anotepad.com
access-control-allow-credentials
true
alt-svc
clear
content-length
36
json
gum.criteo.com/sid/ Frame AE18 		435 B
529 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=anotepad.com&sn=ChromeSyncframe&so=0&topUrl=anotepad.com&cw=1&lsw=1
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=anotepad.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
d4c11ce581a9aaa7c2cf021e68b2bff0dd1d3ad74e65dc8c308f96ce1fadd2c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=anotepad.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Wed, 13 Oct 2021 19:06:13 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2485
expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 46E3 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuS5EdaLZR34UQH-HCMWUOaOicLCyyEISswa7yXZaatk7sxdbvLz-SdfNPjctt4qdKSimvYTgSNCcrrxspr8B6nNvy8nw-DYOsKoK2xyorJkJQ0bxm62lvjUpgBFLbs7_5XegpPUHr84GfcCalSXtC4SFzNksU0dS8k10VNMgD75waWCAymynUvcw-_Tt-I3vBo1g&sai=AMfl-YTmXWEht2vyf34KTriwxJNISGuKx-JSkoyat7rQHe4ZtNAYShmzovJZjLYNakoww6vKvfPt9swubqZyx5IpNmAlh9KWX9R95Ke63PF4sVhVZJpKqzVlCpgAfYHFEj25&sig=Cg0ArKJSzDfydRuPk5DEEAE&id=lidar2&mcvt=2054&p=0,0,250,300&asp=220,650,470,950&mtos=2054,2054,2054,2054,2054&tos=2054,0,0,0,0&v=20211011&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=610960399&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634151972053&rpt=261&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 3140 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/8mgfm8k4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://anotepad.com/
accept-encoding
gzip, deflate, br
cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=4051A24A-49C2-4797-987F-724EE6681D5C
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=76904
expires
Thu, 14 Oct 2021 16:27:58 GMT
date
Wed, 13 Oct 2021 19:06:14 GMT
vary
Accept-Encoding
AdDisplayTrackerServlet
aktrack.pubmatic.com/AdServer/ Frame 2897 		0
61 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156696&siteId=269885&adId=1325175&adType=10&adServerId=243&kefact=0.023436&kaxefact=0.023436&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=9&kltstamp=1634151971&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.024669&dcId=3&tldId=42295754&passback=0&svr=BID22530U&adsver=_1972006031&adsabzcid=0&cls=BID&ekefact=Iy5nYRaEBAAFBWnTXqJdwE-uqu0uqjTupzl-qTGsd0aHqUsY&ekaxefact=Iy5nYSCEBADuOJWp9UnanKynze3OqOSr_H4E1g7g_dkDgYOG&ekpbmtpfact=Iy5nYSmEBADaFCVkUgw6GnHEYfXrRIYgWRc4_CIk7YfYkPOZ&enpp=Iy5nYTKEBACJi9uDG9vSY0tbyJN0zXe2sMcoJ4UEuviPMSGP&pfi=1&domId=14458936769757509276&dc=AMS&pubBuyId=32802&crID=3565346&lpu=pramac.com&ucrid=3274319656763099746&campaignId=23026&creativeId=0&pctr=0.000000&wDSPByrId=OATH102139000&wDspId=452&wbId=2&wrId=0&wAdvID=969113&wDspCampId=1657127&isRTB=1&rtbId=2FDC6CAB-7618-4CB9-A72F-C362ED16F14F&imprId=5231F024-CB08-4799-AB53-82CF81DD63C7&oid=5231F024-CB08-4799-AB53-82CF81DD63C7&cntryId=232&domain=anotepad.com&pageURL=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4&sec=1&pAuSt=3
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/8mgfm8k4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
aktrack.pubmatic.com
:scheme
https
:path
/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156696&siteId=269885&adId=1325175&adType=10&adServerId=243&kefact=0.023436&kaxefact=0.023436&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=9&kltstamp=1634151971&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.024669&dcId=3&tldId=42295754&passback=0&svr=BID22530U&adsver=_1972006031&adsabzcid=0&cls=BID&ekefact=Iy5nYRaEBAAFBWnTXqJdwE-uqu0uqjTupzl-qTGsd0aHqUsY&ekaxefact=Iy5nYSCEBADuOJWp9UnanKynze3OqOSr_H4E1g7g_dkDgYOG&ekpbmtpfact=Iy5nYSmEBADaFCVkUgw6GnHEYfXrRIYgWRc4_CIk7YfYkPOZ&enpp=Iy5nYTKEBACJi9uDG9vSY0tbyJN0zXe2sMcoJ4UEuviPMSGP&pfi=1&domId=14458936769757509276&dc=AMS&pubBuyId=32802&crID=3565346&lpu=pramac.com&ucrid=3274319656763099746&campaignId=23026&creativeId=0&pctr=0.000000&wDSPByrId=OATH102139000&wDspId=452&wbId=2&wrId=0&wAdvID=969113&wDspCampId=1657127&isRTB=1&rtbId=2FDC6CAB-7618-4CB9-A72F-C362ED16F14F&imprId=5231F024-CB08-4799-AB53-82CF81DD63C7&oid=5231F024-CB08-4799-AB53-82CF81DD63C7&cntryId=232&domain=anotepad.com&pageURL=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4&sec=1&pAuSt=3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://anotepad.com/
accept-encoding
gzip, deflate, br
cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=4051A24A-49C2-4797-987F-724EE6681D5C
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/

Response headers

content-type
text/html
content-length
0
date
Wed, 13 Oct 2021 19:06:14 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 5198 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/8mgfm8k4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://anotepad.com/
accept-encoding
gzip, deflate, br
cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=4051A24A-49C2-4797-987F-724EE6681D5C
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=76904
expires
Thu, 14 Oct 2021 16:27:58 GMT
date
Wed, 13 Oct 2021 19:06:14 GMT
vary
Accept-Encoding
AdDisplayTrackerServlet
aktrack.pubmatic.com/AdServer/ Frame 5F8F 		0
61 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156696&siteId=269885&adId=1325177&adType=10&adServerId=243&kefact=0.023184&kaxefact=0.023184&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=9&kltstamp=1634151971&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.024404&dcId=3&tldId=42295754&passback=0&svr=BID22481U&adsver=_1972006031&adsabzcid=0&cls=BID&ekefact=Iy5nYbyfAgDNXWU5hOzy5OJgFLi2bQlx3WjjU0NUSN8MXvAV&ekaxefact=Iy5nYcyfAgCEPTOOQ8JcU2ch7pput4rJZVvKRT1uKKjHTdTs&ekpbmtpfact=Iy5nYdqfAgBR9iNXzAKKKZ1Y35xxkHMB68gFea2RnrxgOr3R&enpp=Iy5nYeefAgBM3jr38BMJYV8TZTqxc2sMo46MW4h7dj8F0B8t&pfi=1&domId=14458936769757509276&dc=AMS&pubBuyId=32802&crID=3565397&lpu=pramac.com&ucrid=18076241996797128328&campaignId=23026&creativeId=0&pctr=0.000000&wDSPByrId=OATH102139000&wDspId=452&wbId=3&wrId=0&wAdvID=969113&wDspCampId=1657127&isRTB=1&rtbId=7EA8FC61-4FB3-4B7B-8FF5-7D49B3A839F2&imprId=26A3B764-06C6-4D4A-AA71-0A3EEA6FDA86&oid=26A3B764-06C6-4D4A-AA71-0A3EEA6FDA86&cntryId=232&domain=anotepad.com&pageURL=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4&sec=1&pAuSt=3
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/8mgfm8k4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
aktrack.pubmatic.com
:scheme
https
:path
/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156696&siteId=269885&adId=1325177&adType=10&adServerId=243&kefact=0.023184&kaxefact=0.023184&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=9&kltstamp=1634151971&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.024404&dcId=3&tldId=42295754&passback=0&svr=BID22481U&adsver=_1972006031&adsabzcid=0&cls=BID&ekefact=Iy5nYbyfAgDNXWU5hOzy5OJgFLi2bQlx3WjjU0NUSN8MXvAV&ekaxefact=Iy5nYcyfAgCEPTOOQ8JcU2ch7pput4rJZVvKRT1uKKjHTdTs&ekpbmtpfact=Iy5nYdqfAgBR9iNXzAKKKZ1Y35xxkHMB68gFea2RnrxgOr3R&enpp=Iy5nYeefAgBM3jr38BMJYV8TZTqxc2sMo46MW4h7dj8F0B8t&pfi=1&domId=14458936769757509276&dc=AMS&pubBuyId=32802&crID=3565397&lpu=pramac.com&ucrid=18076241996797128328&campaignId=23026&creativeId=0&pctr=0.000000&wDSPByrId=OATH102139000&wDspId=452&wbId=3&wrId=0&wAdvID=969113&wDspCampId=1657127&isRTB=1&rtbId=7EA8FC61-4FB3-4B7B-8FF5-7D49B3A839F2&imprId=26A3B764-06C6-4D4A-AA71-0A3EEA6FDA86&oid=26A3B764-06C6-4D4A-AA71-0A3EEA6FDA86&cntryId=232&domain=anotepad.com&pageURL=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4&sec=1&pAuSt=3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://anotepad.com/
accept-encoding
gzip, deflate, br
cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=4051A24A-49C2-4797-987F-724EE6681D5C
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/

Response headers

content-type
text/html
content-length
0
date
Wed, 13 Oct 2021 19:06:14 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame CF38 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/8mgfm8k4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://anotepad.com/
accept-encoding
gzip, deflate, br
cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=4051A24A-49C2-4797-987F-724EE6681D5C
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=76904
expires
Thu, 14 Oct 2021 16:27:58 GMT
date
Wed, 13 Oct 2021 19:06:14 GMT
vary
Accept-Encoding
AdDisplayTrackerServlet
aktrack.pubmatic.com/AdServer/ Frame 83B2 		0
61 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156696&siteId=269885&adId=1325175&adType=10&adServerId=243&kefact=0.023436&kaxefact=0.023436&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=9&kltstamp=1634151971&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.024669&dcId=3&tldId=42295754&passback=0&svr=BID22535U&adsver=_1972006031&adsabzcid=0&cls=BID&ekefact=Iy5nYWORAgCgtTX4aDAJlwywFlzlPXzPNyYGFmLJNXG-_kMD&ekaxefact=Iy5nYYGRAgBJBXZdYsx14r2sspZ7STc-bEUOa9t9nFuFinDY&ekpbmtpfact=Iy5nYZuRAgByyXcI_eshNtjAGyJOCILf9y8e8FUcoARKTeaK&enpp=Iy5nYbWRAgBaP1OD2bgfBthp9p7-gN1RzbjtA2oFrtnbS-KV&pfi=1&domId=14458936769757509276&dc=AMS&pubBuyId=32802&crID=3565477&lpu=pramac.com&ucrid=17007508701686110183&campaignId=23026&creativeId=0&pctr=0.000000&wDSPByrId=OATH102139000&wDspId=452&wbId=2&wrId=0&wAdvID=969113&wDspCampId=1657127&isRTB=1&rtbId=83D17088-EB4B-487D-B31F-C4B38678C072&imprId=70F8BC06-6D29-4518-8E52-3A066EC494E9&oid=70F8BC06-6D29-4518-8E52-3A066EC494E9&cntryId=232&domain=anotepad.com&pageURL=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4&sec=1&pAuSt=3
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/8mgfm8k4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
aktrack.pubmatic.com
:scheme
https
:path
/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156696&siteId=269885&adId=1325175&adType=10&adServerId=243&kefact=0.023436&kaxefact=0.023436&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=9&kltstamp=1634151971&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.024669&dcId=3&tldId=42295754&passback=0&svr=BID22535U&adsver=_1972006031&adsabzcid=0&cls=BID&ekefact=Iy5nYWORAgCgtTX4aDAJlwywFlzlPXzPNyYGFmLJNXG-_kMD&ekaxefact=Iy5nYYGRAgBJBXZdYsx14r2sspZ7STc-bEUOa9t9nFuFinDY&ekpbmtpfact=Iy5nYZuRAgByyXcI_eshNtjAGyJOCILf9y8e8FUcoARKTeaK&enpp=Iy5nYbWRAgBaP1OD2bgfBthp9p7-gN1RzbjtA2oFrtnbS-KV&pfi=1&domId=14458936769757509276&dc=AMS&pubBuyId=32802&crID=3565477&lpu=pramac.com&ucrid=17007508701686110183&campaignId=23026&creativeId=0&pctr=0.000000&wDSPByrId=OATH102139000&wDspId=452&wbId=2&wrId=0&wAdvID=969113&wDspCampId=1657127&isRTB=1&rtbId=83D17088-EB4B-487D-B31F-C4B38678C072&imprId=70F8BC06-6D29-4518-8E52-3A066EC494E9&oid=70F8BC06-6D29-4518-8E52-3A066EC494E9&cntryId=232&domain=anotepad.com&pageURL=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4&sec=1&pAuSt=3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://anotepad.com/
accept-encoding
gzip, deflate, br
cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=4051A24A-49C2-4797-987F-724EE6681D5C
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/

Response headers

content-type
text/html
content-length
0
date
Wed, 13 Oct 2021 19:06:14 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 8992 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/8mgfm8k4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://anotepad.com/
accept-encoding
gzip, deflate, br
cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=4051A24A-49C2-4797-987F-724EE6681D5C
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=76904
expires
Thu, 14 Oct 2021 16:27:58 GMT
date
Wed, 13 Oct 2021 19:06:14 GMT
vary
Accept-Encoding
AdDisplayTrackerServlet
aktrack.pubmatic.com/AdServer/ Frame F1EA 		0
61 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156696&siteId=269885&adId=1325177&adType=10&adServerId=243&kefact=0.022455&kaxefact=0.022455&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=9&kltstamp=1634151971&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.023637&dcId=3&tldId=42295754&passback=0&svr=BID22432U&adsver=_1972006031&adsabzcid=0&cls=BID&ekefact=Iy5nYRK-AgBtaFeGCQKjjM1JYsZ1o9bn3mjeTJktJBp1_Pk6&ekaxefact=Iy5nYTG-AgBZ-HEaMy7aLIWuRf7KJ-JQcyz2-aJ3Zn7jUX_J&ekpbmtpfact=Iy5nYUu-AgDbn9ri8QWsgT7L0oLtSiYcfLkNEGMBNKQJD6Xn&enpp=Iy5nYWW-AgDSLpDL9TRfnaUhMHcZQNLNTR4AZcoVkDaKecA2&pfi=1&domId=14458936769757509276&dc=AMS&pubBuyId=32802&crID=3565303&lpu=pramac.com&ucrid=1294549814952021847&campaignId=23026&creativeId=0&pctr=0.000000&wDSPByrId=OATH102139000&wDspId=452&wbId=3&wrId=0&wAdvID=969113&wDspCampId=1657127&isRTB=1&rtbId=42205F63-DB57-414D-A2F2-7E9C0ACC492D&imprId=9CB24EAC-9B2A-491F-81B4-314AA8335D33&oid=9CB24EAC-9B2A-491F-81B4-314AA8335D33&cntryId=232&domain=anotepad.com&pageURL=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4&sec=1&pAuSt=3
Requested by
Host: anotepad.com
URL: https://anotepad.com/notes/8mgfm8k4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
aktrack.pubmatic.com
:scheme
https
:path
/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156696&siteId=269885&adId=1325177&adType=10&adServerId=243&kefact=0.022455&kaxefact=0.022455&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=9&kltstamp=1634151971&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.023637&dcId=3&tldId=42295754&passback=0&svr=BID22432U&adsver=_1972006031&adsabzcid=0&cls=BID&ekefact=Iy5nYRK-AgBtaFeGCQKjjM1JYsZ1o9bn3mjeTJktJBp1_Pk6&ekaxefact=Iy5nYTG-AgBZ-HEaMy7aLIWuRf7KJ-JQcyz2-aJ3Zn7jUX_J&ekpbmtpfact=Iy5nYUu-AgDbn9ri8QWsgT7L0oLtSiYcfLkNEGMBNKQJD6Xn&enpp=Iy5nYWW-AgDSLpDL9TRfnaUhMHcZQNLNTR4AZcoVkDaKecA2&pfi=1&domId=14458936769757509276&dc=AMS&pubBuyId=32802&crID=3565303&lpu=pramac.com&ucrid=1294549814952021847&campaignId=23026&creativeId=0&pctr=0.000000&wDSPByrId=OATH102139000&wDspId=452&wbId=3&wrId=0&wAdvID=969113&wDspCampId=1657127&isRTB=1&rtbId=42205F63-DB57-414D-A2F2-7E9C0ACC492D&imprId=9CB24EAC-9B2A-491F-81B4-314AA8335D33&oid=9CB24EAC-9B2A-491F-81B4-314AA8335D33&cntryId=232&domain=anotepad.com&pageURL=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4&sec=1&pAuSt=3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://anotepad.com/
accept-encoding
gzip, deflate, br
cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=4051A24A-49C2-4797-987F-724EE6681D5C
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/

Response headers

content-type
text/html
content-length
0
date
Wed, 13 Oct 2021 19:06:14 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0434 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BUCvqIy5nYYKZJozc7gO_zKzQDgAAAAA4AeAEAg&bg=!SkmlSQ3NAAbGFvHlxhY7ACkAdvg8Wqvjs8ozFL19V7xW_A2h4-pwu9QKgIh8eYl0MZPohMUYYPKAKgIAAAegUgAAAAtoAQeZAtXpXp9nBTIUiUI4_yaKNtOkycm2AEsVVLcWl8MMLSLNUayi9q0L3VLMIDAR1HBO_Sl-wOa3n0BWrNjFhKKVb2K1twui1WfHjXqCfibvlj4Bj-nHj01bOWqeUvLpPtGWur6bW4Al3DEBISyj6TCc3duwo9la6zb7xWBCru8-y6oDFQe9AEvuWs2Ad9no4iN1zJ84IeonDBJcPaYOCq8wOThfeVj5iJkEANwg4f0x2qjpB8N4YQTlCqP7xg73is2I38H3zt0mJ-Urv0UwmcI3g-07o0qBRoE3laUEkHYh4AMFjkwlCiJa6jEZorSs4JPw11Xp_Y0EJeasJ4gVXNsOcG2WM5ZDKRiSpax4bN22KSjSgQhWUcEm8opnjPjczfwOU0G4kIQuh35XWxwFo6Mq1fG0ac9ie3XSy02SWhGTslaYqeHp7P8YSTNmNCqVgiE-Po-gumAg0xHfX2g0ftukjMwrbt6GbafXNSZfcpLa1TaPe7avh_YQkI8NkkkjU1tCc6dD0-H5x5WgDOCfVDR8C_Gt6e4fu5xHT808S3idbCulL6oZtXPHBaZIV__p84g8awb4F7I_GgP4ragiOUpoS2px8POducy-8dybz1vhg5HE4XfJZ-GM9HK3sD6f1dOSjnWuowffAsheVufGZ7l1s8doN1idAXfHjK5Aslo-ebhATg90QJOJJjZYtS04v0K7kzGU2Z21fWs6hhjzjcCgiDv2Hx-OXnFNxRMAFW7iEqYZI1t1HwFQsgNYC-qCxXCHG7vX-DlKWmrGjOuIJGzOH9-6B8-KAbUyjZOiSlGiZtAeRZwNHcdwgeOSR9Y_mTB4zIheJwMtOex1Ab48jsw-2KLEWKX6K_U5pnTOKIadUlmu6IQCze_Sn70S76hHfal8MhMmzXWhId-3tR8VMZmZNfjw15kaWvV19T6v6qchqJj671qkoaWgf_cvItB7emYL1k0IDDakDQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B5A9 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BXUkVIy5nYYOZJozc7gO_zKzQDgAAAAA4AeAEAg&bg=!eHulez_NAAbGFvHlxhY7ACkAdvg8WjZchOQgvmQj76OxOO5olZOcUodEQ8RVrDQODHIMnbd1eXi0jAIAAAeYUgAAAAtoAQeZAsNEhT62GjkD52GWga7bDebLf6HTYfTeC61KxHTrkfhuxKqXQkI4C6EO7VQKMmRWidVgig3NE6Yvlr87Pym-WXv5w37ZcmIlNJ0PC4L4E1V4P61osc-_VJAQsplMozlwkGSbGluWiLNNaCrU1AUb0OVHw-R_I6LHAgWzxZv9juQyxps9pPU1wAEKrfKP12aZcoyHLZy82a8yNIn4YJyXEKaJWFsfkLs24A0brit6JdxdNg5iG_n9H4Pz7ScwdFMbDDiyjrNfaj9XDXZJZuPBg4tiK6Ap4Z_jdwD5YfkS-oQFyahEF5fUJodkk_b63wU4MSfYHmGVM9BYNzCWt_asx5-8Fl1jYIUjn2q6xjiuSNqfK3wf3Ue0IHniZzWSeygzHA1g72_BXS8WIHk87SDMIL5ASuGh4s4zjoUBUWsAoArO-a3sYdcGbB7PKOCiz7kousM_ijyaaY4DlaVkHs4BWD2LHj3N7usbFAsst9D-Xvu2oDTOE1zfl67eh0W9pg2eUF167ZIlQKWDC-Zxlbo4Pu8t7i9La-ct2zc5_OoH5nhZ1485pc5tpX_Lwd1d6dIlMeTvqG_f0o84Ae9cRTDGSrpUG1bydDPzKLsBU3BKlDJBJhJ4EwcB0uSoh5IJX40DQPBaC2j4BFelBXxz-JBZmgRmSKbw0bysOlCNcNhL_qMLAt6HxuLRIJmYC2tUfrvtPkWq2j8gPz3-_ImZcHlsNne21t8MNHDEvSOhSdW9rE39Xb6FCY7EeoJA9OMaQPJGgMgS-nX2MUkc3JjHzm4_x8fu-OCvtJk0kXshTr7iYziCH1gorFhRwHBzgkA37o2LW4szNfbBx_LUHQ7yH_mnXZ_ABtBri-Jo3JkX62e96T4vmnhgYOtmeNi5BHTEA8vbwJhLRo8sGcfqcQJWOt9jheCfYApX2lRXeFGDA8CoG8tFmTyQ3w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 3140 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=60526748&p=156696&s=269885&a=0&ptask=DSP&np=0&fp=1&mpc=10&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
f0ab60d9650741b87ac789f80a7ec5fd117800787b68085f1ec60dca4f2950ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1937
content-type
text/html; charset=UTF-8
Pug
image2.pubmatic.com/AdServer/ Frame 8599
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=405855181577769890
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=405855181577769890
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=405855181577769890
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=4051A24A-49C2-4797-987F-724EE6681D5C; chkChromeAb67Sec=1; SyncRTB3=1635292800%3A8_220_21_13_54_161_56_7_3%7C1635379200%3A35; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEIK-vNmaHiHB7QQ4HcrbcSk&KRTB&16514-CAESEIK-vNmaHiHB7QQ4HcrbcSk&KRTB&23025-CAESEIK-vNmaHiHB7QQ4HcrbcSk; PugT=1634151974; KRTBCOOKIE_153=19420-ZK1Iy2D5TM9_qEjFav9TyWSsTp9_qkjPa65q7KpM&KRTB&22979-ZK1Iy2D5TM9_qEjFav9TyWSsTp9_qkjPa65q7KpM; KRTBCOOKIE_57=22776-580923692186269670; KRTBCOOKIE_27=16735-uid:50066167-2e23-4200-b5ed-83ea8910f6fa&KRTB&16736-uid:50066167-2e23-4200-b5ed-83ea8910f6fa&KRTB&23019-uid:50066167-2e23-4200-b5ed-83ea8910f6fa&KRTB&23114-uid:50066167-2e23-4200-b5ed-83ea8910f6fa; KRTBCOOKIE_377=6810-1477a98c-c8a7-46df-ac54-fc4002216f30&KRTB&22918-1477a98c-c8a7-46df-ac54-fc4002216f30&KRTB&23031-1477a98c-c8a7-46df-ac54-fc4002216f30; KRTBCOOKIE_391=22924-3262634136460960445&KRTB&23263-3262634136460960445
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 13 Oct 2021 19:06:14 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_336=5844-405855181577769890; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 12-Nov-2021 19:06:14 GMT; path=/ PugT=1634151974; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 12-Nov-2021 19:06:14 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 11-Jan-2022 19:06:14 GMT; path=/
x-lat
lhrpug015:0:435
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=405855181577769890
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 9237
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
111 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=4051A24A-49C2-4797-987F-724EE6681D5C; chkChromeAb67Sec=1; SyncRTB3=1635292800%3A8_220_21_13_54_161_56_7_3%7C1635379200%3A35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 13 Oct 2021 19:06:14 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 11-Jan-2022 19:06:14 GMT; path=/
x-lat
lhrpug019:0:466
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

date
Wed, 13 Oct 2021 19:06:14 GMT
server
Kestrel
content-length
0
cache-control
no-cache
pragma
no-cache
expires
Wed, 13 Oct 2021 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
6955224
Pug
image2.pubmatic.com/AdServer/ Frame 3140
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDA1MUEyNEEtNDlDMi00Nzk3LTk4N0YtNzI0RUU2NjgxRDVD&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:14 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug017:0:384
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:14 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 3140
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIK-vNmaHiHB7QQ4HcrbcSk&google_cver=1
42 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIK-vNmaHiHB7QQ4HcrbcSk&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:14 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug016:0:308
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:14 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIK-vNmaHiHB7QQ4HcrbcSk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 3140 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
bc.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:14 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 12 Oct 2021 19:06:14 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 3140
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1477a98c-c8a7-46df-ac54-fc4002216f30
42 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1477a98c-c8a7-46df-ac54-fc4002216f30
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:14 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug015:0:347
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:14 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1477a98c-c8a7-46df-ac54-fc4002216f30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame 3140
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3262634136460960445
42 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3262634136460960445
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:14 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug016:0:680
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:14 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3262634136460960445
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 3140
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:50066167-2e23-4200-b5ed-83ea8910f6fa&gdpr=0&gdpr_consent=
42 B
649 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:50066167-2e23-4200-b5ed-83ea8910f6fa&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:14 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug013:0:394
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 13 Oct 2021 19:06:14 GMT
Server
MT3 3984 0e3af3b master zrh-pixel-x30 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:50066167-2e23-4200-b5ed-83ea8910f6fa&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 13 Oct 2021 19:06:13 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 3140
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=580923692186269670&gdpr=0&gdpr_consent=
42 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=580923692186269670&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:14 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug005:0:472
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Wed, 13 Oct 2021 19:06:14 GMT
X-Proxy-Origin
216.131.114.109; 216.131.114.109; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
e7750a06-db1a-4d19-af5f-3da6f5ea3524
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=580923692186269670&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 3140
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ZK1Iy2D5TM9_qEjFav9TyWSsTp9_qkjPa65q7KpM
42 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ZK1Iy2D5TM9_qEjFav9TyWSsTp9_qkjPa65q7KpM
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:14 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug014:0:373
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:14 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ZK1Iy2D5TM9_qEjFav9TyWSsTp9_qkjPa65q7KpM
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
yv
beap-bc.yahoo.com/ Frame E244 		43 B
313 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://beap-bc.yahoo.com/yv?sek=7359516153573995647:1634151971152&as=YAMPViewableImpressionPayload&av=2.19.0&kv=0&ea=1&ap=KZWzH70kDroKLW0VvoERz8gWHXigqIF9e6NaZMR0tPMFMpWGiTSE-cdoEkiTlrNNyFdINEDy0YH-4wGOkMxRpnaJOx4qgH1BtWk7sZ_-z7rU_M-eC5xcxmiC8t9EQ1BhEVti2ab3gweLCgM0z36T7U8J20IBWC-07zXJGq0dbddb803a1iLniYRHzKJFCz2tNShYAzRScWY0qK_J1tG2OPHq_tUMI22vkvWEyi5mAvc&iv=100&v=1&m=2&r=1634151975516&im=1&b=100&ad=jv=1.0.261:vd=0:na=0:ed=1:tpv=:tp=1:mt=7
Requested by
Host: cdn.js7k.com
URL: https://cdn.js7k.com/rq/iv/inside.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.118.23 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
e2.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 13 Oct 2021 19:06:15 GMT
referrer-policy
no-referrer-when-downgrade
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
x-xss-protection
1; mode=block
cache-control
no-cache, private
content-type
image/gif
content-length
43
x-content-type-options
nosniff
accept-charset
utf-8
yv
beap-bc.yahoo.com/ Frame 1099 		43 B
82 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://beap-bc.yahoo.com/yv?sek=9154366508332206292:1634151971159&as=YAMPViewableImpressionPayload&av=2.19.0&kv=0&ea=1&ap=gWLq6AdcT6fOoEUjULdbqNCItL6QPpRPh3oQZceDp0XZzzUkUTKulGwgt8pa9w_WzrqMSMchnFmetds6WQTjI0ls0Fy13Rkn4rCA_EPg_-tSpX5RdXcw0VVKfrYr00kXFU0xuiF8xctGgqB-KqP7RzI5mmae1sMm4KVkp946p5e1D5iw0MwrAX6No4zi8YlFtV06WnJFpjuukDG3nyXYG1wFglwL1ApaUolB3Qligcw&iv=100&v=1&m=2&r=1634151975563&im=1&b=5&ad=jv=1.0.261:vd=0:na=0:ed=1:tpv=:tp=1:mt=7
Requested by
Host: cdn.js7k.com
URL: https://cdn.js7k.com/rq/iv/inside-5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.118.23 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
e2.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://anotepad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 13 Oct 2021 19:06:15 GMT
referrer-policy
no-referrer-when-downgrade
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
x-xss-protection
1; mode=block
cache-control
no-cache, private
content-type
image/gif
content-length
43
x-content-type-options
nosniff
accept-charset
utf-8
SPug
simage4.pubmatic.com/AdServer/ Frame 3140 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156696&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:16 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
ssc-cms.33across.com/ps/ Frame 0FB4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cNQLIgg3Or7iD1aKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.22 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip22.67-202-105.static.steadfastdns.net
Software
33XP002 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&ru=deb&id=cNQLIgg3Or7iD1aKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://anotepad.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/

Response headers

x-33x-status
2000208
server
33XP002
date
Wed, 13 Oct 2021 19:06:16 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 9044 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://anotepad.com/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=580923692186269670
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Fri, 01 Oct 2021 05:08:47 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Wed, 13 Oct 2021 19:06:17 GMT
Age
50225
X-Served-By
cache-lga21949-LGA, cache-hhn4071-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 932536
X-Timer
S1634151977.290962,VS0,VE0
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame C1C8 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://anotepad.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=4051A24A-49C2-4797-987F-724EE6681D5C; chkChromeAb67Sec=1; SyncRTB3=1635292800%3A8_220_21_13_54_161_56_7_3%7C1635379200%3A35; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEIK-vNmaHiHB7QQ4HcrbcSk&KRTB&16514-CAESEIK-vNmaHiHB7QQ4HcrbcSk&KRTB&23025-CAESEIK-vNmaHiHB7QQ4HcrbcSk; PugT=1634151974; KRTBCOOKIE_153=19420-ZK1Iy2D5TM9_qEjFav9TyWSsTp9_qkjPa65q7KpM&KRTB&22979-ZK1Iy2D5TM9_qEjFav9TyWSsTp9_qkjPa65q7KpM; KRTBCOOKIE_57=22776-580923692186269670; KRTBCOOKIE_27=16735-uid:50066167-2e23-4200-b5ed-83ea8910f6fa&KRTB&16736-uid:50066167-2e23-4200-b5ed-83ea8910f6fa&KRTB&23019-uid:50066167-2e23-4200-b5ed-83ea8910f6fa&KRTB&23114-uid:50066167-2e23-4200-b5ed-83ea8910f6fa; KRTBCOOKIE_377=6810-1477a98c-c8a7-46df-ac54-fc4002216f30&KRTB&22918-1477a98c-c8a7-46df-ac54-fc4002216f30&KRTB&23031-1477a98c-c8a7-46df-ac54-fc4002216f30; KRTBCOOKIE_391=22924-3262634136460960445&KRTB&23263-3262634136460960445; KRTBCOOKIE_336=5844-405855181577769890; SPugT=1634151976
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=76901
expires
Thu, 14 Oct 2021 16:27:58 GMT
date
Wed, 13 Oct 2021 19:06:17 GMT
vary
Accept-Encoding
iframe
mantodea.mantisadnetwork.com/prebid/ Frame 96D2 		250 B
487 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1634151971273&secure=true&version=9&uuid=e8ee395f-23a7-468f-b509-e92ed9d74faf&title=Online%20Notepad%20-%20Cheating%20In%20Casino%20Gambling&url=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.80.147.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-147-122.compute-1.amazonaws.com
Software
/ Express
Resource Hash
df81f27eecd20dc520adc28394b76f0af92e595f2b0bf085abaeff111b48e84b

Request headers

:method
GET
:authority
mantodea.mantisadnetwork.com
:scheme
https
:path
/prebid/iframe?tz=0&buster=1634151971273&secure=true&version=9&uuid=e8ee395f-23a7-468f-b509-e92ed9d74faf&title=Online%20Notepad%20-%20Cheating%20In%20Casino%20Gambling&url=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://anotepad.com/
accept-encoding
gzip, deflate, br
cookie
uuid=53277fe8-1438-490f-a338-a57130ce7760
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/

Response headers

date
Wed, 13 Oct 2021 19:06:17 GMT
content-type
text/html; charset=utf-8
content-length
250
x-powered-by
Express
vary
Origin
access-control-allow-credentials
true
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
expires
-1
etag
W/"fa-cNq81bdjYHNg1+/tWtLuNZ4Fatc"
ixmatch.html
js-sec.indexww.com/um/ Frame A896 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://anotepad.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Wed, 13 Oct 2021 19:06:17 GMT
Connection
keep-alive
iframe
mantodea.mantisadnetwork.com/prebid/ Frame 8D29 		250 B
487 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1634151971243&secure=true&version=9&uuid=e8ee395f-23a7-468f-b509-e92ed9d74faf&title=Online%20Notepad%20-%20Cheating%20In%20Casino%20Gambling&url=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.80.147.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-147-122.compute-1.amazonaws.com
Software
/ Express
Resource Hash
df81f27eecd20dc520adc28394b76f0af92e595f2b0bf085abaeff111b48e84b

Request headers

:method
GET
:authority
mantodea.mantisadnetwork.com
:scheme
https
:path
/prebid/iframe?tz=0&buster=1634151971243&secure=true&version=9&uuid=e8ee395f-23a7-468f-b509-e92ed9d74faf&title=Online%20Notepad%20-%20Cheating%20In%20Casino%20Gambling&url=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://anotepad.com/
accept-encoding
gzip, deflate, br
cookie
uuid=53277fe8-1438-490f-a338-a57130ce7760
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/

Response headers

date
Wed, 13 Oct 2021 19:06:17 GMT
content-type
text/html; charset=utf-8
content-length
250
x-powered-by
Express
vary
Origin
access-control-allow-credentials
true
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
expires
-1
etag
W/"fa-cNq81bdjYHNg1+/tWtLuNZ4Fatc"
usync.html
eus.rubiconproject.com/ Frame 0686 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://anotepad.com/
Accept-Encoding
gzip, deflate, br
Cookie
khaos=KUPVW2M4-23-GWKJ; rsid=1|HsGqLFsFr/vVSy6g0MQzNQWiuYBcZJvAvCF6IsCkVVwnwYaQOmrhRqqbYb+IjI/LQRqus1OnYX6qF0anVSaRRFrEpFc6uQw19gMkasvdREJwzG6qEKdWU6r+VKDRWVv/VO/a+hEPPQ==; audit=1|hLZGFuTafB1xHO3ZIGcdwwl6iaFq5H9E65HkMoHfumD2QI370TZ44D4QikRz8kbZ4HEYI5ehIrWMOGVKCaaiLdzpQ7vzkXQ/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
ETag
"403b8-119-5cd3a8e7e6a80"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 13 Oct 2021 19:06:17 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 6F87 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://anotepad.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=4051A24A-49C2-4797-987F-724EE6681D5C; chkChromeAb67Sec=1; SyncRTB3=1635292800%3A8_220_21_13_54_161_56_7_3%7C1635379200%3A35; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEIK-vNmaHiHB7QQ4HcrbcSk&KRTB&16514-CAESEIK-vNmaHiHB7QQ4HcrbcSk&KRTB&23025-CAESEIK-vNmaHiHB7QQ4HcrbcSk; PugT=1634151974; KRTBCOOKIE_153=19420-ZK1Iy2D5TM9_qEjFav9TyWSsTp9_qkjPa65q7KpM&KRTB&22979-ZK1Iy2D5TM9_qEjFav9TyWSsTp9_qkjPa65q7KpM; KRTBCOOKIE_57=22776-580923692186269670; KRTBCOOKIE_27=16735-uid:50066167-2e23-4200-b5ed-83ea8910f6fa&KRTB&16736-uid:50066167-2e23-4200-b5ed-83ea8910f6fa&KRTB&23019-uid:50066167-2e23-4200-b5ed-83ea8910f6fa&KRTB&23114-uid:50066167-2e23-4200-b5ed-83ea8910f6fa; KRTBCOOKIE_377=6810-1477a98c-c8a7-46df-ac54-fc4002216f30&KRTB&22918-1477a98c-c8a7-46df-ac54-fc4002216f30&KRTB&23031-1477a98c-c8a7-46df-ac54-fc4002216f30; KRTBCOOKIE_391=22924-3262634136460960445&KRTB&23263-3262634136460960445; KRTBCOOKIE_336=5844-405855181577769890; SPugT=1634151976
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=76901
expires
Thu, 14 Oct 2021 16:27:58 GMT
date
Wed, 13 Oct 2021 19:06:17 GMT
vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame 3291 		1006 B
848 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
e4f9e20e5d9602f0d42125d8a5b146fa69140fa15a919b1d369e3f6bb8753629

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://anotepad.com/
accept-encoding
gzip, deflate, br
cookie
i=09e0592b-6e94-4c2e-b800-bc290207e5e5|1634151970
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=09e0592b-6e94-4c2e-b800-bc290207e5e5|1634151970; Version=1; Expires=Thu, 13-Oct-2022 19:06:17 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1634151977|mOgeginskin0vNomiygu; Version=1; Expires=Thu, 28-Oct-2021 19:06:17 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.217.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 13 Oct 2021 19:06:17 GMT
content-type
text/html
content-length
543
content-encoding
gzip
via
1.1 google
alt-svc
clear
pd
eu-u.openx.net/w/1.0/ Frame 0567 		1006 B
860 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
e4f9e20e5d9602f0d42125d8a5b146fa69140fa15a919b1d369e3f6bb8753629

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://anotepad.com/
accept-encoding
gzip, deflate, br
cookie
i=09e0592b-6e94-4c2e-b800-bc290207e5e5|1634151970
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=09e0592b-6e94-4c2e-b800-bc290207e5e5|1634151970; Version=1; Expires=Thu, 13-Oct-2022 19:06:17 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1634151977|mOgeginskin0vNomiygu; Version=1; Expires=Thu, 28-Oct-2021 19:06:17 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.217.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 13 Oct 2021 19:06:17 GMT
content-type
text/html
content-length
543
content-encoding
gzip
via
1.1 google
alt-svc
clear
ixmatch.html
js-sec.indexww.com/um/ Frame 1A10 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://anotepad.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Wed, 13 Oct 2021 19:06:17 GMT
Connection
keep-alive
async_usersync.html
acdn.adnxs.com/dmp/ Frame 4E95 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://anotepad.com/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=580923692186269670
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Fri, 01 Oct 2021 05:08:47 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Wed, 13 Oct 2021 19:06:17 GMT
Age
50226
X-Served-By
cache-lga21949-LGA, cache-hhn4069-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 935953
X-Timer
S1634151977.290589,VS0,VE0
Vary
Accept-Encoding
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid
  • https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid
  • https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=themediagrid&bsw_uid=b817ecbe-4596-42f2-812d-121e492a4d7d
  • https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=themediagrid&bsw_uid=b817ecbe-4596-42f2-812d-121e492a4d7d
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=9fd31095-4a89-42cb-88e2-2fb3d7416935&ssp=themediagrid
43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=9fd31095-4a89-42cb-88e2-2fb3d7416935&ssp=themediagrid
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.82.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-82-137.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://anotepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 13 Oct 2021 19:06:17 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=9fd31095-4a89-42cb-88e2-2fb3d7416935&ssp=themediagrid
Date
Wed, 13 Oct 2021 19:06:17 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame C1C8 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=40779305&p=156696&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
746aa36d35981bc97017199cff5b942efb2c047daa83357c279129422fb16651

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:16 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame 480A 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=4051A24A-49C2-4797-987F-724EE6681D5C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?party=14&cid=4051A24A-49C2-4797-987F-724EE6681D5C
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
C=1; uid=3262634136460960445
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 13 Oct 2021 19:06:17 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=3262634136460960445; expires=Sun, 12 Dec 2021 19:06:17 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 7151
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7018629302215702668
42 B
365 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7018629302215702668
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7018629302215702668
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=4051A24A-49C2-4797-987F-724EE6681D5C; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEIK-vNmaHiHB7QQ4HcrbcSk&KRTB&16514-CAESEIK-vNmaHiHB7QQ4HcrbcSk&KRTB&23025-CAESEIK-vNmaHiHB7QQ4HcrbcSk; KRTBCOOKIE_153=19420-ZK1Iy2D5TM9_qEjFav9TyWSsTp9_qkjPa65q7KpM&KRTB&22979-ZK1Iy2D5TM9_qEjFav9TyWSsTp9_qkjPa65q7KpM; KRTBCOOKIE_57=22776-580923692186269670; KRTBCOOKIE_27=16735-uid:50066167-2e23-4200-b5ed-83ea8910f6fa&KRTB&16736-uid:50066167-2e23-4200-b5ed-83ea8910f6fa&KRTB&23019-uid:50066167-2e23-4200-b5ed-83ea8910f6fa&KRTB&23114-uid:50066167-2e23-4200-b5ed-83ea8910f6fa; KRTBCOOKIE_377=6810-1477a98c-c8a7-46df-ac54-fc4002216f30&KRTB&22918-1477a98c-c8a7-46df-ac54-fc4002216f30&KRTB&23031-1477a98c-c8a7-46df-ac54-fc4002216f30; KRTBCOOKIE_391=22924-3262634136460960445&KRTB&23263-3262634136460960445; KRTBCOOKIE_336=5844-405855181577769890; SPugT=1634151976; DPSync3=1634169600%3A174%7C1635292800%3A197_219_201; SyncRTB3=1636675200%3A203%7C1634947200%3A63%7C1635379200%3A35%7C1639267200%3A69%7C1635292800%3A21_56_57_8_13_55_234_81_222_220_231_104_161_88_7_166_204_165_189_71_22_230_176_54_3_99_5_233%7C1634688000%3A223_15_2; KRTBCOOKIE_218=22978-YWcuIwAI3Dkr6gAT&KRTB&23194-YWcuIwAI3Dkr6gAT&KRTB&23209-YWcuIwAI3Dkr6gAT&KRTB&23244-YWcuIwAI3Dkr6gAT; KRTBCOOKIE_409=22966-pUBnjyMuCN86HOs5w0aFXpDa; KRTBCOOKIE_22=14911-2417546668163973526; KRTBCOOKIE_107=1471-uid:heZBLr3p1MAJzX5; KRTBCOOKIE_188=3189-19ddf919-9d85-4694-a31e-99813f5eb0f0-61672e29-5553; KRTBCOOKIE_594=17107-RX-d4cfffca-1acd-41f0-9345-444160c45c87-003; KRTBCOOKIE_466=16530-b817ecbe-4596-42f2-812d-121e492a4d7d; KRTBCOOKIE_699=22727-AAB7k07CzlwAABYbmZ_6bQ; chkChromeAb67Sec=3; KRTBCOOKIE_860=16335-dxwe_XiuRmxQmUo1KPzaFNiDcm0; KRTBCOOKIE_279=22890-a4f6459b-2c58-11ec-932f-e7cb121077e6&KRTB&23011-a4f6459b-2c58-11ec-932f-e7cb121077e6; PugT=1634151978
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 13 Oct 2021 19:06:18 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_1101=23040-7018629302215702668; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 12-Nov-2021 19:06:18 GMT; path=/ PugT=1634151978; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 12-Nov-2021 19:06:18 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 11-Jan-2022 19:06:18 GMT; path=/
x-lat
lhrpug007:0:982
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Wed, 13 Oct 2021 19:06:18 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=7018629302215702668; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7018629302215702668
Pug
image2.pubmatic.com/AdServer/ Frame 74DB
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFKN1NrN0N6bHdBQUdZcnFuU1lBdw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAB7k07CzlwAABYbmZ_6bQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_curre...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=7129270743775468267
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAB7k07CzlwAABYbmZ_6bQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D7129270743775468267%26bee_sync_partners%3Dpm%26bee_sync...
  • https://match.prod.bidr.io/cookie-sync?userid=7129270743775468267&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAB7k07CzlwAABYbmZ_6bQ&pid=558502&d...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAB7k07CzlwAABYbmZ_6bQ
42 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAB7k07CzlwAABYbmZ_6bQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAB7k07CzlwAABYbmZ_6bQ
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=4051A24A-49C2-4797-987F-724EE6681D5C; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEIK-vNmaHiHB7QQ4HcrbcSk&KRTB&16514-CAESEIK-vNmaHiHB7QQ4HcrbcSk&KRTB&23025-CAESEIK-vNmaHiHB7QQ4HcrbcSk; KRTBCOOKIE_153=19420-ZK1Iy2D5TM9_qEjFav9TyWSsTp9_qkjPa65q7KpM&KRTB&22979-ZK1Iy2D5TM9_qEjFav9TyWSsTp9_qkjPa65q7KpM; KRTBCOOKIE_57=22776-580923692186269670; KRTBCOOKIE_27=16735-uid:50066167-2e23-4200-b5ed-83ea8910f6fa&KRTB&16736-uid:50066167-2e23-4200-b5ed-83ea8910f6fa&KRTB&23019-uid:50066167-2e23-4200-b5ed-83ea8910f6fa&KRTB&23114-uid:50066167-2e23-4200-b5ed-83ea8910f6fa; KRTBCOOKIE_377=6810-1477a98c-c8a7-46df-ac54-fc4002216f30&KRTB&22918-1477a98c-c8a7-46df-ac54-fc4002216f30&KRTB&23031-1477a98c-c8a7-46df-ac54-fc4002216f30; KRTBCOOKIE_391=22924-3262634136460960445&KRTB&23263-3262634136460960445; KRTBCOOKIE_336=5844-405855181577769890; SPugT=1634151976; DPSync3=1634169600%3A174%7C1635292800%3A197_219_201; SyncRTB3=1636675200%3A203%7C1634947200%3A63%7C1635379200%3A35%7C1639267200%3A69%7C1635292800%3A21_56_57_8_13_55_234_81_222_220_231_104_161_88_7_166_204_165_189_71_22_230_176_54_3_99_5_233%7C1634688000%3A223_15_2; KRTBCOOKIE_218=22978-YWcuIwAI3Dkr6gAT&KRTB&23194-YWcuIwAI3Dkr6gAT&KRTB&23209-YWcuIwAI3Dkr6gAT&KRTB&23244-YWcuIwAI3Dkr6gAT; PugT=1634151977; KRTBCOOKIE_409=22966-pUBnjyMuCN86HOs5w0aFXpDa; KRTBCOOKIE_22=14911-2417546668163973526; KRTBCOOKIE_107=1471-uid:heZBLr3p1MAJzX5; KRTBCOOKIE_188=3189-19ddf919-9d85-4694-a31e-99813f5eb0f0-61672e29-5553; KRTBCOOKIE_594=17107-RX-d4cfffca-1acd-41f0-9345-444160c45c87-003; KRTBCOOKIE_466=16530-b817ecbe-4596-42f2-812d-121e492a4d7d; KRTBCOOKIE_699=22727-AAB7k07CzlwAABYbmZ_6bQ; chkChromeAb67Sec=3; KRTBCOOKIE_860=16335-dxwe_XiuRmxQmUo1KPzaFNiDcm0; KRTBCOOKIE_279=22890-a4f6459b-2c58-11ec-932f-e7cb121077e6&KRTB&23011-a4f6459b-2c58-11ec-932f-e7cb121077e6
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 13 Oct 2021 19:06:18 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_699=22727-AAB7k07CzlwAABYbmZ_6bQ; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 12-Nov-2021 19:06:18 GMT; path=/ PugT=1634151978; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 12-Nov-2021 19:06:18 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 11-Jan-2022 19:06:18 GMT; path=/
x-lat
lhrpug012:0:492
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Wed, 13 Oct 2021 19:06:18 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAB7k07CzlwAABYbmZ_6bQ
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame D630
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
88 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=4051A24A-49C2-4797-987F-724EE6681D5C; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEIK-vNmaHiHB7QQ4HcrbcSk&KRTB&16514-CAESEIK-vNmaHiHB7QQ4HcrbcSk&KRTB&23025-CAESEIK-vNmaHiHB7QQ4HcrbcSk; KRTBCOOKIE_153=19420-ZK1Iy2D5TM9_qEjFav9TyWSsTp9_qkjPa65q7KpM&KRTB&22979-ZK1Iy2D5TM9_qEjFav9TyWSsTp9_qkjPa65q7KpM; KRTBCOOKIE_57=22776-580923692186269670; KRTBCOOKIE_27=16735-uid:50066167-2e23-4200-b5ed-83ea8910f6fa&KRTB&16736-uid:50066167-2e23-4200-b5ed-83ea8910f6fa&KRTB&23019-uid:50066167-2e23-4200-b5ed-83ea8910f6fa&KRTB&23114-uid:50066167-2e23-4200-b5ed-83ea8910f6fa; KRTBCOOKIE_377=6810-1477a98c-c8a7-46df-ac54-fc4002216f30&KRTB&22918-1477a98c-c8a7-46df-ac54-fc4002216f30&KRTB&23031-1477a98c-c8a7-46df-ac54-fc4002216f30; KRTBCOOKIE_391=22924-3262634136460960445&KRTB&23263-3262634136460960445; KRTBCOOKIE_336=5844-405855181577769890; SPugT=1634151976; chkChromeAb67Sec=2; DPSync3=1634169600%3A174%7C1635292800%3A197_219_201; SyncRTB3=1636675200%3A203%7C1634947200%3A63%7C1635379200%3A35%7C1639267200%3A69%7C1635292800%3A21_56_57_8_13_55_234_81_222_220_231_104_161_88_7_166_204_165_189_71_22_230_176_54_3_99_5_233%7C1634688000%3A223_15_2; KRTBCOOKIE_218=22978-YWcuIwAI3Dkr6gAT&KRTB&23194-YWcuIwAI3Dkr6gAT&KRTB&23209-YWcuIwAI3Dkr6gAT&KRTB&23244-YWcuIwAI3Dkr6gAT; PugT=1634151977; KRTBCOOKIE_409=22966-pUBnjyMuCN86HOs5w0aFXpDa
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 13 Oct 2021 19:06:17 GMT
content-type
text/html; charset=utf-8
x-lat
lhrpug006:2:320
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

set-cookie
viewer_token=69ce1f37-5276-4953-a632-2eede52dd749; path=/; domain=csync.loopme.me; Expires=Sat, 13-Nov-2021 19:06:17 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length
0
date
Wed, 13 Oct 2021 19:06:17 GMT
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame DB38
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4869990950
  • https://sync.1rx.io/usersync/tradedesk/1477a98c-c8a7-46df-ac54-fc4002216f30
  • https://sync.targeting.unrulymedia.com/csync/RX-d4cfffca-1acd-41f0-9345-444160c45c87-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-d4cfffca-1acd-41f0-9345-444160c45c87-003
42 B
228 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-d4cfffca-1acd-41f0-9345-444160c45c87-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-d4cfffca-1acd-41f0-9345-444160c45c87-003
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=4051A24A-49C2-4797-987F-724EE6681D5C; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEIK-vNmaHiHB7QQ4HcrbcSk&KRTB&16514-CAESEIK-vNmaHiHB7QQ4HcrbcSk&KRTB&23025-CAESEIK-vNmaHiHB7QQ4HcrbcSk; KRTBCOOKIE_153=19420-ZK1Iy2D5TM9_qEjFav9TyWSsTp9_qkjPa65q7KpM&KRTB&22979-ZK1Iy2D5TM9_qEjFav9TyWSsTp9_qkjPa65q7KpM; KRTBCOOKIE_57=22776-580923692186269670; KRTBCOOKIE_27=16735-uid:50066167-2e23-4200-b5ed-83ea8910f6fa&KRTB&16736-uid:50066167-2e23-4200-b5ed-83ea8910f6fa&KRTB&23019-uid:50066167-2e23-4200-b5ed-83ea8910f6fa&KRTB&23114-uid:50066167-2e23-4200-b5ed-83ea8910f6fa; KRTBCOOKIE_377=6810-1477a98c-c8a7-46df-ac54-fc4002216f30&KRTB&22918-1477a98c-c8a7-46df-ac54-fc4002216f30&KRTB&23031-1477a98c-c8a7-46df-ac54-fc4002216f30; KRTBCOOKIE_391=22924-3262634136460960445&KRTB&23263-3262634136460960445; KRTBCOOKIE_336=5844-405855181577769890; SPugT=1634151976; chkChromeAb67Sec=2; DPSync3=1634169600%3A174%7C1635292800%3A197_219_201; SyncRTB3=1636675200%3A203%7C1634947200%3A63%7C1635379200%3A35%7C1639267200%3A69%7C1635292800%3A21_56_57_8_13_55_234_81_222_220_231_104_161_88_7_166_204_165_189_71_22_230_176_54_3_99_5_233%7C1634688000%3A223_15_2; KRTBCOOKIE_218=22978-YWcuIwAI3Dkr6gAT&KRTB&23194-YWcuIwAI3Dkr6gAT&KRTB&23209-YWcuIwAI3Dkr6gAT&KRTB&23244-YWcuIwAI3Dkr6gAT; PugT=1634151977; KRTBCOOKIE_409=22966-pUBnjyMuCN86HOs5w0aFXpDa; KRTBCOOKIE_22=14911-2417546668163973526; KRTBCOOKIE_107=1471-uid:heZBLr3p1MAJzX5; KRTBCOOKIE_188=3189-19ddf919-9d85-4694-a31e-99813f5eb0f0-61672e29-5553
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 13 Oct 2021 19:06:17 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_594=17107-RX-d4cfffca-1acd-41f0-9345-444160c45c87-003; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 12-Nov-2021 19:06:17 GMT; path=/ PugT=1634151977; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 12-Nov-2021 19:06:17 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 11-Jan-2022 19:06:17 GMT; path=/
x-lat
lhrpug015:0:418
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Wed, 13 Oct 2021 19:06:17 GMT
content-type
text/html
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-d4cfffca-1acd-41f0-9345-444160c45c87-003%22%7D; path=/; expires=Thu, 13 Oct 2022 19:06:17 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-d4cfffca-1acd-41f0-9345-444160c45c87-003
etag
RXd4cfffca1acd41f09345444160c45c87003
Pug
image2.pubmatic.com/AdServer/ Frame F62B
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=pUBnjyMuCN86HOs5w0aFXpDa
42 B
371 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=pUBnjyMuCN86HOs5w0aFXpDa
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=pUBnjyMuCN86HOs5w0aFXpDa
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=4051A24A-49C2-4797-987F-724EE6681D5C; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEIK-vNmaHiHB7QQ4HcrbcSk&KRTB&16514-CAESEIK-vNmaHiHB7QQ4HcrbcSk&KRTB&23025-CAESEIK-vNmaHiHB7QQ4HcrbcSk; PugT=1634151974; KRTBCOOKIE_153=19420-ZK1Iy2D5TM9_qEjFav9TyWSsTp9_qkjPa65q7KpM&KRTB&22979-ZK1Iy2D5TM9_qEjFav9TyWSsTp9_qkjPa65q7KpM; KRTBCOOKIE_57=22776-580923692186269670; KRTBCOOKIE_27=16735-uid:50066167-2e23-4200-b5ed-83ea8910f6fa&KRTB&16736-uid:50066167-2e23-4200-b5ed-83ea8910f6fa&KRTB&23019-uid:50066167-2e23-4200-b5ed-83ea8910f6fa&KRTB&23114-uid:50066167-2e23-4200-b5ed-83ea8910f6fa; KRTBCOOKIE_377=6810-1477a98c-c8a7-46df-ac54-fc4002216f30&KRTB&22918-1477a98c-c8a7-46df-ac54-fc4002216f30&KRTB&23031-1477a98c-c8a7-46df-ac54-fc4002216f30; KRTBCOOKIE_391=22924-3262634136460960445&KRTB&23263-3262634136460960445; KRTBCOOKIE_336=5844-405855181577769890; SPugT=1634151976; chkChromeAb67Sec=2; DPSync3=1634169600%3A174%7C1635292800%3A197_219_201; SyncRTB3=1636675200%3A203%7C1634947200%3A63%7C1635379200%3A35%7C1639267200%3A69%7C1635292800%3A21_56_57_8_13_55_234_81_222_220_231_104_161_88_7_166_204_165_189_71_22_230_176_54_3_99_5_233%7C1634688000%3A223_15_2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 13 Oct 2021 19:06:17 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_409=22966-pUBnjyMuCN86HOs5w0aFXpDa; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 12-Nov-2021 19:06:17 GMT; path=/ PugT=1634151977; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 12-Nov-2021 19:06:17 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 11-Jan-2022 19:06:17 GMT; path=/
x-lat
lhrpug011:0:393
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Wed, 13 Oct 2021 19:06:17 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=pUBnjyMuCN86HOs5w0aFXpDa; Max-Age=31536000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=pUBnjyMuCN86HOs5w0aFXpDa
strict-transport-security
max-age=0; includeSubDomains;
bridge
cm.adgrx.com/ Frame 4B79 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.204 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Date
Wed, 13 Oct 2021 19:06:17 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-6
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
dpe
ad4m.at/ad/ Frame B83F 		15 B
915 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 13 Oct 2021 19:06:17 GMT
content-type
text/plain; charset=utf-8
content-length
15
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
69dad8229a0b2488-FRA
i.match
s.tribalfusion.com/z/ Frame 68B8
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
417 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
ANON_ID=a5noeUsjyDymTFMcEJry5oOVMTYc33TTQw75GOYe
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 13 Oct 2021 19:06:17 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=aunseFwl6h6bQQwbQQqHWZaj6nC594ZalorwSpQqxFPDvaQP0qnoOhRQRYifro1SZbF5WDMbF0kCI5lYNZc6gyaL; path=/; domain=.tribalfusion.com; expires=Tue, 11-Jan-2022 19:06:17 GMT; SameSite=None; Secure; ANON_ID_old=aunseFwl6h6bQQwbQQqHWZaj6nC594ZalorwSpQqxFPDvaQP0qnoOhRQRYifro1SZbF5WDMbF0kCI5lYNZc6gyaL; path=/; domain=.tribalfusion.com; expires=Tue, 11-Jan-2022 19:06:17 GMT;
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
69dad823aa06176a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Wed, 13 Oct 2021 19:06:17 GMT
content-type
text/html
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
428
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=a5noeUsjyDymTFMcEJry5oOVMTYc33TTQw75GOYe; path=/; domain=.tribalfusion.com; expires=Tue, 11-Jan-2022 19:06:17 GMT; SameSite=None; Secure; ANON_ID_old=a5noeUsjyDymTFMcEJry5oOVMTYc33TTQw75GOYe; path=/; domain=.tribalfusion.com; expires=Tue, 11-Jan-2022 19:06:17 GMT;
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
69dad8229862176a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame B1E3
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=392d9e7a-0486-4aa0-b5b7-08fd4c96584c-tuct860b3a9&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=392d9e7a-0486-4aa0-b5b7-08fd4c96584c-tuct860b3a9&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=392d9e7a-0486-4aa0-b5b7-08fd4c96584c-tuct860b3a9&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
t_gid=392d9e7a-0486-4aa0-b5b7-08fd4c96584c-tuct860b3a9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Wed, 13 Oct 2021 19:06:20 GMT
via
1.1 varnish
x-served-by
cache-fra19138-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1634151980.128402,VS0,VE8
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=392d9e7a-0486-4aa0-b5b7-08fd4c96584c-tuct860b3a9;Version=1;Path=/;Domain=.taboola.com;Expires=Thu, 13-Oct-2022 19:06:17 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=392d9e7a-0486-4aa0-b5b7-08fd4c96584c-tuct860b3a9&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Wed, 13 Oct 2021 19:06:20 GMT
via
1.1 varnish
x-served-by
cache-fra19138-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1634151980.094695,VS0,VE9
x-vcl-time-ms
9
content-length
0
141
match.deepintent.com/usersync/ Frame EF53 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.deepintent.com
:scheme
https
:path
/usersync/141?gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Wed, 13 Oct 2021 19:06:17 GMT
server
a
Pug
simage2.pubmatic.com/AdServer/ Frame 5592
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:heZBLr3p1MAJzX5&gdpr=0&gdpr_consent=
42 B
212 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:heZBLr3p1MAJzX5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:heZBLr3p1MAJzX5&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=4051A24A-49C2-4797-987F-724EE6681D5C; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEIK-vNmaHiHB7QQ4HcrbcSk&KRTB&16514-CAESEIK-vNmaHiHB7QQ4HcrbcSk&KRTB&23025-CAESEIK-vNmaHiHB7QQ4HcrbcSk; KRTBCOOKIE_153=19420-ZK1Iy2D5TM9_qEjFav9TyWSsTp9_qkjPa65q7KpM&KRTB&22979-ZK1Iy2D5TM9_qEjFav9TyWSsTp9_qkjPa65q7KpM; KRTBCOOKIE_57=22776-580923692186269670; KRTBCOOKIE_27=16735-uid:50066167-2e23-4200-b5ed-83ea8910f6fa&KRTB&16736-uid:50066167-2e23-4200-b5ed-83ea8910f6fa&KRTB&23019-uid:50066167-2e23-4200-b5ed-83ea8910f6fa&KRTB&23114-uid:50066167-2e23-4200-b5ed-83ea8910f6fa; KRTBCOOKIE_377=6810-1477a98c-c8a7-46df-ac54-fc4002216f30&KRTB&22918-1477a98c-c8a7-46df-ac54-fc4002216f30&KRTB&23031-1477a98c-c8a7-46df-ac54-fc4002216f30; KRTBCOOKIE_391=22924-3262634136460960445&KRTB&23263-3262634136460960445; KRTBCOOKIE_336=5844-405855181577769890; SPugT=1634151976; chkChromeAb67Sec=2; DPSync3=1634169600%3A174%7C1635292800%3A197_219_201; SyncRTB3=1636675200%3A203%7C1634947200%3A63%7C1635379200%3A35%7C1639267200%3A69%7C1635292800%3A21_56_57_8_13_55_234_81_222_220_231_104_161_88_7_166_204_165_189_71_22_230_176_54_3_99_5_233%7C1634688000%3A223_15_2; KRTBCOOKIE_218=22978-YWcuIwAI3Dkr6gAT&KRTB&23194-YWcuIwAI3Dkr6gAT&KRTB&23209-YWcuIwAI3Dkr6gAT&KRTB&23244-YWcuIwAI3Dkr6gAT; PugT=1634151977; KRTBCOOKIE_409=22966-pUBnjyMuCN86HOs5w0aFXpDa
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 13 Oct 2021 19:06:17 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_107=1471-uid:heZBLr3p1MAJzX5; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 11-Jan-2022 19:06:17 GMT; path=/ PugT=1634151977; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 12-Nov-2021 19:06:17 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 11-Jan-2022 19:06:17 GMT; path=/
x-lat
lhrpug009:0:456
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Wed, 13 Oct 2021 19:06:17 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:heZBLr3p1MAJzX5&gdpr=0&gdpr_consent=
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma
no-cache
Server
PingMatch/8a430fa#rel-ec2-master i-0fc5286985aeff2d6@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Set-Cookie
wfivefivec=heZBLr3p1MAJzX5; Domain=.w55c.net; Expires=Sun, 13-Nov-2022 19:06:17 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Fri, 12-Nov-2021 19:06:17 GMT; Path=/; SameSite=None; Secure
Strict-Transport-Security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
match_redirect
um.simpli.fi/ Frame 39BD
Redirect Chain
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
  • https://um.simpli.fi/match_redirect?sifi_redir=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
43 B
361 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um.simpli.fi/match_redirect?sifi_redir=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
bc.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
um.simpli.fi
:scheme
https
:path
/match_redirect?sifi_redir=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
suid=188C7BC606E34701BFD67991850CF15D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 13 Oct 2021 19:06:17 GMT
content-type
image/gif
content-length
43
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

Redirect headers

Server
nginx
Date
Wed, 13 Oct 2021 19:06:17 GMT
Content-Length
0
Connection
keep-alive
Set-Cookie
rx_sspurl_10738=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D4c0cbccf-e5a7-4f9f-bb4d-eac45623f074; domain=.bnmla.com; path=/; SameSite=none; Secure; Expires=Wed, 13 Oct 2021 19:16:17 GMT rx_uuid=4c0cbccf-e5a7-4f9f-bb4d-eac45623f074; domain=.bnmla.com; path=/; SameSite=none; Secure; Expires=Thu, 28 Oct 2021 19:06:17 GMT rx_maxage_10738=1635447977; domain=.bnmla.com; path=/; SameSite=none; Secure; Expires=Thu, 28 Oct 2021 19:06:17 GMT rx_sspid_10738=6; domain=.bnmla.com; path=/; SameSite=none; Secure; Expires=Wed, 13 Oct 2021 19:16:17 GMT
Location
https://um.simpli.fi/match_redirect?sifi_redir=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
Pug
simage2.pubmatic.com/AdServer/ Frame BE68
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:188C7BC606E34701BFD67991850CF15D
1 B
164 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:188C7BC606E34701BFD67991850CF15D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:188C7BC606E34701BFD67991850CF15D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=4051A24A-49C2-4797-987F-724EE6681D5C; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEIK-vNmaHiHB7QQ4HcrbcSk&KRTB&16514-CAESEIK-vNmaHiHB7QQ4HcrbcSk&KRTB&23025-CAESEIK-vNmaHiHB7QQ4HcrbcSk; PugT=1634151974; KRTBCOOKIE_153=19420-ZK1Iy2D5TM9_qEjFav9TyWSsTp9_qkjPa65q7KpM&KRTB&22979-ZK1Iy2D5TM9_qEjFav9TyWSsTp9_qkjPa65q7KpM; KRTBCOOKIE_57=22776-580923692186269670; KRTBCOOKIE_27=16735-uid:50066167-2e23-4200-b5ed-83ea8910f6fa&KRTB&16736-uid:50066167-2e23-4200-b5ed-83ea8910f6fa&KRTB&23019-uid:50066167-2e23-4200-b5ed-83ea8910f6fa&KRTB&23114-uid:50066167-2e23-4200-b5ed-83ea8910f6fa; KRTBCOOKIE_377=6810-1477a98c-c8a7-46df-ac54-fc4002216f30&KRTB&22918-1477a98c-c8a7-46df-ac54-fc4002216f30&KRTB&23031-1477a98c-c8a7-46df-ac54-fc4002216f30; KRTBCOOKIE_391=22924-3262634136460960445&KRTB&23263-3262634136460960445; KRTBCOOKIE_336=5844-405855181577769890; SPugT=1634151976; chkChromeAb67Sec=2; DPSync3=1634169600%3A174%7C1635292800%3A197_219_201; SyncRTB3=1636675200%3A203%7C1634947200%3A63%7C1635379200%3A35%7C1639267200%3A69%7C1635292800%3A21_56_57_8_13_55_234_81_222_220_231_104_161_88_7_166_204_165_189_71_22_230_176_54_3_99_5_233%7C1634688000%3A223_15_2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 13 Oct 2021 19:06:17 GMT
content-type
text/html; charset=utf-8
content-length
1
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 11-Jan-2022 19:06:17 GMT; path=/
x-lat
lhrpug014:0:373
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Wed, 13 Oct 2021 19:06:17 GMT
content-type
text/html
content-length
142
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:188C7BC606E34701BFD67991850CF15D
expires
Tue, 12 Oct 2021 19:06:17 GMT
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Pug
simage2.pubmatic.com/AdServer/ Frame 6720
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=dxwe_XiuRmxQmUo1KPzaFNiDcm0
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=dxwe_XiuRmxQmUo1KPzaFNiDcm0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=dxwe_XiuRmxQmUo1KPzaFNiDcm0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=4051A24A-49C2-4797-987F-724EE6681D5C; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEIK-vNmaHiHB7QQ4HcrbcSk&KRTB&16514-CAESEIK-vNmaHiHB7QQ4HcrbcSk&KRTB&23025-CAESEIK-vNmaHiHB7QQ4HcrbcSk; KRTBCOOKIE_153=19420-ZK1Iy2D5TM9_qEjFav9TyWSsTp9_qkjPa65q7KpM&KRTB&22979-ZK1Iy2D5TM9_qEjFav9TyWSsTp9_qkjPa65q7KpM; KRTBCOOKIE_57=22776-580923692186269670; KRTBCOOKIE_27=16735-uid:50066167-2e23-4200-b5ed-83ea8910f6fa&KRTB&16736-uid:50066167-2e23-4200-b5ed-83ea8910f6fa&KRTB&23019-uid:50066167-2e23-4200-b5ed-83ea8910f6fa&KRTB&23114-uid:50066167-2e23-4200-b5ed-83ea8910f6fa; KRTBCOOKIE_377=6810-1477a98c-c8a7-46df-ac54-fc4002216f30&KRTB&22918-1477a98c-c8a7-46df-ac54-fc4002216f30&KRTB&23031-1477a98c-c8a7-46df-ac54-fc4002216f30; KRTBCOOKIE_391=22924-3262634136460960445&KRTB&23263-3262634136460960445; KRTBCOOKIE_336=5844-405855181577769890; SPugT=1634151976; DPSync3=1634169600%3A174%7C1635292800%3A197_219_201; SyncRTB3=1636675200%3A203%7C1634947200%3A63%7C1635379200%3A35%7C1639267200%3A69%7C1635292800%3A21_56_57_8_13_55_234_81_222_220_231_104_161_88_7_166_204_165_189_71_22_230_176_54_3_99_5_233%7C1634688000%3A223_15_2; KRTBCOOKIE_218=22978-YWcuIwAI3Dkr6gAT&KRTB&23194-YWcuIwAI3Dkr6gAT&KRTB&23209-YWcuIwAI3Dkr6gAT&KRTB&23244-YWcuIwAI3Dkr6gAT; PugT=1634151977; KRTBCOOKIE_409=22966-pUBnjyMuCN86HOs5w0aFXpDa; KRTBCOOKIE_22=14911-2417546668163973526; KRTBCOOKIE_107=1471-uid:heZBLr3p1MAJzX5; KRTBCOOKIE_188=3189-19ddf919-9d85-4694-a31e-99813f5eb0f0-61672e29-5553; KRTBCOOKIE_594=17107-RX-d4cfffca-1acd-41f0-9345-444160c45c87-003; KRTBCOOKIE_466=16530-b817ecbe-4596-42f2-812d-121e492a4d7d; KRTBCOOKIE_699=22727-AAB7k07CzlwAABYbmZ_6bQ; chkChromeAb67Sec=3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 13 Oct 2021 19:06:17 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_860=16335-dxwe_XiuRmxQmUo1KPzaFNiDcm0; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 11-Jan-2022 19:06:17 GMT; path=/ PugT=1634151977; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 12-Nov-2021 19:06:17 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 11-Jan-2022 19:06:17 GMT; path=/
x-lat
lhrpug012:0:467
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Wed, 13 Oct 2021 19:06:17 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=dxwe_XiuRmxQmUo1KPzaFNiDcm0
Set-Cookie
sa-user-id=s%3A0-771c1efd-78ae-466c-5099-4a3528fcda14.Va9PT0hHRdjCPlsT%2BljUyHt%2BkI2g8joE4%2Ff7KGNJ%2Bnw; Max-Age=31536000; Secure; SameSite=None sa-user-id-v2=s%3A0-771c1efd-78ae-466c-5099-4a3528fcda14%24ip%24216.131.114.109.57VThWXrxK127PfykuavkUK9WGW1bgy4IEenlZw5wo4; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length
159
Connection
keep-alive
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C1C8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QFGiSknCR5eYf3JO5mgdXA%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:17 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=38018
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Thu, 14 Oct 2021 05:39:55 GMT

Redirect headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame C1C8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=50066167-2e23-4200-b5ed-83ea8910f6fa
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=50066167-2e23-4200-b5ed-83ea8910f6fa
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:16 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 13 Oct 2021 19:06:17 GMT
Server
MT3 3984 0e3af3b master zrh-pixel-x31 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=50066167-2e23-4200-b5ed-83ea8910f6fa
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 13 Oct 2021 19:06:16 GMT
33141
tags.bluekai.com/site/ Frame C1C8
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=4051A24A-49C2-4797-987F-724EE6681D5C
  • https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
  • https://tags.bluekai.com/site/33141?&id=adf0f4ffc908924b
62 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/33141?&id=adf0f4ffc908924b
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.72.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-72-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 13 Oct 2021 19:06:18 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif

Redirect headers

location
https://tags.bluekai.com/site/33141?&id=adf0f4ffc908924b
content-length
0
SPug
image4.pubmatic.com/AdServer/ Frame C1C8
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4051A24A-49C2-4797-987F-724EE6681D5C&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4051A24A-49C2-4797-987F-724EE6681D5C&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-74L8i5ZE2uWMT.A.Jr4nxkt1UVIUKlQ-~A&gdpr=0&gdpr_consent=
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-74L8i5ZE2uWMT.A.Jr4nxkt1UVIUKlQ-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:16 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 13 Oct 2021 19:06:17 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-74L8i5ZE2uWMT.A.Jr4nxkt1UVIUKlQ-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
4051A24A-49C2-4797-987F-724EE6681D5C
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame C1C8 		43 B
836 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/4051A24A-49C2-4797-987F-724EE6681D5C?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.176 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
pr-bh-ing.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:17 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C1C8
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=3262634136460960445&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b817ecbe-4596-42f2-812d-121e492a4d7d&gdpr=&gdpr_consent=&gdpr_pd=
1 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b817ecbe-4596-42f2-812d-121e492a4d7d&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:17 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug014:0:336
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b817ecbe-4596-42f2-812d-121e492a4d7d&gdpr=&gdpr_consent=&gdpr_pd=
Date
Wed, 13 Oct 2021 19:06:17 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame C1C8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YWcuIwAI3Dkr6gAT&gdpr=0&gdpr_consent=
1 B
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YWcuIwAI3Dkr6gAT&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:17 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug004:0:485
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:17 GMT
via
1.1 varnish
server
Varnish
x-timer
S1634151977.357396,VS0,VE0
x-served-by
cache-hhn4055-HHN
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YWcuIwAI3Dkr6gAT&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame C1C8 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=4051A24A-49C2-4797-987F-724EE6681D5C&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.207.16.201 Roydon, United Kingdom, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
ams04-usadmm.dotomi.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:17 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame C1C8
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=19ddf919-9d85-4694-a31e-99813f5eb0f0-61672e29-5553&gdpr=0&gdpr_consent=
42 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=19ddf919-9d85-4694-a31e-99813f5eb0f0-61672e29-5553&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:17 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug012:0:486
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:16 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=19ddf919-9d85-4694-a31e-99813f5eb0f0-61672e29-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C1C8
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2417546668163973526&gdpr=0&gdpr_consent=&us_privacy=
1 B
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2417546668163973526&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:17 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug010:0:374
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2417546668163973526&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 13 Oct 2021 19:06:16 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame C1C8
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:c55f9c48-2d33-4738-a9ba-9209d72d983f&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:c55f9c48-2d33-4738-a9ba-9209d72d983f&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:17 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug011:0:351
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:c55f9c48-2d33-4738-a9ba-9209d72d983f&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Wed, 13 Oct 2021 19:06:17 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame C1C8
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=580923692186269670
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=580923692186269670
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:17 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug018:0:282
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Wed, 13 Oct 2021 19:06:17 GMT
X-Proxy-Origin
216.131.114.109; 216.131.114.109; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
742e1c8f-bb17-4d01-8a64-b86bf2c13f8f
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=580923692186269670
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
d1ba4609
rtb.gumgum.com/getuid/ Frame C1C8 		35 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-175-241.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:17 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame C1C8
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=a4f6459b-2c58-11ec-932f-e7cb121077e6&gdpr=0&gdpr_consent=
1 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=a4f6459b-2c58-11ec-932f-e7cb121077e6&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:17 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug002:0:1248
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=a4f6459b-2c58-11ec-932f-e7cb121077e6&gdpr=0&gdpr_consent=
Date
Wed, 13 Oct 2021 19:06:17 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
a4f6459c-2c58-11ec-932f-e7cb121077e6
usync.js
eus.rubiconproject.com/ Frame 0686 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6eac4f1bf5bf8976cc74f9d784adc40029ac907cf2ba54cc3c5a50c8e38cd122

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 13 Oct 2021 19:06:17 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=43055
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9275
Expires
Thu, 14 Oct 2021 07:03:52 GMT
sd
eu-u.openx.net/w/1.0/ Frame 0567
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=heZBLr3p1MAJzX5
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=heZBLr3p1MAJzX5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:17 GMT
via
1.1 google
server
OXGW/16.217.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 13 Oct 2021 19:06:16 GMT
Server
PingMatch/8a430fa#rel-ec2-master i-0d1d523a9a3a6e567@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=heZBLr3p1MAJzX5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 0567
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=openx&bds_param=b817ecbe-4596-42f2-812d-121e492a4d7d
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=ec0c6671-8053-41e7-b8b5-29277fcc1c56&expires=10&ssp=openx&bsw_param=b817ecbe-4596-42f2-812d-121e492a4d7d
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=b817ecbe-4596-42f2-812d-121e492a4d7d
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=b817ecbe-4596-42f2-812d-121e492a4d7d
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:17 GMT
via
1.1 google
server
OXGW/16.217.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//us-u.openx.net/w/1.0/sd?id=537072968&val=b817ecbe-4596-42f2-812d-121e492a4d7d
Date
Wed, 13 Oct 2021 19:06:17 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
sd
eu-u.openx.net/w/1.0/ Frame 0567
Redirect Chain
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=580923692186269670
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=580923692186269670
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:17 GMT
via
1.1 google
server
OXGW/16.217.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 13 Oct 2021 19:06:17 GMT
X-Proxy-Origin
216.131.114.109; 216.131.114.109; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
86205465-2d1f-42bc-9a16-da9aa365e3d6
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=580923692186269670
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 0567
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCN2swN0N6bHdBQUJZYm1aXzZiUQ&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAB7k07CzlwAABYbmZ_6bQ&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAB7k07CzlwAABYbmZ_6bQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%2...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAB7k07CzlwAABYbmZ_6bQ&pid=558502&do=add
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAB7k07CzlwAABYbmZ_6bQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_part...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=ox&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=2640019365190326786
  • https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAB7k07CzlwAABYbmZ_6bQ
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAB7k07CzlwAABYbmZ_6bQ
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:18 GMT
via
1.1 google
server
OXGW/16.217.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAB7k07CzlwAABYbmZ_6bQ
Date
Wed, 13 Oct 2021 19:06:18 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
sd
eu-u.openx.net/w/1.0/ Frame 0567
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=50066167-2e23-4200-b5ed-83ea8910f6fa
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=50066167-2e23-4200-b5ed-83ea8910f6fa
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:17 GMT
via
1.1 google
server
OXGW/16.217.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Wed, 13 Oct 2021 19:06:17 GMT
Server
MT3 3984 0e3af3b master zrh-pixel-x9 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=50066167-2e23-4200-b5ed-83ea8910f6fa
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 13 Oct 2021 19:06:16 GMT
sd
us-u.openx.net/w/1.0/ Frame 0567
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=r7gPmavsC520vQ-XoeoUm6-5Cc20vw-doLvHM4Ql
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=r7gPmavsC520vQ-XoeoUm6-5Cc20vw-doLvHM4Ql
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:17 GMT
via
1.1 google
server
OXGW/16.217.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:17 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=r7gPmavsC520vQ-XoeoUm6-5Cc20vw-doLvHM4Ql
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 0567
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3262634136460960445
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3262634136460960445
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:17 GMT
via
1.1 google
server
OXGW/16.217.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:17 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3262634136460960445
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 0567 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=da4c6672-c713-73d9-e2d6-74c16620d618&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:17 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 0567 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjYyM2I1YjgtMGU2NC0yZDdkLWY3MzYtMmU3OGFjYzIxODc4
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 0567
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKoK4fM6GiUw4QjpWoWS2bE&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKoK4fM6GiUw4QjpWoWS2bE&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:17 GMT
via
1.1 google
server
OXGW/16.217.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKoK4fM6GiUw4QjpWoWS2bE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 3291
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=heZBLr3p1MAJzX5
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=heZBLr3p1MAJzX5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:17 GMT
via
1.1 google
server
OXGW/16.217.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 13 Oct 2021 19:06:16 GMT
Server
PingMatch/8a430fa#rel-ec2-master i-05ae7cfac7fab7b17@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=heZBLr3p1MAJzX5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 3291
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=b817ecbe-4596-42f2-812d-121e492a4d7d
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=b817ecbe-4596-42f2-812d-121e492a4d7d
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=0996444b-9ba3-4bc5-8923-398e9d97941b&ssp=openx
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=b817ecbe-4596-42f2-812d-121e492a4d7d
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=b817ecbe-4596-42f2-812d-121e492a4d7d
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:18 GMT
via
1.1 google
server
OXGW/16.217.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//us-u.openx.net/w/1.0/sd?id=537072968&val=b817ecbe-4596-42f2-812d-121e492a4d7d
Date
Wed, 13 Oct 2021 19:06:18 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
sd
eu-u.openx.net/w/1.0/ Frame 3291
Redirect Chain
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=580923692186269670
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=580923692186269670
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:17 GMT
via
1.1 google
server
OXGW/16.217.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 13 Oct 2021 19:06:17 GMT
X-Proxy-Origin
216.131.114.109; 216.131.114.109; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
65a296b9-a444-48a3-8bd1-d227a1fbaf82
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=580923692186269670
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 3291
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAB7k07CzlwAABYbmZ_6bQ&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=ox&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAB7k07CzlwAABYbmZ_6bQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_curre...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cox&bee_sync_current_partner=sas&bee_sync_initiator=ox&bee_sync_hop_count=2&userid=2640019365190326786
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAB7k07CzlwAABYbmZ_6bQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D2640019365190326786%26bee_sync_partners%3Dox%26bee_sync...
  • https://match.prod.bidr.io/cookie-sync?userid=2640019365190326786&bee_sync_partners=ox&bee_sync_current_partner=pp&bee_sync_initiator=ox&bee_sync_hop_count=3&ev=AAB7k07CzlwAABYbmZ_6bQ&pid=558502&do...
  • https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAB7k07CzlwAABYbmZ_6bQ
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAB7k07CzlwAABYbmZ_6bQ
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:18 GMT
via
1.1 google
server
OXGW/16.217.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAB7k07CzlwAABYbmZ_6bQ
Date
Wed, 13 Oct 2021 19:06:18 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
sd
eu-u.openx.net/w/1.0/ Frame 3291
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=50066167-2e23-4200-b5ed-83ea8910f6fa
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=50066167-2e23-4200-b5ed-83ea8910f6fa
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:17 GMT
via
1.1 google
server
OXGW/16.217.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Wed, 13 Oct 2021 19:06:17 GMT
Server
MT3 3984 0e3af3b master zrh-pixel-x5 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=50066167-2e23-4200-b5ed-83ea8910f6fa
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 13 Oct 2021 19:06:16 GMT
sd
us-u.openx.net/w/1.0/ Frame 3291
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=r7gPmavsC520vQ-XoeoUm6-5Cc20vw-doLvHM4Ql
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=r7gPmavsC520vQ-XoeoUm6-5Cc20vw-doLvHM4Ql
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:17 GMT
via
1.1 google
server
OXGW/16.217.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:17 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=r7gPmavsC520vQ-XoeoUm6-5Cc20vw-doLvHM4Ql
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 3291
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3262634136460960445
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3262634136460960445
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:17 GMT
via
1.1 google
server
OXGW/16.217.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:17 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3262634136460960445
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 3291 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=da4c6672-c713-73d9-e2d6-74c16620d618&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:17 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 3291 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjYyM2I1YjgtMGU2NC0yZDdkLWY3MzYtMmU3OGFjYzIxODc4
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 3291
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKoK4fM6GiUw4QjpWoWS2bE&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKoK4fM6GiUw4QjpWoWS2bE&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:17 GMT
via
1.1 google
server
OXGW/16.217.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKoK4fM6GiUw4QjpWoWS2bE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame AD32
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://anotepad.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://anotepad.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://anotepad.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6a3677a95b3242dbfb22169858bfecac165e4bc1187de7fc96f0b6bb4a8ea0ba

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Cookie
CMPS=3165; CMID=YWcuKXcdJmeWZh6XTy2EpgAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|230|45|241|90|46|206|188
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1698
Expires
Wed, 13 Oct 2021 19:06:17 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 13 Oct 2021 19:06:17 GMT
Connection
keep-alive
Set-Cookie
CMID=YWcuKXcdJmeWZh6XTy2EpgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 13 Oct 2022 19:06:17 GMT CMPS=3165;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 11 Jan 2022 19:06:17 GMT CMPRO=1116;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 11 Jan 2022 19:06:17 GMT CMRUM3=bc61672e2905a00&5a61672e2905a0&2d61672e2905a0&ce61672e2905a0&2e61672e2905a0&2761672e290b40&f161672e2905a0&e661672e292760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 13 Oct 2022 19:06:17 GMT CMST=YWcuKWFnLikA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 14 Oct 2021 19:06:17 GMT

Redirect headers

Server
Apache
Content-Length
335
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://anotepad.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Wed, 13 Oct 2021 19:06:17 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 13 Oct 2021 19:06:17 GMT
Connection
keep-alive
Set-Cookie
CMID=YWcuKXcdJmeWZh6XTy2EpgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 13 Oct 2022 19:06:17 GMT CMPS=3165;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 11 Jan 2022 19:06:17 GMT
async_usersync
ib.adnxs.com/ Frame 9044 		0
734 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Oct 2021 19:06:17 GMT
X-Proxy-Origin
216.131.114.109; 216.131.114.109; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
7e3ae6e5-33df-4bf7-b2f4-8ae2a98f27c8
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 6889
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://anotepad.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://anotepad.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://anotepad.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d212bb83b7d65d35b982f49bc7a347a3bb383d702d6f6adc6c34d51e4858bec9

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Cookie
CMID=YWcuKXcdJmeWZh6XTy2EpQAA; CMPS=3165
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|241|45|230|218|152|65|221
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1655
Expires
Wed, 13 Oct 2021 19:06:17 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 13 Oct 2021 19:06:17 GMT
Connection
keep-alive
Set-Cookie
CMID=YWcuKXcdJmeWZh6XTy2EpQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 13 Oct 2022 19:06:17 GMT CMPS=3165;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 11 Jan 2022 19:06:17 GMT CMPRO=1182;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 11 Jan 2022 19:06:17 GMT CMST=YWcuKWFnLikA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 14 Oct 2021 19:06:17 GMT CMRUM3=9861672e2905a00&2761672e290b40&4161672e2905a0&e661672e292760&f161672e2905a0&da61672e292760&2d61672e2905a0&dd61672e292760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 13 Oct 2022 19:06:17 GMT

Redirect headers

Server
Apache
Content-Length
335
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://anotepad.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Wed, 13 Oct 2021 19:06:17 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 13 Oct 2021 19:06:17 GMT
Connection
keep-alive
Set-Cookie
CMID=YWcuKXcdJmeWZh6XTy2EpQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 13 Oct 2022 19:06:17 GMT CMPS=3165;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 11 Jan 2022 19:06:17 GMT
async_usersync
ib.adnxs.com/ Frame 4E95 		0
734 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Oct 2021 19:06:17 GMT
X-Proxy-Origin
216.131.114.109; 216.131.114.109; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
28d35ea4-6e92-46a5-966b-19ddf1b5a83b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fltiu.js
pixel.yabidos.com/ Frame 96D2 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/fltiu.js?qid=83233313f553333313f513430313&cid=1041&p=615310f2492aff0015b58949&s=anotepad.com
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1634151971273&secure=true&version=9&uuid=e8ee395f-23a7-468f-b509-e92ed9d74faf&title=Online%20Notepad%20-%20Cheating%20In%20Casino%20Gambling&url=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:17 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 27 Sep 2021 02:19:46 GMT
server
cloudflare
age
6840
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
69dad822f959d6e9-FRA
content-length
1146
expires
Wed, 13 Oct 2021 21:06:17 GMT
query
ecs.mantisadnetwork.com/sync/pixel/ Frame 96D2
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rjrqv8k&ttd_tpi=1
  • https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=1477a98c-c8a7-46df-ac54-fc4002216f30
35 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=1477a98c-c8a7-46df-ac54-fc4002216f30
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1634151971273&secure=true&version=9&uuid=e8ee395f-23a7-468f-b509-e92ed9d74faf&title=Online%20Notepad%20-%20Cheating%20In%20Casino%20Gambling&url=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.80.147.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-147-122.compute-1.amazonaws.com
Software
/ Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:17 GMT
x-powered-by
Express
etag
W/"23-X71HIiL+uKIs9biqXcW44Tr4jis"
content-length
35
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:17 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=1477a98c-c8a7-46df-ac54-fc4002216f30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
241
fltiu.js
pixel.yabidos.com/ Frame 8D29 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/fltiu.js?qid=83233313f553333313f513430313&cid=1041&p=615310f2492aff0015b58949&s=anotepad.com
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1634151971243&secure=true&version=9&uuid=e8ee395f-23a7-468f-b509-e92ed9d74faf&title=Online%20Notepad%20-%20Cheating%20In%20Casino%20Gambling&url=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:17 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 27 Sep 2021 02:19:46 GMT
server
cloudflare
age
6840
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
69dad822f95ad6e9-FRA
content-length
1146
expires
Wed, 13 Oct 2021 21:06:17 GMT
query
ecs.mantisadnetwork.com/sync/pixel/ Frame 8D29
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rjrqv8k&ttd_tpi=1
  • https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=1477a98c-c8a7-46df-ac54-fc4002216f30
35 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=1477a98c-c8a7-46df-ac54-fc4002216f30
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1634151971243&secure=true&version=9&uuid=e8ee395f-23a7-468f-b509-e92ed9d74faf&title=Online%20Notepad%20-%20Cheating%20In%20Casino%20Gambling&url=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.80.147.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-147-122.compute-1.amazonaws.com
Software
/ Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:17 GMT
x-powered-by
Express
etag
W/"23-X71HIiL+uKIs9biqXcW44Tr4jis"
content-length
35
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:17 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=1477a98c-c8a7-46df-ac54-fc4002216f30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
241
flimpobj.js
pixel.yabidos.com/ Frame 96D2 		30 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/flimpobj.js?cb=1634151977454&ver1=2.2.3&qid=83233313f553333313f513430313&rnd=1zsptrajo2ij&cid=1041
Requested by
Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=83233313f553333313f513430313&cid=1041&p=615310f2492aff0015b58949&s=anotepad.com
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:17 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 27 Sep 2021 02:19:46 GMT
server
cloudflare
age
6842
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
69dad82329acd6e9-FRA
content-length
23972
expires
Wed, 13 Oct 2021 21:06:17 GMT
flimpobj.js
pixel.yabidos.com/ Frame 8D29 		30 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/flimpobj.js?cb=1634151977465&ver1=2.2.3&qid=83233313f553333313f513430313&rnd=k1zg3d75bmlo&cid=1041
Requested by
Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=83233313f553333313f513430313&cid=1041&p=615310f2492aff0015b58949&s=anotepad.com
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:17 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 27 Sep 2021 02:19:46 GMT
server
cloudflare
age
6842
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
69dad82339e0d6e9-FRA
content-length
23972
expires
Wed, 13 Oct 2021 21:06:17 GMT
casale
match.adsrvr.org/track/cmf/ Frame AD32 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://anotepad.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:17 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame AD32
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YWcuKXcdJmeWZh6XTy2EpgAABFwAAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEOaUnrCkY_xq3LTTz6FSkVI&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEOaUnrCkY_xq3LTTz6FSkVI&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://anotepad.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Oct 2021 19:06:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Wed, 13 Oct 2021 19:06:17 GMT

Redirect headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEOaUnrCkY_xq3LTTz6FSkVI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame AD32
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YWcuKXcdJmeWZh6XTy2EpgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELVeFFKYq1scvqLaT2mhQGI&google_cver=1&gdpr=1
43 B
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELVeFFKYq1scvqLaT2mhQGI&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://anotepad.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Oct 2021 19:06:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 13 Oct 2021 19:06:17 GMT

Redirect headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELVeFFKYq1scvqLaT2mhQGI&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame AD32
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YWcuKXcdJmeWZh6XTy2EpgAABFwAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YWcuKXcdJmeWZh6XTy2EpgAABFwAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YWcuKXcdJmeWZh6XTy2EpgAABFwAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://anotepad.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Oct 2021 19:06:17 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
Q9DAYWND3TEJC8TMDD80
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 13 Oct 2021 19:06:17 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
YXPPXZBP8C73ZBRXF8GZ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YWcuKXcdJmeWZh6XTy2EpgAABFwAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
no_match_opted_out
um.simpli.fi/ Frame AD32
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://um.simpli.fi/no_match_opted_out
0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/no_match_opted_out
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://anotepad.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
bc.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 13 Oct 2021 19:06:17 GMT
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

date
Wed, 13 Oct 2021 19:06:17 GMT
x-content-type-options
nosniff
server
openresty
location
/no_match_opted_out
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 12 Oct 2021 19:06:17 GMT
getuid
secure.adnxs.com/ Frame AD32 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://anotepad.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sync
ups.analytics.yahoo.com/ups/55940/ Frame AD32 		0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YWcuKXcdJmeWZh6XTy2EpgAABFwAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://anotepad.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 13 Oct 2021 19:06:17 GMT
Server
ATS/7.1.2.138
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
CookieIndex
rtb.adentifi.com/ Frame AD32 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://anotepad.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.198.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-198-41.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
htw-pixel.gif
js-sec.indexww.com/ht/ Frame AD32 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YWcuKXcdJmeWZh6XTy2EpgAA%261116
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://anotepad.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 13 Oct 2021 19:06:17 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2428
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Wed, 13 Oct 2021 19:46:45 GMT
vbl.gif
pre.glotgrx.com/ Frame 96D2 		26 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/vbl.gif?cb=1634151977506&rnd=1zsptrajo2ij&ifm=1&uai=1&cid=1041&s=anotepad.com&p=615310f2492aff0015b58949&x=&adtg=&ats=0&atf=&nsi=&si=&nci=&nai=&pft=0&iip=0&adb=1&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1634151971273&secure=true&version=9&uuid=e8ee395f-23a7-468f-b509-e92ed9d74faf&title=Online%20Notepad%20-%20Cheating%20In%20Casino%20Gambling&url=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.64.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:17 GMT
cf-cache-status
HIT
last-modified
Mon, 27 Sep 2021 02:19:36 GMT
server
cloudflare
age
6842
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
69dad823acc94aa9-FRA
content-length
26
expires
Wed, 13 Oct 2021 21:06:17 GMT
nflrc.gif
pre.glotgrx.com/ Frame 96D2 		26 B
83 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/nflrc.gif?cb=1634151977493366&ver=1.2r81&qid=83233313f553333313f513430313&p=615310f2492aff0015b58949&s=anotepad.com&x=&cid=1041&od1=&od2=&adtg=&nci=&nai=&si=&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=1zsptrajo2ij&impid=&tps=2&ver1=2.2.3&1=048e35510a392e9dc0585cdbc9b59a23&2=0.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%220%22%3A%22Chrome%2520PDF%2520Plugin%2520-%2520%2520-%2520internal-pdf-viewer%2520-%2520Portable%2520Document%2520Formatfl_br%22%2C%221%22%3A%22Chrome%2520PDF%2520Viewer%2520-%2520%2520-%2520mhjfbmdgcfjbbpaeojofohoefgiehjai%2520-%2520fl_br%22%2C%222%22%3A%22Native%2520Client%2520-%2520%2520-%2520internal-nacl-plugin%2520-%2520fl_br%22%7D%7D&6=2&7={%22e%22:%2211%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=1041&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=1&icpl=25&icp=https%253A//anotepad.com/&irfl=25&irf=https%253A//anotepad.com/&cty=4&fcs=0&flky=ver-fl-6-qid-fl-28-p-fl-24-s-fl-12-x-fl-0-cid-fl-4-od1-fl-0-od2-fl-0-adtg-fl-0-nci-fl-0-nai-fl-0-si-fl-0-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=1&adb=1&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=0x0&gpu=Intel%20Iris%20OpenGL%20Engine&ncf=4g_10_undefined_null_0_undefined_false&fli=&flerr=0&trim=&fio=21
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1634151971273&secure=true&version=9&uuid=e8ee395f-23a7-468f-b509-e92ed9d74faf&title=Online%20Notepad%20-%20Cheating%20In%20Casino%20Gambling&url=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.64.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:17 GMT
cf-cache-status
HIT
last-modified
Mon, 27 Sep 2021 02:19:36 GMT
server
cloudflare
age
6842
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
69dad823accf4aa9-FRA
content-length
26
expires
Wed, 13 Oct 2021 21:06:17 GMT
tap.php
pixel.rubiconproject.com/ Frame 0686
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/KLaXixrFxeVXszbQoXRTwsn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7355253253163526979
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7355253253163526979
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif

Redirect headers

date
Wed, 13 Oct 2021 19:06:17 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7355253253163526979
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 0686
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=50066167-2e23-4200-b5ed-83ea8910f6fa&expires=28
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=50066167-2e23-4200-b5ed-83ea8910f6fa&expires=28
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif

Redirect headers

Date
Wed, 13 Oct 2021 19:06:17 GMT
Server
MT3 3984 0e3af3b master zrh-pixel-x1 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=50066167-2e23-4200-b5ed-83ea8910f6fa&expires=28
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 13 Oct 2021 19:06:16 GMT
tap.php
pixel.rubiconproject.com/ Frame 0686
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YWcuIwAI3Dkr6gAT
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YWcuIwAI3Dkr6gAT
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:17 GMT
via
1.1 varnish
server
Varnish
x-timer
S1634151978.552384,VS0,VE0
x-served-by
cache-hhn4055-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YWcuIwAI3Dkr6gAT
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 0686
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VQVlcyTTQtMjMtR1dLSg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VQVlcyTTQtMjMtR1dLSg==
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VQVlcyTTQtMjMtR1dLSg==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 0686 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:17 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
709414.gif
id.rlcdn.com/ Frame 0686 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
tap.php
pixel.rubiconproject.com/ Frame 0686
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESED5k8K1GoYt7LSAx6kMIqyE&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESED5k8K1GoYt7LSAx6kMIqyE&google_cver=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESED5k8K1GoYt7LSAx6kMIqyE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0686
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODAzYTlmNjNjZjFkOGYzY2FkNjExOTQ4OGUwMjQzODQ1YWUyZjY2NA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODAzYTlmNjNjZjFkOGYzY2FkNjExOTQ4OGUwMjQzODQ1YWUyZjY2NA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODAzYTlmNjNjZjFkOGYzY2FkNjExOTQ4OGUwMjQzODQ1YWUyZjY2NA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
vbl.gif
pre.glotgrx.com/ Frame 8D29 		26 B
84 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/vbl.gif?cb=1634151977566&rnd=k1zg3d75bmlo&ifm=1&uai=1&cid=1041&s=anotepad.com&p=615310f2492aff0015b58949&x=&adtg=&ats=0&atf=&nsi=&si=&nci=&nai=&pft=0&iip=0&adb=1&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1634151971243&secure=true&version=9&uuid=e8ee395f-23a7-468f-b509-e92ed9d74faf&title=Online%20Notepad%20-%20Cheating%20In%20Casino%20Gambling&url=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.64.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:17 GMT
cf-cache-status
HIT
last-modified
Mon, 27 Sep 2021 02:19:36 GMT
server
cloudflare
age
6842
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
69dad823dd5e4aa9-FRA
content-length
26
expires
Wed, 13 Oct 2021 21:06:17 GMT
nflrc.gif
pre.glotgrx.com/ Frame 8D29 		26 B
84 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/nflrc.gif?cb=1634151977557544&ver=1.2r81&qid=83233313f553333313f513430313&p=615310f2492aff0015b58949&s=anotepad.com&x=&cid=1041&od1=&od2=&adtg=&nci=&nai=&si=&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=k1zg3d75bmlo&impid=&tps=2&ver1=2.2.3&1=048e35510a392e9dc0585cdbc9b59a23&2=0.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%220%22%3A%22Chrome%2520PDF%2520Plugin%2520-%2520%2520-%2520internal-pdf-viewer%2520-%2520Portable%2520Document%2520Formatfl_br%22%2C%221%22%3A%22Chrome%2520PDF%2520Viewer%2520-%2520%2520-%2520mhjfbmdgcfjbbpaeojofohoefgiehjai%2520-%2520fl_br%22%2C%222%22%3A%22Native%2520Client%2520-%2520%2520-%2520internal-nacl-plugin%2520-%2520fl_br%22%7D%7D&6=2&7={%22e%22:%2211%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=1041&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=1&icpl=25&icp=https%253A//anotepad.com/&irfl=25&irf=https%253A//anotepad.com/&cty=4&fcs=0&flky=ver-fl-6-qid-fl-28-p-fl-24-s-fl-12-x-fl-0-cid-fl-4-od1-fl-0-od2-fl-0-adtg-fl-0-nci-fl-0-nai-fl-0-si-fl-0-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=1&adb=1&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=0x0&gpu=Intel%20Iris%20OpenGL%20Engine&ncf=4g_10_undefined_null_0_undefined_false&fli=&flerr=0&trim=&fio=18
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1634151971243&secure=true&version=9&uuid=e8ee395f-23a7-468f-b509-e92ed9d74faf&title=Online%20Notepad%20-%20Cheating%20In%20Casino%20Gambling&url=https%3A%2F%2Fanotepad.com%2Fnotes%2F8mgfm8k4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.64.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:17 GMT
cf-cache-status
HIT
last-modified
Mon, 27 Sep 2021 02:19:36 GMT
server
cloudflare
age
6842
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
69dad823dd604aa9-FRA
content-length
26
expires
Wed, 13 Oct 2021 21:06:17 GMT
casale
match.adsrvr.org/track/cmf/ Frame 6889 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://anotepad.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:17 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 6889
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YWcuKXcdJmeWZh6XTy2EpQAABJ4AAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YWcuKXcdJmeWZh6XTy2EpQAABJ4AAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YWcuKXcdJmeWZh6XTy2EpQAABJ4AAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://anotepad.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Oct 2021 19:06:17 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
HM4T6M2B2HYWER0CX9VA
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 13 Oct 2021 19:06:17 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
JBNA8AWCXYC39HAYDASF
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YWcuKXcdJmeWZh6XTy2EpQAABJ4AAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 6889
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YWcuKXcdJmeWZh6XTy2EpgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELVeFFKYq1scvqLaT2mhQGI&google_cver=1&gdpr=1
43 B
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELVeFFKYq1scvqLaT2mhQGI&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://anotepad.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Oct 2021 19:06:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 13 Oct 2021 19:06:17 GMT

Redirect headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELVeFFKYq1scvqLaT2mhQGI&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 6889
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YWcuKXcdJmeWZh6XTy2EpQAABJ4AAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEOaUnrCkY_xq3LTTz6FSkVI&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEOaUnrCkY_xq3LTTz6FSkVI&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://anotepad.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Oct 2021 19:06:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Wed, 13 Oct 2021 19:06:17 GMT

Redirect headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEOaUnrCkY_xq3LTTz6FSkVI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=23728&dpuuid=YWcuKXcdJmeWZh6XTy2EpQAA%261182
dpm.demdex.net/ Frame 6889 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YWcuKXcdJmeWZh6XTy2EpQAA%261182?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://anotepad.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.85.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-85-49.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame 6889
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=17212407-78fc-4f88-ac15-1af53dbd5bea
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=17212407-78fc-4f88-ac15-1af53dbd5bea
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://anotepad.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Oct 2021 19:06:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 13 Oct 2021 19:06:18 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 13 Oct 2021 19:06:17 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=17212407-78fc-4f88-ac15-1af53dbd5bea
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
rum
dsum.casalemedia.com/ Frame 6889
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1634238377&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1634238377&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://anotepad.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Oct 2021 19:06:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Wed, 13 Oct 2021 19:06:17 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1634238377&gdpr=1
pragma
no-cache
date
Wed, 13 Oct 2021 19:06:17 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
tpid=YWcuKXcdJmeWZh6XTy2EpQAA%261182
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame 6889
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YWcuKXcdJmeWZh6XTy2EpQAA%261182?gdpr_consent=&us_privacy=&gdpr=1
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YWcuKXcdJmeWZh6XTy2EpQAA%261182?gdpr_consent=&us_privacy=&gdpr=1
49 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YWcuKXcdJmeWZh6XTy2EpQAA%261182?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://anotepad.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.137.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-137-92.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:17 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.2.61
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:06:17 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YWcuKXcdJmeWZh6XTy2EpQAA%261182?gdpr_consent=&us_privacy=&gdpr=1
cache-control
no-cache
x-server
10.45.2.44
content-length
0
expires
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 6889 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YWcuKXcdJmeWZh6XTy2EpQAA%261182
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://anotepad.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 13 Oct 2021 19:06:17 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2428
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Wed, 13 Oct 2021 19:46:45 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 5198 		47 B
166 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=16101456&p=156696&s=269885&a=0&ptask=DSP&np=0&fp=1&mpc=10&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
47
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame CF38 		47 B
100 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=9155030&p=156696&s=269885&a=0&ptask=DSP&np=0&fp=1&mpc=10&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
47
content-type
text/html; charset=UTF-8
async_usersync
ib.adnxs.com/ Frame 9044 		0
734 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Oct 2021 19:06:18 GMT
X-Proxy-Origin
216.131.114.109; 216.131.114.109; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
e494e1ce-9e3b-4da4-ad1c-233e8636429a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 4E95 		0
734 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Oct 2021 19:06:18 GMT
X-Proxy-Origin
216.131.114.109; 216.131.114.109; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
fa3a2fd6-b856-4c9d-897c-d6afa675a38d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame C1C8 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156696&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:06:18 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

172 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| onbeforexrselect boolean| originAgentCluster function| gtag object| dataLayer object| freestar object| Notepad function| $ function| jQuery object| jQuery1124047773668996586993 function| fnEmailNote function| fnEmailNoteSend function| fnPremiumUpgrade function| fnImportFile function| fnAttachFile function| fnUpgradeNow function| fnMobileMenu function| fnEnableRichTextEditor function| fnDisableRichTextEditor function| fnSortByTitle function| fnSortByUpdated function| fnManageFolders function| fnLoadManageFolderContent function| fnShowNoteVersions function| fnLoadNoteVersions function| fnCreateFolder function| fnDeleteFolder function| fnRenameFolder function| fnRenameFolderSave function| fnRenameFolderCancel function| fnOpenFolder function| fnLoadFolderList function| fnMoveNoteToFolder function| fnEnableNoteDragDrop function| fnSaveNote function| fnSaveNoteNew function| fnSaveNoteEdit function| fnSaveNoteQuickEdit function| fnAutoSaveInit function| fnAutoSaveNote function| fnAutoSaveNoteNew function| fnAutoSaveNoteEdit function| fnAutoSaveNoteQuickEdit function| fnManageNoteAccess function| fnUpdateNoteAccessText function| fnCommentLoad function| fnCommentAdd function| fnCommentDelete function| fnCommentReply function| fnShowAlert function| fnLoadNoteFileList function| fnDeleteNoteFile object| addthis_config object| google_tag_manager function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| google_tag_data string| GoogleAnalyticsObject function| ga boolean| __@@##MUH object| gaplugins object| gaGlobal object| gaData object| addthis_share object| fsdata object| _comscore object| fsprebid object| oattr function| load_script object| googletag function| udm_ object| ns_p object| COMSCORE function| Tapad function| fsprebidChunk object| _pbjsGlobals object| mnet object| ggeac object| google_js_reporting_queue object| __bt_tag_d object| __bt_intrnl boolean| __bt_already_invoked function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| _qevents object| Criteo object| hiNOcy2 function| hiNOcy3 object| xop object| audSegDataResp string| kruxScriptId string| kruxIdScriptId string| kruxDataId string| kruxWhitelistSegments object| kruxScript function| checkMatchingSegments function| generateUUID function| getUserId function| getPageId function| getPageLog function| calculateDocumentType function| calculateReferer function| clientWindowHeight function| clientWindowWidth function| getBrowserSize function| firePageLog function| fireDataCall function| Krux function| ic_krux_getuserid string| IC_FS_PAGE_ID string| IC_FS_PAGE_REFERER function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| l1ClGa2 function| l1ClGa3 function| xblocker object| Hr90sM function| Hr90sr object| xblacklist string| mantis_uuid object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id boolean| DFPSFMessageEnabled object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests object| criteo_pubtag object| criteo_pubtag_prebid_114 object| Criteo_prebid_114

117 Cookies

Domain/Path Name / Value
anotepad.com/ Name: fsbotchecked
Value: true
.anotepad.com/ Name: _ga
Value: GA1.2.1441146338.1634151970
.anotepad.com/ Name: _gid
Value: GA1.2.624907572.1634151970
.anotepad.com/ Name: _gat_gtag_UA_8870545_1
Value: 1
anotepad.com/ Name: __atuvc
Value: 1%7C41
anotepad.com/ Name: __atuvs
Value: 61672e22c4ec4af2000
.addthis.com/ Name: uvc
Value: 1%7C41
anotepad.com/ Name: _fssid
Value: b8eed973-45f2-49d4-9aa8-feeaec1cc455
.scorecardresearch.com/ Name: UID
Value: 16AQQOPRZTGZRBAKRUSFLXg1634151971
.addthis.com/ Name: loc
Value: MDAwMDBFVURFQlkyMjgxMTkxNjAwNTAwMDBDSA==
.openx.net/ Name: i
Value: 09e0592b-6e94-4c2e-b800-bc290207e5e5|1634151970
.rubiconproject.com/ Name: khaos
Value: KUPVW2M4-23-GWKJ
.rubiconproject.com/ Name: rsid
Value: 1|HsGqLFsFr/vVSy6g0MQzNQWiuYBcZJvAvCF6IsCkVVwnwYaQOmrhRqqbYb+IjI/LQRqus1OnYX6qF0anVSaRRFrEpFc6uQw19gMkasvdREJwzG6qEKdWU6r+VKDRWVv/VO/a+hEPPQ==
.investingchannel.com/ Name: ic_uid
Value: 507fa8a3-564c-4cec-9458-11e99af1c667
.mantisadnetwork.com/ Name: uuid
Value: 53277fe8-1438-490f-a338-a57130ce7760
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB1xHO3ZIGcdwwl6iaFq5H9E65HkMoHfumD2QI370TZ44D4QikRz8kbZ4HEYI5ehIrWMOGVKCaaiLdzpQ7vzkXQ/
.quantserve.com/ Name: mc
Value: 61672e23-4698c-5600c-66392
.anotepad.com/ Name: __qca
Value: P0-650376597-1634151971266
.krxd.net/ Name: _kuid_
Value: Oa0ATHjO
.adnxs.com/ Name: uuid2
Value: 580923692186269670
.rlcdn.com/ Name: rlas3
Value: h168Q/p0me3ERObfIvYFTnYET8DlaLmCUPZjo0k2tMg=
.rlcdn.com/ Name: pxrc
Value: CAA=
.eyeota.net/ Name: mako_uid
Value: 17c7b0c3aa1-382a0000010f5f9e
.eyeota.net/ Name: SERVERID
Value: 24478~DM
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 4051A24A-49C2-4797-987F-724EE6681D5C
.doubleclick.net/ Name: IDE
Value: AHWqTUnf2-E8aeNELiLthrv3wy6W9-VyedilFSLD2Op1ffoNed7Q85iTIWmijdr_ze0
.adsrvr.org/ Name: TDID
Value: 1477a98c-c8a7-46df-ac54-fc4002216f30
.turn.com/ Name: uid
Value: 2417546668163973526
.mathtag.com/ Name: uuid
Value: 50066167-2e23-4200-b5ed-83ea8910f6fa
.pub.network/ Name: _fsuid
Value: 63daaf4b-7e28-41f4-9c5c-a2a35a895615
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YWcuIwAI3Dkr6gAT
global.ib-ibi.com/ Name: ASP.NET_SessionId
Value: qyuhwupayh34pj02nrbo1d5o
.anotepad.com/ Name: __gads
Value: ID=d753c1fe46b4c528-22580439f5ca005d:T=1634151971:S=ALNI_MZ8urGtYXQYlKT1UrSmYK6Ed0vVMw
.doubleclick.net/ Name: DSID
Value: NO_DATA
.criteo.com/ Name: uid
Value: 669f4cdb-25ac-42e4-beb4-c3a78f8f3c23
ib.mookie1.com/ Name: ASP.NET_SessionId
Value: eel0th24tfl4gavubl4wsf0p
.ib.mookie1.com/ Name: ibkukiuno
Value: s=668081eb-9342-4b58-b5ed-12f25904d848&h=&v=1127040892&l=-8585674549126077832&op=&hl=0&vlu=3&tcs=1&dcc=-8585674549126077832
.ib.mookie1.com/ Name: ibkukinet
Value: 3632493165=-8585674549126077832
.anotepad.com/ Name: cto_bundle
Value: gB4PCF8wNVRvcHRhb2NmczBKSjd2UVF2V25WRnU0eGdESjRnJTJCQVFSNXVGMCUyQkJDS1lOU3doVVhzT3hPWVQyQ045bEZUQnZQZXNtJTJGbFpTY1ByR0VUNWZ2bDhmQU9pSXM1SUhTU1I3VnlKeUFRVjMlMkZtMFk4WG5uRWxqaHROMFclMkJ2eUlkUEdsQUhjNzJmdFJXTWxCdWZxS3pUUG9BJTNEJTNE
.simpli.fi/ Name: suid
Value: 188C7BC606E34701BFD67991850CF15D
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 3262634136460960445
.de17a.com/ Name: guid2
Value: 1.405855181577769890
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEIK-vNmaHiHB7QQ4HcrbcSk&KRTB&16514-CAESEIK-vNmaHiHB7QQ4HcrbcSk&KRTB&23025-CAESEIK-vNmaHiHB7QQ4HcrbcSk
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 19420-ZK1Iy2D5TM9_qEjFav9TyWSsTp9_qkjPa65q7KpM&KRTB&22979-ZK1Iy2D5TM9_qEjFav9TyWSsTp9_qkjPa65q7KpM
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-580923692186269670
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:50066167-2e23-4200-b5ed-83ea8910f6fa&KRTB&16736-uid:50066167-2e23-4200-b5ed-83ea8910f6fa&KRTB&23019-uid:50066167-2e23-4200-b5ed-83ea8910f6fa&KRTB&23114-uid:50066167-2e23-4200-b5ed-83ea8910f6fa
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-1477a98c-c8a7-46df-ac54-fc4002216f30&KRTB&22918-1477a98c-c8a7-46df-ac54-fc4002216f30&KRTB&23031-1477a98c-c8a7-46df-ac54-fc4002216f30
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-3262634136460960445&KRTB&23263-3262634136460960445
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-405855181577769890
.pubmatic.com/ Name: SPugT
Value: 1634151976
.openx.net/ Name: pd
Value: v2|1634151977|mOgeginskin0vNomiygu
.pubmatic.com/ Name: DPSync3
Value: 1634169600%3A174%7C1635292800%3A197_219_201
.pubmatic.com/ Name: SyncRTB3
Value: 1636675200%3A203%7C1634947200%3A63%7C1635379200%3A35%7C1639267200%3A69%7C1635292800%3A21_56_57_8_13_55_234_81_222_220_231_104_161_88_7_166_204_165_189_71_22_230_176_54_3_99_5_233%7C1634688000%3A223_15_2
.quantserve.com/ Name: d
Value: EMEBEQG8JPijCJiTAA
.erne.co/ Name: u
Value: pUBnjyMuCN86HOs5w0aFXpDa
.taboola.com/ Name: t_gid
Value: 392d9e7a-0486-4aa0-b5b7-08fd4c96584c-tuct860b3a9
.onaudience.com/ Name: cookie
Value: 6c71c33cb285c837
.onaudience.com/ Name: done_redirects109
Value: 1
eus.rubiconproject.com/ Name: pux
Value: 1512%3D103291%262249%3D103291%262307%3D103291%262974%3D103291%263778%3D103291%26goog%3D103291%26idl%3D103291%262249-DV360-Hosted%3D103291%26
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 22978-YWcuIwAI3Dkr6gAT&KRTB&23194-YWcuIwAI3Dkr6gAT&KRTB&23209-YWcuIwAI3Dkr6gAT&KRTB&23244-YWcuIwAI3Dkr6gAT
.pubmatic.com/ Name: PugT
Value: 1634151977
ads.playground.xyz/ Name: connect.sid
Value: s%3AA6CaEpmwJjoXcneKNVDXAUmrmd5akU6J.tXAcwApo3uLG2qVLA6LXgVsQT4yDpB%2BSwIr80RtriZA
.w55c.net/ Name: wfivefivec
Value: heZBLr3p1MAJzX5
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-pUBnjyMuCN86HOs5w0aFXpDa
.adsby.bidtheatre.com/ Name: __kuid
Value: c55f9c48-2d33-4738-a9ba-9209d72d983f.403365977
.w55c.net/ Name: matchpubmatic
Value: 5
.casalemedia.com/ Name: CMPS
Value: 3165
.bidswitch.net/ Name: c
Value: 1634151977
.bidswitch.net/ Name: tuuid_lu
Value: 1634151977
.bidswitch.net/ Name: tuuid
Value: b817ecbe-4596-42f2-812d-121e492a4d7d
.w55c.net/ Name: matchopenx
Value: 5
.sitescout.com/ Name: ssi
Value: 19ddf919-9d85-4694-a31e-99813f5eb0f0#1634151977426
.adsrvr.org/ Name: TDCPM
Value: CAESEwoEa3J1eBILCPbi5tvRoYc6EAUSFwoIcHVibWF0aWMSCwiGufX50aGHOhAFGAEgASgCMgsIlPTdwOihhzoQBTgBWgthZGNvbmR1Y3RvcmAC
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-2417546668163973526
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:heZBLr3p1MAJzX5
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-d4cfffca-1acd-41f0-9345-444160c45c87-003%22%7D
.casalemedia.com/ Name: CMST
Value: YWcuKWFnLikA
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTYzNDE1MTk3NzQ1N30
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-19ddf919-9d85-4694-a31e-99813f5eb0f0-61672e29-5553
.bidr.io/ Name: bitoIsSecure
Value: ok
.bidr.io/ Name: bito
Value: AAB7k07CzlwAABYbmZ_6bQ
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-d4cfffca-1acd-41f0-9345-444160c45c87-003%22%7D
.yahoo.com/ Name: A3
Value: d=AQABBCkuZ2ECEOcezzpGJlObTlWKbFPndYoFEgEBAQF_aGFxYQAAAAAA_eMAAA&S=AQAAAtoQTGD4uIa-k54l2ibSV3M
.casalemedia.com/ Name: CMID
Value: YWcuKXcdJmeWZh6XTy2EpgAA
.casalemedia.com/ Name: CMPRO
Value: 1116
.volvelle.tech/ Name: ouuid
Value: 9fd31095-4a89-42cb-88e2-2fb3d7416935
.volvelle.tech/ Name: c
Value: 1634151977
.volvelle.tech/ Name: ouuid_lu
Value: 1634151977
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17107-RX-d4cfffca-1acd-41f0-9345-444160c45c87-003
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-b817ecbe-4596-42f2-812d-121e492a4d7d
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z8~20xv
.mathtag.com/ Name: mt_mop
Value: 9:1634151977
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAB7k07CzlwAABYbmZ_6bQ
.smadex.com/ Name: smxtrack
Value: ec0c6671-8053-41e7-b8b5-29277fcc1c56
.bnmla.com/ Name: rx_sspurl_10738
Value: https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D4c0cbccf-e5a7-4f9f-bb4d-eac45623f074
.bnmla.com/ Name: rx_uuid
Value: 4c0cbccf-e5a7-4f9f-bb4d-eac45623f074
.bnmla.com/ Name: rx_maxage_10738
Value: 1635447977
.bnmla.com/ Name: rx_sspid_10738
Value: 6
.casalemedia.com/ Name: CMRUM3
Value: e661672e292760&f161672e2905a0&2761672e290b40&2e61672e2905a0&2d61672e292760CAESELVeFFKYq1scvqLaT2mhQGI&ce61672e2905a0&5a61672e2905a0&bc61672e2905a00
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AAB7k07CzlwAABYbmZ_6bQ
.ads.pubmatic.com/ Name: repi
Value: 1
.smartadserver.com/ Name: pid
Value: 2640019365190326786
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1634173577707
.tribalfusion.com/ Name: ANON_ID
Value: aunseFwl6h6bQQwbQQqHWZaj6nC594ZalorwSpQqxFPDvaQP0qnoOhRQRYifro1SZbF5WDMbF0kCI5lYNZc6gyaL
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: dfc23c5de1a4c7716e078984e574e00e
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQSElLNjJONk1JNUw0STY3NzRLNTC3sLQwSTU1N0k1MEhlAILEdD1NEA0FAFWTCgk%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBITNfTBFJQAAAOhgEg"
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-771c1efd-78ae-466c-5099-4a3528fcda14.Va9PT0hHRdjCPlsT%2BljUyHt%2BkI2g8joE4%2Ff7KGNJ%2Bnw
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0-771c1efd-78ae-466c-5099-4a3528fcda14%24ip%24216.131.114.109.57VThWXrxK127PfykuavkUK9WGW1bgy4IEenlZw5wo4
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-dxwe_XiuRmxQmUo1KPzaFNiDcm0
.ipredictive.com/ Name: cu
Value: a4f6459b-2c58-11ec-932f-e7cb121077e6|1634151977799
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-a4f6459b-2c58-11ec-932f-e7cb121077e6&KRTB&23011-a4f6459b-2c58-11ec-932f-e7cb121077e6

4 Console Messages

Source Level URL
Text
network error URL: https://idsync.rlcdn.com/398696.gif?partner_uid=-6492044713090923506
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.pub.network
a.tribalfusion.com
a.volvelle.tech
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.playground.xyz
ads.pubmatic.com
ads.yieldmo.com
adservice.google.com
ajax.googleapis.com
aktrack.pubmatic.com
anotepad.com
api.btloader.com
bcp.crwdcntrl.net
beacon.krxd.net
beap-bc.yahoo.com
bh.contextweb.com
bidder.criteo.com
btloader.com
btlr.sharethrough.com
c.pub.network
c1.adform.net
c2shb.ssp.yahoo.com
casale-match.dotomi.com
cdn.anotepad.com
cdn.js7k.com
cdn.krxd.net
cm.adgrx.com
cm.g.doubleclick.net
cm.smadex.com
consumer.krxd.net
csync.loopme.me
d.pub.network
d.turn.com
d3e50e22159e7489e1ef51e378724a4f.safeframe.googlesyndication.com
d5p.de17a.com
dggaenaawxe8z.cloudfront.net
dis.criteo.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
ecs.mantisadnetwork.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fei.pro-market.net
freestar-d.openx.net
freestar-io.videoplayerhub.com
global.ib-ibi.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
grid.bidswitch.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
ib.mookie1.com
id.rlcdn.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
js-sec.indexww.com
m.addthis.com
mantodea.mantisadnetwork.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.taboola.com
pagead2.googlesyndication.com
pghub.io
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.yabidos.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pr.ybp.yahoo.com
pre.glotgrx.com
ps.eyeota.net
pubmatic-match.dotomi.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
rules.quantcount.com
s.amazon-adsystem.com
s.tribalfusion.com
s.yimg.com
s0.2mdn.net
s7.addthis.com
sb.scorecardresearch.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
stackpath.bootstrapcdn.com
stags.bluekai.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.extend.tv
sync.ipredictive.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
tagan.adlightning.com
tags.bluekai.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
uat5-b.investingchannel.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
v1.addthisedge.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
z.moatads.com
s7.addthis.com
104.109.78.125
104.16.200.58
104.16.64.54
104.18.10.207
104.18.13.5
104.21.192.118
104.26.3.70
104.92.72.137
107.178.240.89
13.226.155.102
13.226.155.24
13.226.155.52
130.211.23.194
142.250.184.194
142.250.184.200
142.250.184.225
142.250.185.129
142.250.185.166
142.250.185.170
142.250.185.226
142.250.185.98
142.250.186.162
142.250.186.46
142.250.74.194
143.204.209.115
146.59.148.16
151.101.129.44
151.101.130.133
151.101.130.49
151.101.2.133
151.101.65.108
159.253.128.188
162.55.6.213
169.197.150.7
172.217.23.102
172.217.23.98
172.67.68.60
172.67.70.134
172.67.74.129
178.250.0.165
178.250.2.130
178.250.2.146
178.250.2.151
178.62.202.251
18.156.0.31
18.192.135.64
18.195.183.48
18.197.116.184
18.66.242.153
18.66.248.11
184.30.20.198
184.30.24.121
184.31.84.150
185.29.132.245
185.33.221.15
185.33.221.88
185.64.189.112
185.64.189.114
185.64.189.115
185.64.190.80
185.86.139.89
188.165.137.78
198.148.27.139
2.21.141.232
207.244.104.157
212.82.100.176
213.155.156.183
213.19.147.44
216.46.185.183
216.58.212.130
216.58.212.132
23.218.208.200
23.218.209.154
3.123.163.175
3.123.82.137
3.125.70.222
34.149.20.76
34.199.172.6
34.201.255.167
34.98.107.212
35.157.246.167
35.201.71.192
35.210.178.101
35.241.45.217
35.244.159.8
35.244.174.68
37.157.4.28
38.27.122.126
46.228.164.11
46.228.164.13
52.16.151.94
52.18.85.49
52.44.110.4
52.46.154.242
52.48.137.92
52.48.175.241
52.57.27.215
54.205.198.41
54.236.220.178
54.77.232.22
54.80.147.122
64.58.232.180
66.155.71.150
67.202.105.22
69.173.144.139
69.173.144.141
69.173.144.165
72.251.241.204
74.125.133.154
76.223.111.131
85.114.159.118
87.248.118.23
89.207.16.201
91.228.74.133
99.81.41.171
00a1081b52175533a7f3b857f50cd13add6909e438464b56998e51d827ada440
03357e64ce1abe69e09ec26ec18fcc7d46b47c886733e4d2efe0a1f50a8f6e17
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
06a4e715241e257811d0814deb54b98c3588c5074d06acb10a4a5376273ea1fb
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18da3d22405e33fb58a4f7baa2dbca9748dc4beccb2152267138a72cdfc6ad1a
19a01f2044b1b1eb7b56f4d7e70498e95844a27eee6ef8ef5b48f4b0c0986659
19dde9d1e3e5bc2362fe50ac24c84279f68223d2e4a4cb5eb13fcd5dd560e497
1a682828281f9fb726ae86df4806749876d584f6c38928f088a04828c4d80a1a
1b3f1a6337f21366cf59487bb664dd0983c245ccf100be143f4366a07e005d09
2559f5eef5639041de7068e61f60bfd08fdf8128ac6bf64876377416d8953395
2581d556ceadd8cdd3eb15509ff94501871552563a71381393fc7b59611cbc1e
29d1e5453401263d835235fd249bf5891fbc3ffcecd82cc3fed01f7b79770d5a
2c9adacf90f2c434aef36301ba50b24bfe9b10651508fd1ff8880247106872c1
2d452ca7bf499867307ebfa48373084a42e1f56ec0a26e5bb2e12f01888c3cc9
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30ce1b3726b3649359e42cbdec0beece95f3a7b5e72d4820929a6f715d7219e0
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37a61a2b1f65e5d0cdd76735704c8ff6fb4da51719a25e31e679b2d345c024e9
393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7
394bf8b91c1c3866ccb590356e6264a17872a240a53d953eec570bd31a446c14
39635ca85c2a296acd8b9a656a0865e68d96a1c3f8853882e90f0f02d69dc437
39c6ec590be39bedd2592cbd4130f22e0d758b15ccb5c4be6f3569ce29df3247
3a9d21d68e1b2c04efe067a4c3cef02c886e221937994810d4f5cb5525545e99
3b029861bd353624a716ef3e8b82046fc0f20d73c4f82ae5d557c39aae1b3770
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9
3d4fe926f70e2866ad9873c60e853ec366cd923a0c93f2965698eea72bbf16ab
3d510e16e6e569e573980fd67a55221795d539fd56688ecaca8d284255e86ee6
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41cb25ed917ce280cfeb5f5a41fc8be429fcf924173d92c3fef0edf95f872163
41d43d8ed3eef60e6893cb833691b0dce72210ae423a0a8612da786af079bce2
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
443d41c905362e5073c79212ec86c5f69ddcfbc38f5530c6409b73c604e74259
47617c6d8393ab518f5158efd1e5316623d9fcb06036d5c15e3f4fdb57fde883
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b9ec88112cdc4fa1a5fdf1c25ef72fcec2bac8433e46d3563b0fd2a2c4e8a19
4cf833ad810353e51902d525ca24914b6056a1c38b29b03f8315c6757d485362
4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028
4d9dc9a42d525f6363c5f0137f3065ccb9497639d53f8e28b3aff09a77d5f23d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e158993abf3136f7d9c35ea1ace32e2a2add10adcc544937eab9c72f2711b8f
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fd83dba0f21a9793a134726c15e494e5639741f7712404a51aa0da90a37511e
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5195609afbc1fca03f3200b50d97a90a8eb0e4652108db990a1aa9a1c9f7a0af
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
610defd9499aceaa18d70483d9a22242df0cfa4c7cbcceda9a652e3dfef84285
655631c663058b15595742823ab8a838b415dda58b5e2727f6cc8907104703d0
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6a3677a95b3242dbfb22169858bfecac165e4bc1187de7fc96f0b6bb4a8ea0ba
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
6eac4f1bf5bf8976cc74f9d784adc40029ac907cf2ba54cc3c5a50c8e38cd122
6fa0da507132406b36e8885cf69e12918116bdb2163a96470e83937feff391eb
721e1d56c8936ca5c30b770768b5013e0c7859bc5e9f8954ebb242e9d0079e5c
7284fb1f16b44072acda2a8e8651f8d65d7d27893040c8cb67b81dad776bb134
746aa36d35981bc97017199cff5b942efb2c047daa83357c279129422fb16651
74e0705ba9740aea8c7f1f7a8e582ae656c55e1c8d047b212683fadb5e623fa7
75b1fec1f7df37c8e8e3deba868a4935bb1abd71b4bd6cccf677fdc46e469fd4
787116c5ad8ef6cf6dad39e648c1fa029d3c9edc936b5e3727e492fefc9758e8
789c1982568cfccb43ffaf842f8d36132c06d43ca0dcd5b1473b3544bf13f9f6
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7c7f3d82f4d447392787ff888d1b2224ce271bb691cd2909938b85d41f6ac018
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7f9164a13476744c911fea7dbab9a2924750f69f82ec1d51d2a09e64638952c0
7f941b8c4190696ffe563cd65d648faee92c126c608c71e2b0bfa1a3b2129a1e
812120e5ae14c01f8e582a6f65d8edd5be512183469167e1b4aa44babf4f16fd
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8408a222365247c42810574093e699b11e32d773fb94360a0263d5053b05bd2b
84ad400cfc4d16b827aa72aeb3942b71920a59abab300ab54c411b1a138b2fb3
867f961f194b5d150ed97de92a5920b39cb7426b9b9882beef7aa71003df01f0
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b
883d9e62a7a890a77f352d4d1fefb469880a05b586b6efd5597149076c7758a7
88f495783b4c9529f3af4c7c04c728d9535bc3af700f5511c45bb25fe9d7bcd5
8a152fa7d63042de67cd9f5f88a298cb1745da2f35510fadade49f651de13dc9
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8
904ebf3e0cbb436fc8510c6fb68fb815d85d0fff90a5696c3a206ff75a148de1
914afebab6b302b07f6fff89abb959a296281d0ecf9d9553a3f1574e5eda9431
919727cb167ed24ef364bcd297ffba4502a429638d8b786738724850d494363f
922851ab1a5fce51fbdb9306f1329bf8e80919b6c443b38792b183da23d15314
92e649098eefaf82db65282d7cbb4e65c738aca33c3fc8073a9c770fbcb0623d
9413ac70f0dfa293eae8e934799be6a1cde8cd96db876ce9bd127c41630847ee
94dbc2b8c346e21c33acc3282ad347f68547a5c36db412853677a264389e63e9
97d55994dafdc98fa17c99c5c39197d31cec5b963819d585ba4b8c580119947a
9bbaa256848e7a1e705b8daaa9f6804156473b2a61dda9d3cecc99d8a7518952
9e1fdb1ea85275831affe13cf72a4ee6166b19ab02e60794ded6e7232dac63fa
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a35ef16718abb35df0887bcc5c7b49eed91e0604d5594bad347846bc59993496
a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec
a9d7f40c5bb6d9c8149a3bf36170b958bbf2ba6056ba0bfe691cdba62de6cbc6
ac4143ef552c921548a5c4f532cca79fb4199e70297799e5479c4608ac04d500
ac828be9eacb996ccdf11871690f6b8b83aadcb4deac680f260678056051707e
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
b0d3c714f4853109713859aa132cd874d39ee06b9cf4167c7b4be0efe8a3dfc0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290
b881933fe54cb1f5fff57af861b24625152804dc14462501e7f1fde3b11fe4a1
b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd
bcb11bb88ad0d7ad4e7260a29db09787a3f487623bdab2e631d519b91cd10201
bebe46bc6e34d473754ae363d7be2509ff80e349c3e7f80cf407698ba3fb9906
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4cbcc68d7a949e09034b1bdf19f4da6d9727b7f0d91bfaa146579d84d027f25
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
c7b3818acee15b65e636d1c8f2581f30af6d3e9958e110162eea6606426f2dd2
ca4a64f25051d73e715e78148b0d5e8f9b9bcc30d1f7555ac7739fb69fc919c6
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfac7eb5d2110e8d38b369957d0367a02b179529dcd322feff8ab35a2fe03f27
d212bb83b7d65d35b982f49bc7a347a3bb383d702d6f6adc6c34d51e4858bec9
d35e9ff7b6333910cedef6d54c93a010d3ea782a54424b902dc4e8cb964bc53c
d4c11ce581a9aaa7c2cf021e68b2bff0dd1d3ad74e65dc8c308f96ce1fadd2c4
d60560d22e6264effb7f9b776f7e377ec41642d25d7e123f7b0ee603d83e6385
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d931d1e6c2e9c92c4e45f49d2b671c33115031d9eca9dc31a85a5fdf3e1d9652
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da3c5a2e809324e17c200da5501c0504fa5abe3acbd74dc7b53f4d61a06b66c6
da5c506770b6555bdca727b028f8934b1aadafd2c548fa257e216b4a0f92905d
db6b891d30969b23b48a2c0b7c78ba3c102473280fe008f34ba0a2e40b5ed15f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
df81f27eecd20dc520adc28394b76f0af92e595f2b0bf085abaeff111b48e84b
e1023fc5b7b2cb762dd4ad14fcf4787fa945fca4a37518cd0d6b411c248dc201
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f9e20e5d9602f0d42125d8a5b146fa69140fa15a919b1d369e3f6bb8753629
e9072a5beab750c324a03039ba66828e3dc768c990cf80b894d209d74fc9d920
ecc20ed3c5dedbe5bbe73d1e7b14270c65a85f7d0ec4c94c4f0c9f0071e471a2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ab60d9650741b87ac789f80a7ec5fd117800787b68085f1ec60dca4f2950ac
f2851c9f31a30e8744129c5fed3319b0b2c1769e35b8e9272bc72f46e2627e24
f45f42097ab97da2bd3034f5f7331e2283a38f7147638825cd71912fe8dcbbb6
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
f4b12f61ea94f67e2cc131eb12848f620dfadcdc1dbedc69dfee55b71af252f3
f6ceb8dacf80b688eac4bab642129b08e42f2a06868a5e245032a37fa19993e1
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
fe5b7f6522e28878e714d5189017d9295207fa3389eaf9d7452e27fd88282cb7
fe914b2850623c749a0252c42fa922e6add7ddcffa938a4e99e24528cbcee3d3
ff1397ab953ecaf1d9db1e721b1abc05c882e56d9034cd254b3fdac62c1a61ad