Submitted URL: http://mail.notateslaapp.com/
Effective URL: https://mail.notateslaapp.com/
Submission: On December 06 via api from US — Scanned from US

Summary

This website contacted 94 IPs in 8 countries across 90 domains to perform 661 HTTP transactions. The main IP is 74.81.93.82, located in United States and belongs to NTHL, US. The main domain is mail.notateslaapp.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on December 5th 2022. Valid for: 3 months.
This is the only time mail.notateslaapp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 74.81.93.82 11042 (NTHL)
3 2607:f8b0:400... 15169 (GOOGLE)
29 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2607:f8b0:400... 15169 (GOOGLE)
7 2606:4700::68... 13335 (CLOUDFLAR...)
7 13.32.208.62 16509 (AMAZON-02)
4 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:e6:... 13335 (CLOUDFLAR...)
9 16 142.251.32.98 15169 (GOOGLE)
1 3 13.249.37.223 16509 (AMAZON-02)
1 2600:9000:20a... 16509 (AMAZON-02)
26 2607:f8b0:400... 15169 (GOOGLE)
6 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 13.32.208.89 16509 (AMAZON-02)
1 2600:9000:20a... 16509 (AMAZON-02)
1 3 13.32.151.45 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
15 3.92.156.8 14618 (AMAZON-AES)
13 99.84.184.78 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
19 3.89.34.248 14618 (AMAZON-AES)
13 23.221.200.33 16625 (AKAMAI-AS)
2 18 172.64.154.237 13335 (CLOUDFLAR...)
12 54.82.108.184 14618 (AMAZON-AES)
12 2620:100:a001... 19750 (AS-CRITEO)
13 3.230.146.96 14618 (AMAZON-AES)
4 24 34.98.64.218 396982 (GOOGLE-CL...)
30 52.4.33.45 14618 (AMAZON-AES)
12 104.36.115.111 62713 (AS-PUBMATIC)
12 2602:803:c002... 26667 (RUBICONPR...)
8 27 68.67.179.153 29990 (ASN-APPNEX)
49 52.20.56.171 14618 (AMAZON-AES)
13 199.250.166.129 26459 (TTD-ASN-01)
12 8.2.111.123 46636 (NATCOWEB)
2 3.231.190.210 14618 (AMAZON-AES)
2 18 52.46.130.91 16509 (AMAZON-02)
2 162.19.138.117 16276 (OVH)
1 2001:41d0:701... 16276 (OVH)
1 20.40.202.2 8075 (MICROSOFT...)
8 9 35.211.178.172 15169 (GOOGLE)
10 14 162.19.138.118 16276 (OVH)
3 13.249.39.80 16509 (AMAZON-02)
10 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 54.163.73.10 14618 (AMAZON-AES)
4 10 3.92.113.255 14618 (AMAZON-AES)
5 23.221.203.12 16625 (AKAMAI-AS)
3 34.205.97.218 14618 (AMAZON-AES)
8 23.3.115.102 16625 (AKAMAI-AS)
4 5 52.45.33.138 14618 (AMAZON-AES)
5 30 52.223.22.214 16509 (AMAZON-02)
1 29 2607:f8b0:400... 15169 (GOOGLE)
1 13.249.39.67 16509 (AMAZON-02)
1 3.224.200.106 14618 (AMAZON-AES)
1 35.241.45.217 15169 (GOOGLE)
1 1 3.33.220.150 16509 (AMAZON-02)
15 16 35.71.131.137 16509 (AMAZON-02)
15 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
5 5 151.101.194.49 54113 (FASTLY)
4 6 2600:1f18:4e9... 14618 (AMAZON-AES)
1 12 192.40.39.223 27381 (CASALE-MEDIA)
1 1 3.13.195.187 16509 (AMAZON-02)
1 1 54.146.141.63 14618 (AMAZON-AES)
10 10 70.42.32.31 13789 (INTERNAP-...)
6 7 72.247.65.183 16625 (AKAMAI-AS)
4 4 54.85.151.23 14618 (AMAZON-AES)
1 4 3.231.99.187 14618 (AMAZON-AES)
2 2 185.167.164.39 198622 (ADFORM)
6 6 8.28.7.82 62713 (AS-PUBMATIC)
3 3 162.248.18.37 62713 (AS-PUBMATIC)
2 2 8.28.7.84 62713 (AS-PUBMATIC)
10 13 8.43.72.98 26667 (RUBICONPR...)
1 2 54.152.229.173 14618 (AMAZON-AES)
4 5 2620:1ec:21::14 8068 (MICROSOFT...)
1 4 104.18.99.194 13335 (CLOUDFLAR...)
1 1 204.62.13.72 46636 (NATCOWEB)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 7 2607:f8b0:400... 15169 (GOOGLE)
2 2 68.67.160.114 29990 (ASN-APPNEX)
1 22 35.172.99.217 14618 (AMAZON-AES)
2 2 44.201.217.92 14618 (AMAZON-AES)
6 6 199.127.204.171 26120 (RHYTHMONE)
1 1 198.148.27.140 19189 (PULSEPOINT)
3 4 64.202.112.63 23352 (SERVERCEN...)
3 3 54.243.215.75 14618 (AMAZON-AES)
1 1 129.158.42.199 31898 (ORACLE-BM...)
1 38.91.45.7 398989 (DEEPINTENT)
3 3 52.71.247.220 14618 (AMAZON-AES)
1 1 199.187.193.182 47043 (SMARTADSE...)
1 1 67.202.105.24 32748 (STEADFAST)
1 1 20.127.253.7 8075 (MICROSOFT...)
6 6 216.200.232.249 30419 (MEDIAMATH...)
2 2 44.209.207.157 14618 (AMAZON-AES)
1 1 202.241.208.54 4694 (IDCF IDC ...)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
2 2 23.78.168.242 16625 (AKAMAI-AS)
1 34.102.243.38 396982 (GOOGLE-CL...)
1 13.32.151.21 16509 (AMAZON-02)
2 4 2620:100:a001::c 19750 (AS-CRITEO)
3 74.119.119.139 19750 (AS-CRITEO)
1 52.33.139.122 16509 (AMAZON-02)
1 34.120.155.137 396982 (GOOGLE-CL...)
20 35.171.241.248 14618 (AMAZON-AES)
1 52.94.222.140 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
3 6 107.178.246.49 15169 (GOOGLE)
8 2607:f8b0:400... 15169 (GOOGLE)
1 1 8.2.111.121 46636 (NATCOWEB)
6 6 2606:ae80:147... 26762 (CNVR-US-EAST)
1 2600:9000:219... 16509 (AMAZON-02)
2 104.18.36.94 13335 (CLOUDFLAR...)
1 23.221.202.212 16625 (AKAMAI-AS)
1 1 72.34.250.75 27630 (AS-XFERNET)
1 1 178.250.0.163 44788 (ASN-CRITE...)
1 1 104.36.115.113 62713 (AS-PUBMATIC)
6 6 44.197.49.190 14618 (AMAZON-AES)
3 6 54.149.113.230 16509 (AMAZON-02)
4 4 207.198.113.93 13768 (COGECO-PEER1)
4 4 54.196.39.164 14618 (AMAZON-AES)
4 4 54.198.41.119 14618 (AMAZON-AES)
4 4 35.190.60.146 15169 (GOOGLE)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 2620:112:f002... 6336 (TURN-US-ASN)
10 13.32.151.6 16509 (AMAZON-02)
1 1 34.171.234.26 396982 (GOOGLE-CL...)
1 96.16.28.127 16625 (AKAMAI-AS)
1 3.95.45.40 14618 (AMAZON-AES)
1 2 34.229.3.43 14618 (AMAZON-AES)
1 1 52.1.62.93 14618 (AMAZON-AES)
1 104.18.33.19 13335 (CLOUDFLAR...)
1 1 2620:116:800b... 27281 (QUANTCAST)
661 94
Apex Domain
Subdomains
Transfer
74 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1059
fastlane.rubiconproject.com — Cisco Umbrella Rank: 498
eus.rubiconproject.com — Cisco Umbrella Rank: 587
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1178
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1032
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 3380
token.rubiconproject.com — Cisco Umbrella Rank: 615
pixel.rubiconproject.com — Cisco Umbrella Rank: 351
123 KB
59 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1048
match.sharethrough.com — Cisco Umbrella Rank: 557
20 KB
55 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 970
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1227
ups.analytics.yahoo.com — Cisco Umbrella Rank: 317
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495
10 KB
44 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 234
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 203
googleads.g.doubleclick.net — Cisco Umbrella Rank: 39
282 KB
43 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 562
eb2.3lift.com — Cisco Umbrella Rank: 404
23 KB
38 googlesyndication.com
db254acb33f678ba851d2ed2560cd682.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 144
pagead2.googlesyndication.com — Cisco Umbrella Rank: 109
298 KB
35 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 333
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 552
s.amazon-adsystem.com — Cisco Umbrella Rank: 302
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1057
27 KB
34 notateslaapp.com
mail.notateslaapp.com
www.notateslaapp.com — Cisco Umbrella Rank: 369897
764 KB
31 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 539
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 467
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 588
dsum.casalemedia.com — Cisco Umbrella Rank: 1571
22 KB
30 adsrvr.org
direct.adsrvr.org — Cisco Umbrella Rank: 5332
insight.adsrvr.org — Cisco Umbrella Rank: 611
match.adsrvr.org — Cisco Umbrella Rank: 364
15 KB
30 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 238
secure.adnxs.com — Cisco Umbrella Rank: 486
acdn.adnxs.com — Cisco Umbrella Rank: 627
44 KB
29 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 504
ads.pubmatic.com — Cisco Umbrella Rank: 533
image8.pubmatic.com — Cisco Umbrella Rank: 661
image2.pubmatic.com — Cisco Umbrella Rank: 1051
image4.pubmatic.com — Cisco Umbrella Rank: 982
image6.pubmatic.com — Cisco Umbrella Rank: 734
34 KB
25 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1425
rtb.gumgum.com — Cisco Umbrella Rank: 1693
usersync.gumgum.com — Cisco Umbrella Rank: 2277
11 KB
24 openx.net
cafemedia-d.openx.net — Cisco Umbrella Rank: 6581
u.openx.net — Cisco Umbrella Rank: 738
us-u.openx.net — Cisco Umbrella Rank: 468
5 KB
20 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 763
gum.criteo.com — Cisco Umbrella Rank: 429
mug.criteo.com — Cisco Umbrella Rank: 2441
dis.eu.criteo.com — Cisco Umbrella Rank: 8029
14 KB
15 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 378
325 KB
15 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1107
id5-sync.com — Cisco Umbrella Rank: 476
36 KB
14 undertone.com
hb.undertone.com — Cisco Umbrella Rank: 4033
cdn.undertone.com — Cisco Umbrella Rank: 6678
usr.undertone.com — Cisco Umbrella Rank: 4754
8 KB
13 colossusssp.com
colossusssp.com — Cisco Umbrella Rank: 1684
sync.colossusssp.com — Cisco Umbrella Rank: 2356
4 KB
13 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1457
6 KB
12 google.com
adservice.google.com — Cisco Umbrella Rank: 87
www.google.com — Cisco Umbrella Rank: 2
2 KB
12 kargo.com
krk.kargo.com — Cisco Umbrella Rank: 2510
8 KB
10 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 617
6 KB
10 adthrive.com
ads.adthrive.com — Cisco Umbrella Rank: 5480
logger.adthrive.com — Cisco Umbrella Rank: 5914
280 KB
9 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 322
4 KB
7 tapad.com
pandg.tapad.com — Cisco Umbrella Rank: 1955
pixel.tapad.com — Cisco Umbrella Rank: 496
2 KB
7 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 579
tags.bluekai.com — Cisco Umbrella Rank: 575
4 KB
7 yieldmo.com
sync-amz.ads.yieldmo.com — Cisco Umbrella Rank: 6386
ads.yieldmo.com — Cisco Umbrella Rank: 700
sync-adform.ads.yieldmo.com — Cisco Umbrella Rank: 7692
sync-pm.ads.yieldmo.com — Cisco Umbrella Rank: 8818
3 KB
7 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1149
cloudflareinsights.com — Cisco Umbrella Rank: 1138
6 KB
6 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 222
5 KB
6 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 549
3 KB
6 dotomi.com
prebid-match.dotomi.com — Cisco Umbrella Rank: 2626
stx-match.dotomi.com — Cisco Umbrella Rank: 2221
casale-match.dotomi.com — Cisco Umbrella Rank: 3112
2 KB
6 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 509
3 KB
6 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 1881
api.rlcdn.com — Cisco Umbrella Rank: 929
id.rlcdn.com — Cisco Umbrella Rank: 608
idsync.rlcdn.com — Cisco Umbrella Rank: 392
37 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 38
40 KB
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 458
2 KB
5 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 638
944 B
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 190
234 KB
5 gstatic.com
fonts.gstatic.com
encrypted-tbn3.gstatic.com
143 KB
4 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 930
2 KB
4 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 886
3 KB
4 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 655
3 KB
4 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 820
1 KB
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 550
3 KB
4 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 592
716 B
4 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 784
1 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 65
211 KB
3 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 719
ice.360yield.com — Cisco Umbrella Rank: 2178
1 KB
3 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1101
1 KB
3 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1209
lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1431
1 KB
3 brandmetrics.com
cdn.brandmetrics.com — Cisco Umbrella Rank: 3629
collector.brandmetrics.com — Cisco Umbrella Rank: 3956
17 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 167
3 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 51
3 KB
2 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 1626
2 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 788
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 653
3 KB
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 598
701 B
2 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 1216
550 B
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1124
1 KB
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 3502
892 B
2 eqads.com
um2.eqads.com — Cisco Umbrella Rank: 3413
563 B
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 718
930 B
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1525
113 KB
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 721
511 B
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1729
561 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 601
338 B
1 addthis.com
cw.addthis.com — Cisco Umbrella Rank: 3407
427 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 985
658 B
1 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 1406
273 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 936
441 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1010
676 B
1 agkn.com
fid.agkn.com — Cisco Umbrella Rank: 4404
668 B
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1909
595 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1052
830 B
1 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 1722
618 B
1 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 1060
537 B
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1001
300 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1017
222 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1397
605 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 572
664 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 296
666 B
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2903
586 B
1 extend.tv
sync.extend.tv — Cisco Umbrella Rank: 2016
546 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1600
706 B
1 pghub.io
pghub.io — Cisco Umbrella Rank: 1839
4 KB
1 rkdms.com
mid.rkdms.com — Cisco Umbrella Rank: 1467
464 B
1 jwplayer.com
cdn.jwplayer.com — Cisco Umbrella Rank: 2663
6 KB
1 unpkg.com
unpkg.com — Cisco Umbrella Rank: 926
2 KB
1 cloudfront.net
d3div1mtym39ic.cloudfront.net
39 KB
1 npttech.com
www.npttech.com — Cisco Umbrella Rank: 9078
3 KB
661 90
Domain Requested by
49 btlr.sharethrough.com ads.adthrive.com
30 eb2.3lift.com 5 redirects ads.adthrive.com
eb2.3lift.com
30 c2shb.pubgw.yahoo.com ads.adthrive.com
29 tpc.googlesyndication.com 1 redirects mail.notateslaapp.com
cdn.confiant-integrations.net
cdn.ampproject.org
securepubads.g.doubleclick.net
tpc.googlesyndication.com
29 www.notateslaapp.com mail.notateslaapp.com
www.notateslaapp.com
27 ib.adnxs.com 8 redirects ads.adthrive.com
eb2.3lift.com
acdn.adnxs.com
26 securepubads.g.doubleclick.net ads.adthrive.com
securepubads.g.doubleclick.net
mail.notateslaapp.com
www.googletagservices.com
22 usersync.gumgum.com 1 redirects rtb.gumgum.com
eus.rubiconproject.com
20 prebid-a.rubiconproject.com ads.adthrive.com
19 prebid-server.rubiconproject.com ads.adthrive.com
mail.notateslaapp.com
eb2.3lift.com
18 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
u.openx.net
ssum-sec.casalemedia.com
sync-amz.ads.yieldmo.com
eb2.3lift.com
rtb.gumgum.com
match.sharethrough.com
eus.rubiconproject.com
us-u.openx.net
16 match.adsrvr.org 15 redirects ads.adthrive.com
16 cm.g.doubleclick.net 9 redirects mail.notateslaapp.com
u.openx.net
eb2.3lift.com
rtb.gumgum.com
eus.rubiconproject.com
15 cdn.ampproject.org cdn.confiant-integrations.net
15 c2shb.ssp.yahoo.com ads.adthrive.com
14 id5-sync.com 10 redirects cdn.id5-sync.com
ads.adthrive.com
13 direct.adsrvr.org ads.adthrive.com
13 cafemedia-d.openx.net ads.adthrive.com
13 tlx.3lift.com ads.adthrive.com
13 htlb.casalemedia.com ads.adthrive.com
13 a.teads.tv ads.adthrive.com
13 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
12 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
um2.eqads.com
12 colossusssp.com ads.adthrive.com
12 fastlane.rubiconproject.com ads.adthrive.com
12 hbopenbid.pubmatic.com ads.adthrive.com
12 bidder.criteo.com ads.adthrive.com
12 krk.kargo.com ads.adthrive.com
10 usr.undertone.com cdn.undertone.com
ssum-sec.casalemedia.com
10 b1sync.zemanta.com 10 redirects
10 match.sharethrough.com 4 redirects s.amazon-adsystem.com
match.sharethrough.com
9 us-u.openx.net 3 redirects u.openx.net
ads.adthrive.com
us-u.openx.net
9 x.bidswitch.net 8 redirects
8 pagead2.googlesyndication.com www.googletagservices.com
mail.notateslaapp.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
8 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
rtb.gumgum.com
ads.adthrive.com
cdn.undertone.com
7 pixel.rubiconproject.com 4 redirects eus.rubiconproject.com
7 www.google.com 2 redirects mail.notateslaapp.com
tpc.googlesyndication.com
7 ads.adthrive.com mail.notateslaapp.com
ads.adthrive.com
6 cloudflareinsights.com static.cloudflareinsights.com
6 dpm.demdex.net 3 redirects cdn.undertone.com
ssum-sec.casalemedia.com
6 match.prod.bidr.io 6 redirects
6 pixel.tapad.com 3 redirects pandg.tapad.com
us-u.openx.net
6 sync.mathtag.com 6 redirects
6 image8.pubmatic.com 6 redirects
6 stags.bluekai.com 6 redirects
6 pr-bh.ybp.yahoo.com 4 redirects u.openx.net
ssum-sec.casalemedia.com
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
5 px.ads.linkedin.com 4 redirects eus.rubiconproject.com
5 sync-tm.everesttech.net 5 redirects
5 www.googletagservices.com mail.notateslaapp.com
5 ads.pubmatic.com s.amazon-adsystem.com
rtb.gumgum.com
ads.adthrive.com
5 ssum-sec.casalemedia.com 2 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
cdn.undertone.com
5 adservice.google.com securepubads.g.doubleclick.net
5 mail.notateslaapp.com 1 redirects mail.notateslaapp.com
4 sync.crwdcntrl.net 4 redirects
4 pm.w55c.net 4 redirects
4 pixel-sync.sitescout.com 4 redirects
4 token.rubiconproject.com 4 redirects
4 gum.criteo.com 2 redirects ads.adthrive.com
4 sync.outbrain.com 3 redirects rtb.gumgum.com
4 sync.1rx.io 4 redirects
4 p.adsymptotic.com 1 redirects eb2.3lift.com
us-u.openx.net
cdn.undertone.com
4 ads.yieldmo.com 1 redirects sync-amz.ads.yieldmo.com
4 sync.srv.stackadapt.com 4 redirects
4 ups.analytics.yahoo.com 3 redirects us-u.openx.net
4 fonts.gstatic.com fonts.googleapis.com
4 www.googletagmanager.com mail.notateslaapp.com
www.googletagmanager.com
3 mug.criteo.com mail.notateslaapp.com
3 sync.ipredictive.com 3 redirects
3 image2.pubmatic.com 3 redirects
3 hb.undertone.com ads.adthrive.com
3 sb.scorecardresearch.com 1 redirects ads.adthrive.com
mail.notateslaapp.com
3 logger.adthrive.com ads.adthrive.com
3 c.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
3 fonts.googleapis.com mail.notateslaapp.com
cdn.confiant-integrations.net
2 casale-match.dotomi.com 2 redirects
2 loadm.exelator.com 1 redirects cdn.undertone.com
2 idsync.rlcdn.com 2 redirects
2 pippio.com 2 redirects
2 id.rlcdn.com 2 redirects
2 stx-match.dotomi.com 2 redirects
2 js-sec.indexww.com ads.adthrive.com
2 prebid-match.dotomi.com 2 redirects
2 googleads.g.doubleclick.net mail.notateslaapp.com
2 secure-assets.rubiconproject.com 2 redirects
2 creativecdn.com 2 redirects
2 cs.emxdgt.com 2 redirects
2 ad.360yield.com 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 ads.avct.cloud 2 redirects
2 secure.adnxs.com 2 redirects
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 pixel-us-east.rubiconproject.com 2 redirects
2 image4.pubmatic.com 2 redirects
2 c1.adform.net 2 redirects
2 u.openx.net 1 redirects s.amazon-adsystem.com
2 lb.eu-1-id5-sync.com cdn.id5-sync.com
ads.adthrive.com
2 g2.gumgum.com ads.adthrive.com
2 cdn.brandmetrics.com ads.adthrive.com
cdn.brandmetrics.com
2 cdn.confiant-integrations.net ads.adthrive.com
cdn.confiant-integrations.net
1 cms.quantserve.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 beacon.lynx.cognitivlabs.com 1 redirects
1 beacon.krxd.net cdn.undertone.com
1 tags.bluekai.com cdn.undertone.com
1 cw.addthis.com cdn.undertone.com
1 um.simpli.fi 1 redirects
1 pixel.advertising.com 1 redirects
1 ad.turn.com 1 redirects
1 image6.pubmatic.com 1 redirects
1 dis.eu.criteo.com 1 redirects
1 ice.360yield.com 1 redirects
1 sync.go.sonobi.com 1 redirects
1 acdn.adnxs.com ads.adthrive.com
1 cdn.undertone.com ads.adthrive.com
1 sync.colossusssp.com 1 redirects
1 aax-eu.amazon-adsystem.com eus.rubiconproject.com
1 api.rlcdn.com ads.adthrive.com
1 fid.agkn.com ads.adthrive.com
1 geo.privacymanager.io ats.rlcdn.com
1 pandg.tapad.com pghub.io
1 tg.socdm.com 1 redirects
1 sync.inmobi.com 1 redirects
1 ssc-cms.33across.com 1 redirects
1 ssbsync.smartadserver.com 1 redirects
1 match.deepintent.com rtb.gumgum.com
1 sync.technoratimedia.com 1 redirects
1 bh.contextweb.com 1 redirects
1 c.bing.com eb2.3lift.com
1 inv-nets.admixer.net 1 redirects
1 sync-pm.ads.yieldmo.com sync-amz.ads.yieldmo.com
1 sync-adform.ads.yieldmo.com sync-amz.ads.yieldmo.com
1 sync.extend.tv 1 redirects
1 sync.adotmob.com 1 redirects
1 encrypted-tbn3.gstatic.com mail.notateslaapp.com
1 insight.adsrvr.org 1 redirects
1 pghub.io ads.adthrive.com
1 mid.rkdms.com ads.adthrive.com
1 ats.rlcdn.com ads.adthrive.com
1 sync-amz.ads.yieldmo.com s.amazon-adsystem.com
1 rtb.gumgum.com s.amazon-adsystem.com
1 db254acb33f678ba851d2ed2560cd682.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 collector.brandmetrics.com cdn.brandmetrics.com
1 lbs.eu-1-id5-sync.com cdn.id5-sync.com
1 cdn.id5-sync.com mail.notateslaapp.com
1 cdn.jwplayer.com ads.adthrive.com
1 unpkg.com ads.adthrive.com
1 d3div1mtym39ic.cloudfront.net mail.notateslaapp.com
1 www.npttech.com mail.notateslaapp.com
1 static.cloudflareinsights.com mail.notateslaapp.com
661 150

This site contains links to these domains. Also see Links.

Domain
www.notateslaapp.com
twitter.com
www.facebook.com
www.youtube.com
dimo.zone
Subject Issuer Validity Valid
notateslaapp.com
cPanel, Inc. Certification Authority
2022-12-05 -
2023-03-05
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-07-03 -
2023-07-03
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.adthrive.com
Amazon
2022-06-05 -
2023-07-04
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-11-07 -
2023-01-30
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
c.amazon-adsystem.com
Amazon
2022-05-09 -
2023-04-18
a year crt.sh
jwplayer.com
Amazon
2022-11-27 -
2023-12-25
a year crt.sh
*.scorecardresearch.com
Amazon
2022-01-29 -
2023-02-27
a year crt.sh
*.confiant-integrations.net
E1
2022-11-24 -
2023-02-22
3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-08-02 -
2023-01-25
6 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon
2022-06-15 -
2023-06-15
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-08 -
2023-04-04
a year crt.sh
teads.tv
R3
2022-10-27 -
2023-01-25
3 months crt.sh
*.app.kargo.com
Amazon
2022-01-06 -
2023-02-03
a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-10-31 -
2023-01-26
3 months crt.sh
*.3lift.com
Amazon
2022-05-13 -
2023-06-11
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2022-06-13 -
2023-07-14
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
*.sharethrough.com
Amazon
2022-07-14 -
2023-08-12
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
*.colossusssp.com
Go Daddy Secure Certificate Authority - G2
2022-09-08 -
2023-10-10
a year crt.sh
*.gumgum.com
Amazon
2022-09-14 -
2023-10-11
a year crt.sh
s.amazon-adsystem.com
Amazon
2022-05-09 -
2023-04-21
a year crt.sh
*.eu-1-id5-sync.com
R3
2022-11-09 -
2023-02-07
3 months crt.sh
*.brandmetrics.com
Go Daddy Secure Certificate Authority - G2
2022-06-11 -
2023-06-11
a year crt.sh
*.id5-sync.com
R3
2022-11-09 -
2023-02-07
3 months crt.sh
*.undertone.com
Amazon
2022-09-03 -
2023-10-01
a year crt.sh
*.google.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.ads.yieldmo.com
Amazon
2022-04-25 -
2023-05-24
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-11-07 -
2023-01-30
3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2022-02-03 -
2023-02-25
a year crt.sh
*.rkdms.com
Amazon RSA 2048 M01
2022-10-20 -
2023-11-18
a year crt.sh
*.pghub.io
DigiCert TLS RSA SHA256 2020 CA1
2022-02-02 -
2023-02-17
a year crt.sh
misc-sni.google.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-11-08 -
2023-05-03
6 months crt.sh
um3.eqads.com
Amazon
2022-06-11 -
2023-07-09
a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02
2022-11-25 -
2023-05-25
6 months crt.sh
www.google.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2
2022-05-02 -
2023-06-03
a year crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2
2022-01-15 -
2023-01-13
a year crt.sh
*.ad-server.k8s.ggops.com
Amazon
2022-02-09 -
2023-03-10
a year crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1
2022-09-14 -
2023-10-15
a year crt.sh
*.privacymanager.io
Amazon
2022-08-26 -
2023-09-24
a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1
2022-09-06 -
2023-09-21
a year crt.sh
aax-eu.amazon-adsystem.com
Amazon
2022-07-20 -
2023-07-19
a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018
2022-10-21 -
2023-10-22
a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-09-27 -
2023-03-22
6 months crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA
2022-02-27 -
2023-02-28
a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA
2022-02-26 -
2023-03-01
a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1
2022-10-20 -
2023-10-19
a year crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1
2022-09-26 -
2023-10-27
a year crt.sh

This page contains 53 frames:

Primary Page: https://mail.notateslaapp.com/
Frame ID: 6A89DF475738282DC89D81DEE1BFE782
Requests: 388 HTTP requests in this frame

Frame: https://ads.adthrive.com/builds/core/b1d93de/html/topics.html
Frame ID: C3AB3C541DFB77B1B47AFA389C12C4DD
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&dcc=t
Frame ID: A17CB6E72D09CAEFD8651FE18CFD9C8E
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: F001B17B52AE03358B0D6F1ECA87F11F
Requests: 2 HTTP requests in this frame

Frame: https://db254acb33f678ba851d2ed2560cd682.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F3F38D94228BD327135A9D5925E01484
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: 5B21DF58AC11A7123061A1DAA374FB89
Requests: 16 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: D42AF39CCB0C57A32BDC78D58E365586
Requests: 9 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: C6C7CA0F1A2CD90FF22DAE25D122901B
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 7D337F9CDD4BC1FF63A572AF56ACC0E3
Requests: 1 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Frame ID: 5A513AAEDB263B130C1B7FDB6D9D5177
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: D5E6C83956C7230EDA6E793B65AC700C
Requests: 11 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1RSW9sYlpwRTJ1Sy5OWU15SnM3cU1uN3M1aTlOVHl0d35B
Frame ID: 10D465BD1A59C26F380BE82C86C55660
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 6C1C648E27E0FC4E6F9B62BDA71E6E9B
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=630481314781216515&ex=appnexus.com
Frame ID: 1B19E5DF9F639A857A06C2B08D22C2FF
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3483547462859989278829
Frame ID: D46DFF1C989D7F91ECB2A8A889400608
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D%24UID&ld=1
Frame ID: 928DF99362A72C992D1D3DF61809E398
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssvlL4JxIWpBySmbR0nKvNfaE9lIFULfPx5eIEXoP_IStuq6rfw_7eRBuiXeX1LGv9Ps-UbvFRWNZoEgH5-wRE1wuBvSXE5aefNhLzb4-MM4J8s9YCVg4ajwgHcIJLzA0EVNsbGGNyUhIyxIpfiRbBfM55v2zIXH67yaKPkzpmSZiQq-VTuRUhyBL41hhR2XqLvKdb-0a5ASUe-N-zQlWTZ1HdEEtH8veuQe0HJwc2FXeV8d8DB-MwpdnWqUJ52w39tPHGfsPEMqslaKsgAuanb-H2LptHT5d6kacq0dLYMM8u30A0yAY6kUZwTG1p6i2BmdWMh_66hrMtneQqqmIk28qQrZbG1nhdqkmXxXXyIEhrw&sai=AMfl-YT7U3MSTsSD_JEmW7iAejMQwIfByftwqlVxFRLMoRNaN0lVrYkcFj4V0oZY5WPswfF2Mk1CaGxRRdSAsrO1jnI4llXp4dbfTRBKSuOfANLaieKozoGGJ2jWZWflb6D-C1sK4r8DPPWJHq2G5lAIlz0&sig=Cg0ArKJSzG56Sb179WZ8EAE&uach_m=[UACH]&adurl=
Frame ID: ED5CB1EC35DC4B680D07F0948E990907
Requests: 7 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: 95151A9E19147707CE04025E4FD388DA
Requests: 17 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvF6Bn47OyMRoU3YxCfdTRSR5LCa5ur9_ehZyVOPcFcqTp59-R8ILojubxixKk0vFztLWjicXi9eLusGBdrvLSOXiMoIfNJQKxzrJsj0fbALgMarn8kHEAP4KVPFcXa5iLk6dOba_DH5mpfMRhIKjUxEXPk8PUNpZX3fRz1HSm_LKU0kkCl0NqcnU8iGb2NKYgBrRltkR2WLUI_f1jB5AxYhNlykGoa-VAE6V79sc1rkoqBagY7adl_oJG8oGJYcqf3hh5oqged8sQU_vgyOEB0QQ99HpuVzQqRWaVkVhCxT2yVIrtkwkqWeeEdjXACcz307a829hYeJv-SrYBvXjcVroMe5Ww3A2j9Dqug8DlBD4mKUA&sai=AMfl-YRi5O-dhSFUJ8pBQ_kmHPdFDHuAPRz40mfu7CwtwXgOEDYxVLQ5hiK-IVAN-4SFjudRk_vH22mUgO5NrvNOx9EEQWX_vrFe5YYofs-bGIatE-hVezQiM9DiMgOSG6A9I5WIwQU1uk3YF7K4XGH7OmY&sig=Cg0ArKJSzMhetZJW4wHlEAE&uach_m=[UACH]&adurl=
Frame ID: 4B018A2DFEFFA131E8C53CECBD80BCAB
Requests: 7 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: B444BEC9DD3C314A197DB8A2C8DB49B7
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: 400115F5FC58AD0E0EC9B1008FFBF92F
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuh6qgrusMSZ5gLTpXGVfaLbRRpt0_dJDDB1aOVDI7b1jK67nv7e5COjNIyECNcSYwBa1hT00WjmnH_JkOG7apKnVr__alrly12olbMi84OtoLzWVxMCXmddCEDM9PIaBEC63uHOLKSIx0YQVDRI9oHVOsS_w1c0-KTEwhxnstlOeKzsQPj4Xak5vzKVfLQ0XkBMS882EDTxefMe073rszJZZD0zfGc-ooqKv6MVKYErJfcMYoG4DPiByssQKBurnkge7U8dnwqbVoKYo-hU4bKaIqDtkm-NCat5wMbxsxxSsqWUPFdooUkAl-EhiQSX4b4E4QrURyjTYiCtWTAFfleau_MUj1i80YfRXC347AgcC65Ew&sai=AMfl-YTbfjDmhr2Qg1mwTz3REc7NXuBfmOIppPx0zqA7-_o68GiqJ_jX36WFxIttGpzCH3b7LbIk4oOSxiZOWFsIvqZkHRNPSiVHCC6qQEIeS-ZOcawNpAXIP82TiQ466J-U1w4sErwukejCUL3nUe2TqdU&sig=Cg0ArKJSzPJFTlD_H1yeEAE&uach_m=[UACH]&adurl=
Frame ID: A669F88876A6CFD6672144D2E1C1EF0B
Requests: 6 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=inm&i=ID5-8ecbq4TvVHhIvZpG6uftSXWbGT0sPgb2CB3elwpomA
Frame ID: 3C7CF960D85FC0154D963042890DA7B8
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 1FDF5E8BE01F401C683FECCD4A417D23
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=20b9b72d-4be5-428b-b562-110fee7c8206
Frame ID: E8E984A78E9E0457B51B9CDF9C2A6C4F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=d460638f-a35f-4400-9851-98d66543df75&gdpr=&gdpr_consent=
Frame ID: CFC5A5DAEFD6993411B320A381986DCA
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=Y4_jXQAB-6N2IwAo&gdpr=&gdpr_consent=
Frame ID: 53A9E8774C1E5F21CBFDF0A47CFFC90E
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV9kYjUzYTk2Yi05NDU1LTRkNDAtODVkOS0yMzc2NTI4MDQyNWM=&gdpr=&gdpr_consent=
Frame ID: 725FBDA6FD4A0001F74B4A4EB90B40F3
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=emx&i=630481314781216515brt53491670357855485780b3
Frame ID: 7643E9B07AAB1A072BC70BF287988187
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Y4.jX8Co5sIAAG38AX8AAAAA
Frame ID: F5FFADF7EB0651500019B60B31ACE88F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Y4.jW4WwZUQrKydWgaf8DQAA%26405
Frame ID: E424437EFAB9B6957AEAB76E13D8CE98
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=SLlbXMgQTt2RTMWCN2sl&pi=gumgum&tc=1
Frame ID: 043ABC4DD74418E2FD3E2808101066DB
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: B8EBD2054A8E1FB66F21621DD2E45736
Requests: 3 HTTP requests in this frame

Frame: https://pandg.tapad.com/tag?referrer_url=&page_url=https%3A%2F%2Fmail.notateslaapp.com%2F&owner=P%26G&bp_id=cafemedia&initiator=js
Frame ID: EF6016551BF81682057670A4824B47A1
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: CD34EED8025C2FD2C23A454245D2ADE9
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst4Hfsu-0h2SfVrKLwoAlKB2WzJJU3X3HsMwHBGqXmBQUG37xorMOG-vtECxu7BSypvDxxaAeRJgv9elsjO2pzy0w1jWZX3lB9ERtYlqyYGtMG7oLHZEC0NI2DMUs4g2AE-ib7T_Cpn43M2Oyyiso1qun4GfCjmcvKw39hyvAA_M8JoAfkbc4rR8VtSmduR8nM-JNwhq46e-P2sYR8snlcmtD10HiZT73muNPUnP6sqKqokYA_P7wImPLDyseeKEf8mltf8HJLlqNkNM8Ir6BlfuOYuzRV6mLUL-xHfxI5q0-QMfYvV8u9fF8xG9rxl4RVfxOfvqhssJyVjMmcC48paEewjWc-pUQliP78tUEEEGj_gdQ&sai=AMfl-YT7MD-StiX3YNftGc1D7YPS1iP9TdyvliLwTKItprgAX-7Gby48jGzYWnMzmXQOtaC1JeVj0SmDP-TKABHHv2tEtyzJRRoYdE6pTsdBNmvcOWJj3YbmF_HTsoUqYXXCgA&sig=Cg0ArKJSzBgvDAZY7_mIEAE&uach_m=[UACH]&adurl=
Frame ID: 2570FEFD38D8E00A81C6EB54C4BC2D06
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss3f7bZjJEHOWM7Yk3O9HB9xG9GI2A_6j6CW4te9amOhkOjbvA073gv3iT7AIOUoI6hnzA5m_uLSNq_FSMSt55b4_r5yBtuArwkP4gBgXHTNj0ma1eBU10qIKjFtJ3oeJGHaqvP53Q5CL8wCOWj6DgXQfZyUe9OiIjUmKfy31f2OImaya2D1Cva7V_0cfAWTSOlzdh8bf6M0BqQ4twrsdLlAe199Y2p8M3hwcbS1T9TTx-t5IJrVd0erdrUC8MZvsBhvyRtvU8u0uZ73uQCoGgzcqfyAw7yl4rqOScYiCvxDID0BuyCrFl_7aPr4W3up8p4uVTJHPyPHxGxi9aP1Kx-QWnNTCsrVgmDJmQVn1Y8oeoNnQ&sai=AMfl-YTQRddFNT_mD40DTllnY72uA-kqwIFxSJXrFYImskKLLnYcDK6EFLvR4cdULIaMelhfemyS4eZxsJ_iBGDUSpNnDNx_cu83zD7NNpInuxoGLmMOsZYEVpA796Fnl4YMog&sig=Cg0ArKJSzKPQe6i0zUDuEAE&uach_m=[UACH]&adurl=
Frame ID: FFB8BF19C839CAB197D8DFDAE18AA591
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D
Frame ID: 235C19AE11D0647109FD575B4042208A
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&
Frame ID: 59459CB7F55C995888609924A168E7DF
Requests: 11 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=6585c845-3352-4cde-9ab7-778c3d7b7585&gdpr=0&us_privacy=1---
Frame ID: 128C971EB5C898DBE6820B9A7C960A8F
Requests: 7 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=criteoPrebidAdapter&topUrl=www.notateslaapp.com&us_privacy=1---
Frame ID: 1D52DBB107EC77DC210ED835F4F86054
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&
Frame ID: E6A1B906194A96FBA52A8B7FE968059C
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157347&us_privacy=1---
Frame ID: F6D012BA84327EC8F6BE837BCE82F2A4
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: 3507C4705509A58E75E56D0530A2345C
Requests: 2 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Frame ID: ADA7F5C29F751AE4C8EE1EE14BBB0670
Requests: 15 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157347&us_privacy=1---
Frame ID: B705634DEA4F4BE4BBCB609F5F811AAF
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 688351B933D57E440E725A78A003CDB0
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 4CDE87F075AEE3A35ADB1890876AF085
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 56CE3DBA430FE1A8017873ACC7AA271F
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Frame ID: B6CCCCAAB2117CB6992D3144D95A6EDB
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: CE0BE13BD6DA3C06BCA1EE75F3C8D140
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 27DF782C5E786ECC552BED87C8519F48
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C2C6DEF7656B29E421A8BF2876A3EA9B
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Tesla News, Latest Software Updates, Tesla Rumors and Tips

Page URL History Show full URLs

  1. http://mail.notateslaapp.com/ HTTP 301
    https://mail.notateslaapp.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

661
Requests

82 %
HTTPS

25 %
IPv6

90
Domains

150
Subdomains

94
IPs

8
Countries

3178 kB
Transfer

7174 kB
Size

167
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mail.notateslaapp.com/ HTTP 301
    https://mail.notateslaapp.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41
  • https://c.amazon-adsystem.com/aax2/apstag.js HTTP 301
  • https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
Request Chain 66
  • https://sb.scorecardresearch.com/b?c1=2&c2=20567959&cs_it=b3&cv=3.8.0.210223&ns__t=1670357848736&ns_c=UTF-8&c7=https%3A%2F%2Fmail.notateslaapp.com%2F&c8=Tesla%20News%2C%20Latest%20Software%20Updates%2C%20Tesla%20Rumors%20and%20Tips&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=20567959&cs_it=b3&cv=3.8.0.210223&ns__t=1670357848736&ns_c=UTF-8&c7=https%3A%2F%2Fmail.notateslaapp.com%2F&c8=Tesla%20News%2C%20Latest%20Software%20Updates%2C%20Tesla%20Rumors%20and%20Tips&c9=
Request Chain 114
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&dcc=t
Request Chain 119
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=1---&account=&f=i&uid=b1d435b5-77d4-4214-8692-93c49c8f540c
Request Chain 161
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=b1d435b5-77d4-4214-8692-93c49c8f540c
Request Chain 194
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 199
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1RSW9sYlpwRTJ1Sy5OWU15SnM3cU1uN3M1aTlOVHl0d35B
Request Chain 201
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=630481314781216515&ex=appnexus.com
Request Chain 202
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3483547462859989278829
Request Chain 204
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D%24UID HTTP 302
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D%24UID&ld=1
Request Chain 234
  • https://insight.adsrvr.org/track/evnt/?adv=z127r4i&ct=0:p21aj7j&fmt=3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=MDkzOWFjZDgtZWRlZi00MzA5LTk2YzYtMzRmOGUzZDMxZDQz&gdpr=0&gdpr_consent=&ttd_tdid=0939acd8-edef-4309-96c6-34f8e3d31d43 HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=0939acd8-edef-4309-96c6-34f8e3d31d43&google_gid=CAESEOjNwBEXIO4xilExCoksZLg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MjBiOWI3MmQtNGJlNS00MjhiLWI1NjItMTEwZmVlN2M4MjA2&google_push&gdpr=0&gdpr_consent=&ttd_tdid=20b9b72d-4be5-428b-b562-110fee7c8206
Request Chain 246
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCf5rXh1wEQ0QgY0QgyCPbVWbHXAlY3 HTTP 301
  • https://tpc.googlesyndication.com/simgad/6882328095556613470
Request Chain 249
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=Y4_jXQAB-6N2IwAo HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y4_jXQAB-6N2IwAo&_test=Y4_jXQAB-6N2IwAo
Request Chain 251
  • https://match.adsrvr.org/track/cmf/openx?oxid=4ac700bd-6645-7984-ef2b-3de1fa353eea&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=4ac700bd-6645-7984-ef2b-3de1fa353eea&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=20b9b72d-4be5-428b-b562-110fee7c8206&ttd_puid=4ac700bd-6645-7984-ef2b-3de1fa353eea&gdpr=0&gdpr_consent=
Request Chain 253
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP1vxdmsoyVTGqyM6acwS88&google_cver=1
Request Chain 263
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y4.jW4WwZUQrKydWgaf8DQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKqb4sB-k-bxi3-Pece7Kw4&google_cver=1&google_hm=2
Request Chain 264
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y4-jW4WwZUQrKydWgaf8DQAAAZUAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPDviWBHLO4TRN_UZhLpA4E&google_cver=1
Request Chain 265
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=20b9b72d-4be5-428b-b562-110fee7c8206&expiration=1672949853&gdpr=0&gdpr_consent=
Request Chain 266
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0875220407bc04a94302b9e5&expiration=[EXPIRATION]
Request Chain 267
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=31ff557f-346d-4d8e-9562-0114f1de7176
Request Chain 268
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=MHbgFxllIZAxE2VBBjzy&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2TKIMJTUM6DMNREVUQLYIUZFMQSCNJ5HS HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2TKIMJTUM6DMNREVUQLYIUZFMQSCNJ5HS HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=MHbgFxllIZAxE2VBBjzy
Request Chain 271
  • https://sync.srv.stackadapt.com/sync?nid=21 HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=stk&userid=gkpqVRvARrp_1qKxdAy9ISaEdkk&gdpr=&gdpr_consent=
Request Chain 272
  • https://c1.adform.net/serving/cookie/match?party=1283 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1283 HTTP 302
  • https://sync-adform.ads.yieldmo.com/sync?pn_id=adfm&id=188842751989571768
Request Chain 273
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODVEQzIwNTEtNTdDQi00QUY1LThCMzgtOTg0N0EwMDk5RTk5&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D85DC2051-57CB-4AF5-8B38-9847A0099E99 HTTP 302
  • https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=85DC2051-57CB-4AF5-8B38-9847A0099E99
Request Chain 274
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 302
  • https://ads.yieldmo.com/v000/sync?userid=630481314781216515&pn_id=an
Request Chain 275
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=yieldmo HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LBCNXQNN-11-M5LE
Request Chain 277
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 278
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=20b9b72d-4be5-428b-b562-110fee7c8206&dongle=0cfd
Request Chain 279
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzQ4MzU0NzQ2Mjg1OTk4OTI3ODgyOQ%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 280
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEadntj_6GTJsMLiqEqnOVY&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 281
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzQ4MzU0NzQ2Mjg1OTk4OTI3ODgyOQ%3D%3D
Request Chain 282
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3483547462859989278829&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3483547462859989278829&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=9a60fe37-b838-4441-8d01-6498245af41e&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=9a60fe37-b838-4441-8d01-6498245af41e&_noobservation=1&_expected_cookie=da9d7f5aac5b6c524d4a378fe3d406b6
Request Chain 283
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3483547462859989278829&gdpr=0&gdpr_consent= HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dtriplelift%26bsw_param%3Db1d435b5-77d4-4214-8692-93c49c8f540c%26gdpr%3D0%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=bc4452818b984146a3f3af99e6f4260a&ssp=triplelift&bsw_param=b1d435b5-77d4-4214-8692-93c49c8f540c&gdpr=0&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=b1d435b5-77d4-4214-8692-93c49c8f540c&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 284
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3483547462859989278829?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-.wRvKXFE2oRzb2iybCZx4EtRgcv5nNx3XkC5ac5aWg--~A&dongle=0883
Request Chain 287
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=630481314781216515&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 320
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=630481314781216515
Request Chain 321
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_db53a96b-9455-4d40-85d9-23765280425c&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2 HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=67cb9b99-3a57-4146-9a8a-a2de4dfc0a31&ssp=gumgum2 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=b1d435b5-77d4-4214-8692-93c49c8f540c
Request Chain 322
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-824a6a55-1bc0-46ba-7fd6-a2b1740cbd21$ip$38.132.118.73
Request Chain 323
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_db53a96b-9455-4d40-85d9-23765280425c&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=MHbgFxllIZAxE2VBBjzy&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVGUQYTHIZ4GY3CJLJAXQRJSKZBEE2T2PE HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVGUQYTHIZ4GY3CJLJAXQRJSKZBEE2T2PE HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=MHbgFxllIZAxE2VBBjzy
Request Chain 324
  • https://sync.1rx.io/usersync2/floor6?gdpr=&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1670357855490 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7282882960 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/20b9b72d-4be5-428b-b562-110fee7c8206 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a2d0274a-909f-4f09-a395-d674db312b81-005?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-a2d0274a-909f-4f09-a395-d674db312b81-005 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-a2d0274a-909f-4f09-a395-d674db312b81-005
Request Chain 325
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=acZWaNvTdeQY&ev=1&pid=558355
Request Chain 326
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28K-SDXojajB2-snY3c5BXNXeVquph3jfgBLSLiArJztDZTJaBVqSUHcRmRnOIX6bt%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28K-SDXojajB2-snY3c5BXNXeVquph3jfgBLSLiArJztDZTJaBVqSUHcRmRnOIX6bt%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_db53a96b-9455-4d40-85d9-23765280425c&obuid=ENC(K-SDXojajB2-snY3c5BXNXeVquph3jfgBLSLiArJztDZTJaBVqSUHcRmRnOIX6bt) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=icco6m5&ttd_tpi=1$CMP HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=ttd&uid=20b9b72d-4be5-428b-b562-110fee7c8206&gdpr=0&gdpr_consent=
Request Chain 327
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=bdfaa4cd-4e50-41d2-8850-2d0c32653fac
Request Chain 328
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-BpyCvmRE2pfBRHSGZZtdsDdDwQVH4yr08C5E~A
Request Chain 329
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=b3e62e8c-aadf-47bc-b1b5-84d2640b9384
Request Chain 330
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://usersync.gumgum.com/usersync?b=snc&i=D7B9D9F680BC46E187FAFC0A2559F152
Request Chain 332
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=106821f5-3053-473b-bce8-72435f5b3091
Request Chain 333
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=761917122711880150
Request Chain 336
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=7ead435e-a2cd-4cbf-8876-adb66822613f&ph=c6b01e12-aa62-4ae6-9e10-71346e597c31&r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DF2Stothm3wg5g6opTuaPadz9%26source_user_id%3D HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=84a4f580-d401-4469-aa80-1babf0fe9c82
Request Chain 337
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=20b9b72d-4be5-428b-b562-110fee7c8206&gdpr=0&gdpr_consent=
Request Chain 338
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
  • https://ssc-cms.33across.com/ps/?ri=0013300001kQj2HAAS&ru=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DkzFyzzqXEqukMDumpVLB6Eq3%26source_user_id%3D33XUSERID33X HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=kzFyzzqXEqukMDumpVLB6Eq3&source_user_id=212050011722259
Request Chain 339
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
  • https://b1sync.zemanta.com/usersync/sharethrough?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=MHbgFxllIZAxE2VBBjzy&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS63LBORRWQLTTNBQXEZLUNBZG65LHNAXGG33NF5ZXS3TDF53DCP3FPBRWQYLOM5ST243IMFZGK5DIOJXXKZ3IEZTWI4DSHUYCM43POVZGGZK7NFSD2YJXHEZTKMZQGU4DCNDGHBRTKZJSMEZTIYTBGU2CM43POVZGGZK7OVZWK4S7NFSD2TKIMJTUM6DMNREVUQLYIUZFMQSCNJ5HS&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS63LBORRWQLTTNBQXEZLUNBZG65LHNAXGG33NF5ZXS3TDF53DCP3FPBRWQYLOM5ST243IMFZGK5DIOJXXKZ3IEZTWI4DSHUYCM43POVZGGZK7NFSD2YJXHEZTKMZQGU4DCNDGHBRTKZJSMEZTIYTBGU2CM43POVZGGZK7OVZWK4S7NFSD2TKIMJTUM6DMNREVUQLYIUZFMQSCNJ5HS HTTP 302
  • https://match.sharethrough.com/sync/v1?gdpr=0&source_id=a7935305814f8c5e2a34ba54&source_user_id=MHbgFxllIZAxE2VBBjzy
Request Chain 346
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=inm&i=ID5-8ecbq4TvVHhIvZpG6uftSXWbGT0sPgb2CB3elwpomA
Request Chain 348
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=20b9b72d-4be5-428b-b562-110fee7c8206
Request Chain 349
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=d460638f-a35f-4400-9851-98d66543df75&gdpr=&gdpr_consent=
Request Chain 350
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=Y4_jXQAB-6N2IwAo&gdpr=&gdpr_consent=
Request Chain 352
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=630481314781216515&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
  • https://usersync.gumgum.com/usersync?b=emx&i=630481314781216515brt53491670357855485780b3
Request Chain 353
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Y4.jX8Co5sIAAG38AX8AAAAA
Request Chain 354
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Y4.jW4WwZUQrKydWgaf8DQAA%26405
Request Chain 355
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=SLlbXMgQTt2RTMWCN2sl&pi=gumgum&tc=1
Request Chain 356
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 361
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.notateslaapp.com%2F&domain=mail.notateslaapp.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=oozYtHxDOEJkbmFDVjA5cWlTaXZ1RXU1ZG53SWF1OTNmbzJJRENxNmY1K0VzSUdmcGYxMDRobThvRFgyRk5BSnV6Z3BUWllKNTExRHpmRmt4RXhJVmZwRGRGdS9nbDZtdmVhQzdRRTlHT3FQV0lsVit4WlNjOG1Za2wvalZNSUo2WlpqL21JVnUvOWRiRXJJNG1zWXhzWHFTbGpSYWQ3WFU4WGNZN0NidjE0amljQVhtUXFsaWxoNGp6R0lQNjVZR3N1WEdVb1M3bUk5bWkxZVdVRmYzR2poOW1JS3UxOUg5TWtkWFBwOHFDUWc4VlgwS25PVHNMOHB4clNuMDUzWGZlaEZPfA&cppv=2
Request Chain 396
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LBCNXQNN-11-M5LE HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LBCNXQNN-11-M5LE&ex=d-rubiconproject.com&status=ok
Request Chain 410
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJDTlhRTk4tMTEtTTVMRQ==
Request Chain 412
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=20b9b72d-4be5-428b-b562-110fee7c8206&gdpr=0&gdpr_consent=&expires=30
Request Chain 413
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=S6-SaocuQNSRgWa_-OCKog&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=S6-SaocuQNSRgWa_-OCKog
Request Chain 414
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBCNXQNN-11-M5LE
Request Chain 415
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzlkNDVjNmZmZWU3MTRiOGJkZjE4YWZiMGExMjA5YTI2ZGRjNjc3OA
Request Chain 416
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBWMSQu1jUvXYy0lofKc51Q&google_cver=1
Request Chain 417
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/pgQohhlk1ZFYVcLC99GzJMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Awges7lE2oLBs9VSSXVDvTEiagcX5QjANxGOdQ--~A
Request Chain 419
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 440
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=bf73b27f-b0e3-4b52-be1d-6c53fcb39798&gdpr=&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=20b9b72d-4be5-428b-b562-110fee7c8206&ttd_puid=bf73b27f-b0e3-4b52-be1d-6c53fcb39798
Request Chain 441
  • https://sync.mathtag.com/sync/img?mt_exid=10072&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3D2040%26partner_device_id%3D%5BMM_UUID%5D&gdpr=&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2040&partner_device_id=d460638f-a35f-4400-9851-98d66543df75&gdpr=&gdpr_consent=
Request Chain 449
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 454
  • https://sync.colossusssp.com/pbs.gif?gdpr=&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dcolossus%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Di%26uid%3D%5BUID%5D HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=colossus&gdpr=&gdpr_consent=&us_privacy=1---&account=&f=i&uid=[UID]
Request Chain 483
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LBCNXQNN-11-M5LE HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LBCNXQNN-11-M5LE
Request Chain 500
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Di%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a2d0274a-909f-4f09-a395-d674db312b81-005?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Di%26uid%3DRX-a2d0274a-909f-4f09-a395-d674db312b81-005 HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=1---&account=&f=i&uid=RX-a2d0274a-909f-4f09-a395-d674db312b81-005
Request Chain 501
  • https://pr-bh.ybp.yahoo.com/sync/rubiconprebidserver?gdpr=&euconsent=&us_privacy=1---&url=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dbrightroll%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=brightroll&gdpr=&gdpr_consent=&us_privacy=1---&account=&f=i&uid=y-IMBadR5E2oK60JNU2KMNQh9TMMoyC.IcHnWQvh6hRPCQ9FsDjVV7dQ--~A
Request Chain 502
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dconversant%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Di%26uid%3D HTTP 302
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=1b8565b089151620&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dconversant%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Di%26uid%3D HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=conversant&gdpr=&gdpr_consent=&us_privacy=1---&account=&f=i&uid=AAABxP7F2w1RCwN4-IgnAAAAAAA&expiration=1670444264&is_secure=true
Request Chain 503
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=1---&redirectUri=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=yieldmo&account=&f=i&uid=gc5be86089e62789db8b&gdpr=&gdpr_consent=&us_privacy=1---
Request Chain 515
  • https://x.bidswitch.net/sync?ssp=themediagrid&us_privacy=1--- HTTP 302
  • https://stags.bluekai.com/site/92145?id=b1d435b5-77d4-4214-8692-93c49c8f540c&redir=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D452%26ssp%3Dthemediagrid%26user_id%3D&limit=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=452&ssp=themediagrid&user_id=
Request Chain 516
  • https://id5-sync.com/s/441/9.gif?puid=u_db53a96b-9455-4d40-85d9-23765280425c&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F434%2F8%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
  • https://id5-sync.com/c/441/434/8/2.gif?puid=8205d9cc-310c-4610-a63c-359c41781615&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F7%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/108/7/3.gif?puid=bf73b27f-b0e3-4b52-be1d-6c53fcb39798&gdpr=0&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-8ecbq4TvVHhIvZpG6uftSXWbGT0sPgb2CB3elwpomA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F6%2F4.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/124/6/4.gif?puid=106821f5-3053-473b-bce8-72435f5b3091&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=20b9b72d-4be5-428b-b562-110fee7c8206&ttl=%%TTL%% HTTP 302
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F203%2F4%2F6.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/441/203/4/6.gif?puid=978fb9bb-8505-4b8e-83fb-878977f26f9c&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-8ecbq4TvVHhIvZpG6uftSXWbGT0sPgb2CB3elwpomA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F3%2F3%2F7.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/3/3/7.gif?puid=d460638f-a35f-4400-9851-98d66543df75&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F429%2F2%2F8.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/441/429/2/8.gif?puid=85DC2051-57CB-4AF5-8B38-9847A0099E99&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/441/2/1/9.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/2/1/9.gif?puid=630481314781216515&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
  • https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAA5dE7HH0cAAB-zaSXqQA
Request Chain 517
  • https://match.adsrvr.org/track/usersync?us_privacy=1---&gdpr=0&gdpr_consent=undefined&ust=image HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=20b9b72d-4be5-428b-b562-110fee7c8206&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=20b9b72d-4be5-428b-b562-110fee7c8206&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=20b9b72d-4be5-428b-b562-110fee7c8206
Request Chain 518
  • https://stx-match.dotomi.com/match/bounce/current?networkId=44410&version=1&nuid=2713539e-0a1b-4190-9dfd-efdcecb5be29&gdpr=0&gdpr_consent= HTTP 302
  • https://stx-match.dotomi.com/match/bounce/current?DotomiTest=7c1aa1afff940516&is_secure=true&networkId=44410&version=1&nuid=2713539e-0a1b-4190-9dfd-efdcecb5be29&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=XXFNqX2gk1rVb6Jw3xJ26afL&source_user_id=AAAHwrOir2IMdwMtFdFbAAAAAAA&expiration=1670444265&nuid=2713539e-0a1b-4190-9dfd-efdcecb5be29&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 528
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=MHbgFxllIZAxE2VBBjzy&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5JVEGEZ2GPBWGYSK2IF4EKMSWIJBGU6TZ&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5JVEGEZ2GPBWGYSK2IF4EKMSWIJBGU6TZ HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=MHbgFxllIZAxE2VBBjzy
Request Chain 529
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-824a6a55-1bc0-46ba-7fd6-a2b1740cbd21$ip$38.132.118.73&dongle=4430
Request Chain 530
  • https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3690&xuid=d460638f-a35f-4400-9851-98d66543df75&dongle=3995&gdpr=0&gdpr_consent=
Request Chain 531
  • https://match.prod.bidr.io/cookie-sync/trl HTTP 303
  • https://match.prod.bidr.io/cookie-sync/trl?_bee_ppp=1 HTTP 303
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AAFOTE7HH0cAAB-TUbb8zw&dongle=bzwx
Request Chain 532
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=83&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3646&xuid=5083f967-d1e7-4042-bde6-612d6aebdf91-638fa369-5553&dongle=1fa5&gdpr=0&gdpr_consent=
Request Chain 533
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3702&xuid=b3e62e8c-aadf-47bc-b1b5-84d2640b9384&dongle=d54f&gdpr=0&gdpr_consent=
Request Chain 534
  • https://pm.w55c.net/ping_match.gif?st=TRIPLELIFT&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6019%26xuid%3D_wfivefivec_%26dongle%3D465e%26gdpr=0%26gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=TRIPLELIFT&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6019%26xuid%3D_wfivefivec_%26dongle%3D465e%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=6019&xuid=GolBg5zi1P2EnT5&dongle=465e&gdpr=0&gdpr_consent=
Request Chain 535
  • https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3657&xuid=Y4_jXQAB-6N2IwAo&dongle=3c0a&gdpr=0&gdpr_consent=
Request Chain 541
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=MHbgFxllIZAxE2VBBjzy&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5JVEGEZ2GPBWGYSK2IF4EKMSWIJBGU6TZ&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5JVEGEZ2GPBWGYSK2IF4EKMSWIJBGU6TZ HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=MHbgFxllIZAxE2VBBjzy
Request Chain 542
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-824a6a55-1bc0-46ba-7fd6-a2b1740cbd21$ip$38.132.118.73&dongle=4430
Request Chain 543
  • https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3690&xuid=d460638f-a35f-4400-9851-98d66543df75&dongle=3995&gdpr=0&gdpr_consent=
Request Chain 544
  • https://match.prod.bidr.io/cookie-sync/trl HTTP 303
  • https://match.prod.bidr.io/cookie-sync/trl?_bee_ppp=1 HTTP 303
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AAA5dE7HH0cAAB-zaSXqQA&dongle=bzwx
Request Chain 545
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=5083f967-d1e7-4042-bde6-612d6aebdf91-638fa369-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D5083f967-d1e7-4042-bde6-612d6aebdf91-638fa369-5553%26partner_url%3Dhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3646%2526xuid%253D5083f967-d1e7-4042-bde6-612d6aebdf91-638fa369-5553%2526dongle%253D1fa5%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=5083f967-d1e7-4042-bde6-612d6aebdf91-638fa369-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D5083f967-d1e7-4042-bde6-612d6aebdf91-638fa369-5553%26partner_url%3Dhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3646%2526xuid%253D5083f967-d1e7-4042-bde6-612d6aebdf91-638fa369-5553%2526dongle%253D1fa5%2526gdpr%253D0%2526gdpr_consent%253D&ct=y HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=5083f967-d1e7-4042-bde6-612d6aebdf91-638fa369-5553&partner_url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3646%26xuid%3D5083f967-d1e7-4042-bde6-612d6aebdf91-638fa369-5553%26dongle%3D1fa5%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://eb2.3lift.com/xuid?mid=3646&xuid=5083f967-d1e7-4042-bde6-612d6aebdf91-638fa369-5553&dongle=1fa5&gdpr=0&gdpr_consent=
Request Chain 546
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3702&xuid=b3e62e8c-aadf-47bc-b1b5-84d2640b9384&dongle=d54f&gdpr=0&gdpr_consent=
Request Chain 547
  • https://pm.w55c.net/ping_match.gif?st=TRIPLELIFT&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6019%26xuid%3D_wfivefivec_%26dongle%3D465e%26gdpr=0%26gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=TRIPLELIFT&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6019%26xuid%3D_wfivefivec_%26dongle%3D465e%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=6019&xuid=GolBg5zi1P2EnT5&dongle=465e&gdpr=0&gdpr_consent=
Request Chain 548
  • https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3657&xuid=Y4_jXQAB-6N2IwAo&dongle=3c0a&gdpr=0&gdpr_consent=
Request Chain 551
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=1f017fdb-ab02-4fe4-b052-bd12c3ae5f32 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CPaqHBIvCisIARCUaxokMWYwMTdmZGItYWIwMi00ZmU0LWIwNTItYmQxMmMzYWU1ZjMyEAAaDQjqxr6cBhIFCOgHEABCAEoA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=55634096390b79c6ca4da3339630deab606e0dd81ef1df54c4a573598917a0c1791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=55634096390b79c6ca4da3339630deab606e0dd81ef1df54c4a573598917a0c1791426b5417dce21&rand=04720388 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=10339&_psign=f79776ac7a290c8b1b2a94bd7ad5f0ce&_puuid=55634096390b79c6ca4da3339630deab606e0dd81ef1df54c4a573598917a0c1791426b5417dce21&_pu
Request Chain 552
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=630481314781216515
Request Chain 554
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=8494657214754093260&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 556
  • https://gum.criteo.com/sid/json?origin=criteoPrebidAdapter&domain=www.notateslaapp.com&sn=ChromeSyncframe&so=0&topUrl=www.notateslaapp.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=e-3iuXxLTUtlVUp4QnZGaXFTeklWQ1AzTElXam13MEN2WVNNdUdQVjdXTjN4eGtVdWJkYTRUZloybzJDYks0VXdrcXdNMTdKK2tJMFVydUpUbThhSWNOdGZqb2IxRzZ6ZUlUNWlkWTA1cGpxeTNtZmd3d2l6WElXZXE4ZW5lRlRmSGJKbXhLb01wblVHdEZvRDFQRkhhV1QwTy91YURURVJYR3B2U3FkSnlWYjMzM2tWYi90K2FydHpRM0NxY0VqWnM2cnpGa1YrNGhnVVlibzEzbVFWOXJTcFprTjJYeitITDhVczVWWk1KZUVJa1hEVVo0T3dPSHJVa2haRFJodzJaQnZySElGQWg1U1Zzd1lwTUlBSUNzSVkySVJtVGJPUE9CZ21aSWw0b1dmcHhUbz18&cppv=2
Request Chain 558
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 559
  • https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=630481314781216515
Request Chain 560
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=01aa679a-66ea-45e7-85ae-22260d991eb8
Request Chain 561
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-s7lcvRxE2uEGCUAGobSfwSAhiSEPBZ23~A
Request Chain 562
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=46&uid=20b9b72d-4be5-428b-b562-110fee7c8206&ttl=1672949865
Request Chain 563
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LBCNXQNN-11-M5LE
Request Chain 564
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBE48uPn9gdwyEyL-cd3UEE&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:AEE418221A054D9EAD31DEEC64DB2D92 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D85DC2051-57CB-4AF5-8B38-9847A0099E99 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=85DC2051-57CB-4AF5-8B38-9847A0099E99
Request Chain 565
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=5083f967-d1e7-4042-bde6-612d6aebdf91-638fa369-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D5083f967-d1e7-4042-bde6-612d6aebdf91-638fa369-5553%26partner_url%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D54%2526uid%253D5083f967-d1e7-4042-bde6-612d6aebdf91-638fa369-5553 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=5083f967-d1e7-4042-bde6-612d6aebdf91-638fa369-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D5083f967-d1e7-4042-bde6-612d6aebdf91-638fa369-5553%26partner_url%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D54%2526uid%253D5083f967-d1e7-4042-bde6-612d6aebdf91-638fa369-5553&ct=y HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=5083f967-d1e7-4042-bde6-612d6aebdf91-638fa369-5553&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D5083f967-d1e7-4042-bde6-612d6aebdf91-638fa369-5553 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=54&uid=5083f967-d1e7-4042-bde6-612d6aebdf91-638fa369-5553
Request Chain 566
  • https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-YnyEjuRE2uGNVr39QPMXwoHzPuk7JIvFaiKrHO4-~A
Request Chain 568
  • https://dpm.demdex.net/ibs:dpid=152416&dpuuid=119fxh304rxmr016n27iw03vd HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=119fxh304rxmr016n27iw03vd
Request Chain 570
  • https://idsync.rlcdn.com/403716.gif?partner_uid=119fxh304rxmr016n27iw03vd HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CITSGBIlCiEIARCakQEaGTExOWZ4aDMwNHJ4bXIwMTZuMjdpdzAzdmQQABoNCOrGvpwGEgUI6AcQAEIASgA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=22f29cf82c915c5ead1de3c009e71360b38d3be556355942a865de8342480748791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=22f29cf82c915c5ead1de3c009e71360b38d3be556355942a865de8342480748791426b5417dce21&rand=09535354 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=10339&_psign=f79776ac7a290c8b1b2a94bd7ad5f0ce&_puuid=22f29cf82c915c5ead1de3c009e71360b38d3be556355942a865de8342480748791426b5417dce21&_pu
Request Chain 572
  • https://loadm.exelator.com/load/?p=204&g=1145&j=0&utid=119fxh304rxmr016n27iw03vd HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=1145&j=0&utid=119fxh304rxmr016n27iw03vd&xl8blockcheck=1
Request Chain 576
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=630481314781216515
Request Chain 578
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d460638f-a35f-4400-9851-98d66543df75
Request Chain 579
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAA5dE7HH0cAAB-zaSXqQA&expiration=1671567466
Request Chain 581
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=9df05b52-8cb7-4736-91f1-9ff8b580fb5c&expiration=1701893866
Request Chain 582
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=4ebf40cec42815d8&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAHwrOir2IMyAMOiKFbAAAAAAA&expiration=1670444266&is_secure=true
Request Chain 583
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=ayIzNTwiPTJwcm9hbCEmZmx1PWtwdDxqP3STfgaT
Request Chain 589
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&khaos=LBCNXQNN-11-M5LE HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LBCNXQNN-11-M5LE

661 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
mail.notateslaapp.com/
Redirect Chain
  • http://mail.notateslaapp.com/
  • https://mail.notateslaapp.com/
120 KB
121 KB
Document
General
Full URL
https://mail.notateslaapp.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.81.93.82 , United States, ASN11042 (NTHL, US),
Reverse DNS
server.notateslaapp.com
Software
Apache /
Resource Hash
a086129b23a47d77d675cfe90d865fbd722424b7ef546fadbbc21f62924f465a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Connection
Keep-Alive
Content-Language
en
Content-Type
text/html; charset=UTF-8
Date
Tue, 06 Dec 2022 20:17:26 GMT
Keep-Alive
timeout=5, max=500
Server
Apache
Transfer-Encoding
chunked

Redirect headers

Access-Control-Allow-Origin
*
Connection
Keep-Alive
Content-Language
en
Content-Type
text/html; charset=UTF-8
Date
Tue, 06 Dec 2022 20:17:26 GMT
Keep-Alive
timeout=5, max=500
Location
https://mail.notateslaapp.com/
Server
Apache
Transfer-Encoding
chunked
css2
fonts.googleapis.com/
6 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&display=swap
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
012deec03fbfd6c92c075b502ee777e094cd1a0cedb202a84cde1218b3b60fb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 06 Dec 2022 20:17:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 06 Dec 2022 18:38:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Dec 2022 20:17:27 GMT
core-legacy.style.v31.css
www.notateslaapp.com/assets/css/
38 KB
9 KB
Stylesheet
General
Full URL
https://www.notateslaapp.com/assets/css/core-legacy.style.v31.css
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24f01a0e8e5c01058e2bbc279fcd2b3fd359e4f32a25da65f0f264f83f639fbc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:26 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 06 Dec 2022 17:08:06 GMT
server
cloudflare
age
10130
cf-polished
origSize=55795
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BP759nG6G%2Fy%2F2nhl6wcFdsah7FmNmmxoCDjncitShJxThOyUg7%2BFubqvoSRkUfjWQ79f%2FtNhsCd0gejJcqOOyX%2FkOIHa%2F%2FrQa%2FaVRcZ6XqAICxpM8%2ByOw%2F4ivwovFUC9PVjPVG6q6H9k4maAeGjRcJOy"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=691200
cf-ray
7757b47f8d133708-MIA
js
www.googletagmanager.com/gtag/
112 KB
44 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-145811549-1
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d39d3a01366249aca6ac4d2fe983cb75740baf639b367ca1e34e998bc9e3942f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
44744
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 06 Dec 2022 20:17:27 GMT
nata-logo-white-1x.png
www.notateslaapp.com/assets/logo/
3 KB
3 KB
Image
General
Full URL
https://www.notateslaapp.com/assets/logo/nata-logo-white-1x.png
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45d87635b90a2f1451cc137f84467b55f4e16fecccd0789ac14021e80f625a82

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:27 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Jun 2022 15:52:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
402901
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zBaeAhgmr%2BQPFNmH6aKYJhfzsKR2bmpj%2FTiFRbl3x44sV0Ktq67IUqOvYIz7CB9ZjCUowgyJA2u3y1T6nFxGHGWSzdqfHEPsmC4OTLNjkzDjojTeJsoQK1trQOaxoF5M7ZFgo0CO3mWRswP%2B9sgWia7o"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
7757b4806e3a3708-MIA
content-length
2976
twitter-follow_27h.png
mail.notateslaapp.com/assets/networks/
1013 B
1 KB
Image
General
Full URL
https://mail.notateslaapp.com/assets/networks/twitter-follow_27h.png
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.81.93.82 , United States, ASN11042 (NTHL, US),
Reverse DNS
server.notateslaapp.com
Software
Apache /
Resource Hash
b48c93e9d4d70a823da50bb4374a41fa4dcb503f7b25f001f87d1618186d8fc8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 20:17:27 GMT
Last-Modified
Thu, 08 Jul 2021 17:54:20 GMT
Server
Apache
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=499
Content-Length
1013
facebook-follow_34h.png
mail.notateslaapp.com/assets/networks/
1 KB
1 KB
Image
General
Full URL
https://mail.notateslaapp.com/assets/networks/facebook-follow_34h.png
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.81.93.82 , United States, ASN11042 (NTHL, US),
Reverse DNS
server.notateslaapp.com
Software
Apache /
Resource Hash
e9a7941d6c42e6714514a93d70898ad8bce77e94b0ca8e4e4660a7f632da15bb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 20:17:27 GMT
Last-Modified
Mon, 23 Aug 2021 21:40:29 GMT
Server
Apache
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=498
Content-Length
1169
youtube-follow_50h.png
mail.notateslaapp.com/assets/networks/
2 KB
3 KB
Image
General
Full URL
https://mail.notateslaapp.com/assets/networks/youtube-follow_50h.png
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.81.93.82 , United States, ASN11042 (NTHL, US),
Reverse DNS
server.notateslaapp.com
Software
Apache /
Resource Hash
b64ec02c3d13558e9f2a4cb7815997cf1ebc3a7cd5c09010ae49ad333f4ec83f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 20:17:27 GMT
Last-Modified
Thu, 08 Jul 2021 17:54:21 GMT
Server
Apache
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=500
Content-Length
2545
cybertruck-sketch_600w.jpg
www.notateslaapp.com/images/news/2022/
32 KB
33 KB
Image
General
Full URL
https://www.notateslaapp.com/images/news/2022/cybertruck-sketch_600w.jpg
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ddfcef0d0f263f0224c19423604a3389cd807e51b3179ccf306001f2627a0b2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:27 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Tue, 06 Dec 2022 17:40:22 GMT
server
cloudflare
age
7946
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TWRcTN7ZiLUaWcYfZf03lDKkV5M4LpecrLvCXkcJdPhL3NxrIcTTG5tHTbVPpnjIpW%2FVD7TB11rythUj2cxhCKl84znVoVfXdJ3vX2ORep181Tyrh%2BjNVgA%2BZ1Ta0eV4%2BA8A33lR88PbQIVCySe34CXc"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
7757b4806e473708-MIA
content-length
32991
pepsi-frito-lay-semi_600w.jpg
www.notateslaapp.com/images/news/2022/
41 KB
41 KB
Image
General
Full URL
https://www.notateslaapp.com/images/news/2022/pepsi-frito-lay-semi_600w.jpg
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c623a5624d528c050d94068cf2ff88a1fbf6c02afad76eaab848f2027441b97c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:27 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Mon, 05 Dec 2022 16:43:38 GMT
server
cloudflare
age
98105
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=99W5bqLZY8ArM8CD54TLDuX7y%2Fq041PlqRThJDF%2BiMf6Vmjgmqr%2FXlbKj2KQdgFwUWllPw6tPklPZmksJ689p3kKDM%2BwvZCyNCjdZmkeK45iecGTAKmhOn6%2B2m7L5a1AfJyJLtph4YgL87VfRLF5BPVA"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
7757b4806e4a3708-MIA
content-length
41655
core-astro.javascript.v30.js
www.notateslaapp.com/assets/js/
35 KB
10 KB
Script
General
Full URL
https://www.notateslaapp.com/assets/js/core-astro.javascript.v30.js?lang=en
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d183dfc33d76d9c16a322cd4f10acb538c4c82859c0ba9aa072497283cd46771

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
405642
cf-polished
origSize=59506
cf-bgj
minify
last-modified
Fri, 02 Dec 2022 03:34:51 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SODox%2FcfF%2FwKTW8UBgKGghK%2Bjjoya5Wq8YuvzsbZU9RLB2cVizrgL2KmnXN3ni69O%2BswKfC1%2FT6ZBxAZ0PhWB3qj3Uef5aTDyzTtK6vrC32pJVUMgrctnCWctzyHRyM9ZJ%2FnBRLdmJiwP%2BGUTBg3jxaW"}],"group":"cf-nel","max_age":604800}
content-language
en
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=691200
cf-ray
7757b47fed993708-MIA
beacon.min.js
static.cloudflareinsights.com/
17 KB
6 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:27 GMT
content-encoding
gzip
last-modified
Fri, 21 Oct 2022 01:56:09 GMT
server
cloudflare
etag
W/2022.10.1
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
7757b4825b9db3bb-MIA
gtm.js
www.googletagmanager.com/
139 KB
50 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N44BWRL
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
64e1f9a13eb2d40d8090065b054877ebb0261312ad9410b4d02cbfdf5e1ee175
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50935
x-xss-protection
0
last-modified
Tue, 06 Dec 2022 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 06 Dec 2022 20:17:27 GMT
ads.min.js
ads.adthrive.com/sites/6086f736fa0c1f0c8270ab14/
68 KB
19 KB
Script
General
Full URL
https://ads.adthrive.com/sites/6086f736fa0c1f0c8270ab14/ads.min.js?referrer=https%3A%2F%2Fmail.notateslaapp.com%2F
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.208.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-62.iad66.r.cloudfront.net
Software
CloudFront /
Resource Hash
fdde6efffb59a03e908934a7b20bc633cf96fcba65e7311a07cfb0407167aed7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

adthrive-bucket
beta1:ovrd
date
Tue, 06 Dec 2022 16:29:11 GMT
content-encoding
gzip
via
1.1 7154e2f13d02d1cc12281ca90f1bd47e.cloudfront.net (CloudFront)
adthrive-deployment
ade-454:pr2851:beta1:b1d93de:exp
x-amz-cf-pop
IAD66-C1
age
13696
adthrive-commit
b1d93de
x-cache
Hit from cloudfront
content-length
19374
adthrive-gdpr
false
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=86400
x-amz-cf-id
MiNQ6YuPs73jUndluLB7k1wHbahM34VVb9cg8UencTxqKWMLOg_mHA==
sun.svg
www.notateslaapp.com/assets/
4 KB
1 KB
Image
General
Full URL
https://www.notateslaapp.com/assets/sun.svg
Requested by
Host: www.notateslaapp.com
URL: https://www.notateslaapp.com/assets/css/core-legacy.style.v31.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ab504252bd43e2d4e7e46f8803b78730844a06811d8310ccf5c4a1f6a632bc2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.notateslaapp.com/assets/css/core-legacy.style.v31.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 30 Sep 2021 16:40:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2719
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hm18%2Bll4pCcgSctVzkFPSdY8uf21Eal4v647MWYmB0AGgYiFw5FMhYMJqglywUiN6LKy57mpXN4DidcqGjkikYUUpKDvdCYpMKe9CTXTgU0d%2F1ZvbSfm4EwkWoYott7OSzPEc8UQV2o996Wr%2BAv5RbCy"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=691200
cf-ray
7757b4808e633708-MIA
globe.svg
www.notateslaapp.com/assets/
12 KB
4 KB
Image
General
Full URL
https://www.notateslaapp.com/assets/globe.svg
Requested by
Host: www.notateslaapp.com
URL: https://www.notateslaapp.com/assets/css/core-legacy.style.v31.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7d8253f6f58346b39bd0d7cc84577d7d161e0d399958d7d8330c21503c8f659

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.notateslaapp.com/assets/css/core-legacy.style.v31.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 21 Oct 2020 18:18:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
405642
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b9Zivz%2F6y5aKenvGjWEkPxRcvpfDSVw%2FVfjk6716%2FkxMI6BWh5f3FOOu3RhpWrSvcGqykuWMUEvrpbZTw7C2o7oEkl1KsI6rT9McRMDA6ExkERpf1Ss%2FTkaVAwzv16wQTQIKWRPdtgg4bCBO2xs0nKYb"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=691200
cf-ray
7757b4808e643708-MIA
search-icon.svg
www.notateslaapp.com/assets/
1017 B
836 B
Image
General
Full URL
https://www.notateslaapp.com/assets/search-icon.svg
Requested by
Host: www.notateslaapp.com
URL: https://www.notateslaapp.com/assets/css/core-legacy.style.v31.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca936bede032e6142754d7011cbcb69c61a773d8ed6808b69e48e8966eaf08dd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.notateslaapp.com/assets/css/core-legacy.style.v31.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 20 Jun 2022 16:11:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
405661
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0C8N2mBCVN2mPDhjDZBqe2edHEEL7YthEE%2BRVspVMvSdZsUikucz8SArcYdwSwRo8I1Sjx1rH8w%2BzAtIdc5J7MGbNVhNNpTXdGv8POq1yZq4jYpQbA3hiiWu%2Fgk2wyw32ORfHv5witf97M3uLpXpkn%2BL"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=691200
cf-ray
7757b4808e653708-MIA
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mail.notateslaapp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 18:52:16 GMT
x-content-type-options
nosniff
age
91511
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Dec 2023 18:52:16 GMT
tesmanian-model-3-floor-mats.jpg
www.notateslaapp.com/assets/
6 KB
6 KB
Image
General
Full URL
https://www.notateslaapp.com/assets/tesmanian-model-3-floor-mats.jpg
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ffea0183b834d347c79b3412d50d324905390597ef446f2ffe5a8bee4771771

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:27 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Thu, 16 Sep 2021 20:37:55 GMT
server
cloudflare
age
403561
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FHg1FaalbbppojiIesukZOEosu0ALaM%2BhKFahudu8SgoineNc02mHh%2Fz%2FTcjZdV4Jh0lnoCp%2BCKlwdzrLuDS0vaqnaAjSMFbtmdEALq2Uu1ICGDJUfBuZEEhoT08r%2BFtkI8l4dJobCSgDadgdSOpphNO"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
7757b4813f363708-MIA
content-length
5871
advertising.js
www.npttech.com/
6 KB
3 KB
XHR
General
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c60b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:27 GMT
x-amz-version-id
AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
8XJ3WR3QDC9GRJWF
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
llK5OhzPWR2sXXOZx7GOLth6SerdZEOnmS0gVz3VftCo5wqQ9DTNq+z4dGIrKeIu8yo53M6pSd0=
last-modified
Tue, 18 Oct 2022 13:20:01 GMT
server
cloudflare
etag
W/"df0e1827cd8f289a645f38d8fecaf6e0"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DhoD3qSK3Oye5fJVCByQuPizZ%2FhjAFyAoB8VrpdotCOltwhUw6pSNQqaWMkL4%2FKyKsOwVGgKZYKYtaWsbqXpkeqYMOms6vR21EXcB9RRBCgJ0XgiD5NGHBIihDKvwTsiCxMEdVQNyYUjdFDKWTw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=28800
cf-ray
7757b4828b02098e-MIA
supercharger_600w.jpg
www.notateslaapp.com/images/news/2022/
32 KB
32 KB
Image
General
Full URL
https://www.notateslaapp.com/images/news/2022/supercharger_600w.jpg
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cf34af461fc092e689872d8478010c5cf0c6cf74ada86888ac6298e69863191

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:27 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Sun, 04 Dec 2022 21:43:09 GMT
server
cloudflare
age
167428
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=me0Mll%2B70K8zelPNuNKqqTgY5w38bOnVnoq9N8ZRWa3ZwxAh2AGYqJiWuBVOcA8jtD8SuYonI63fzkbVvIEReFl8NHjvfALKrPA5JH%2FffKuoT3V8kSCz%2BelWPIWat9N2%2Fni80ps5PFU2XJ8peVwi6wjW"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
7757b48218723708-MIA
content-length
32895
2022.44.2-Camera_Based_Detection.png
www.notateslaapp.com/images/2022.44/
11 KB
11 KB
Image
General
Full URL
https://www.notateslaapp.com/images/2022.44/2022.44.2-Camera_Based_Detection.png
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a8853431096e07712f289b84fe13b98ed2bba0b31f6b1a925f99b7dc66a0db7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:27 GMT
cf-cache-status
HIT
last-modified
Sat, 03 Dec 2022 13:25:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
279670
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7KCHLgL3JIKHHSjVtnpWVeA0ocuJNxrQ86Vdz14oVyqxcYXoYBd3oTHVYgoc2u3NdNuGGzAWJn7x9cMUwsfdtBl9sCE5AID3cRurHUnjrOnKhTWGW8wWdltlIlkSjd14E0HyT2%2BvX7OBg6m6JBiy3mLQ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
7757b482287b3708-MIA
content-length
11065
roadster_600w.jpg
www.notateslaapp.com/images/news/2022/
51 KB
51 KB
Image
General
Full URL
https://www.notateslaapp.com/images/news/2022/roadster_600w.jpg
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76ca2dc0dbb8c6e53c1cc799427fec7581c7d3a0276d19782da2ce12196482ba

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:27 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Fri, 02 Dec 2022 19:08:28 GMT
server
cloudflare
age
349093
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o0DgbgWEJSmFIbpMZ7YmXq6HeuP95kl9gtbb3l6gwRlJzsyXkBLdfIcUffL%2BoBrq0EzXiiHnt2jRwNiveNF0fZ8z56pmlp0pvjIJXLrTzr1drxvpq0Xgg%2FmwuDpGvAcUTmoOCPEa4nvosJ1MbBHj4vLj"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
7757b482287d3708-MIA
content-length
51857
model-3-3_600w.jpg
www.notateslaapp.com/images/news/2022/
27 KB
27 KB
Image
General
Full URL
https://www.notateslaapp.com/images/news/2022/model-3-3_600w.jpg
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0733a93cc1a710f3da6ae1a8608ae13a6b3cdd375ae1ee495d8cdc68884995c7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:27 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Thu, 01 Dec 2022 16:42:08 GMT
server
cloudflare
age
442862
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c70Ggo0QY7G4AoykK15FC419Bi5rd8n1VDzH4tP%2BmonrcRTeEbbQ51pOmoDKSwH0CWQNchxMk7npMe2tobRUKVGH47qTWDWkxhoT0KO7GarnAbQ67E%2FQ1fAvTEmfaebBB%2Bh%2FQ4bwW5PRSdRgOItGKSs3"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
7757b482287e3708-MIA
content-length
27681
sentry-mode-2_600w.jpg
www.notateslaapp.com/images/news/2022/
27 KB
27 KB
Image
General
Full URL
https://www.notateslaapp.com/images/news/2022/sentry-mode-2_600w.jpg
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ecd64bf37603bb64f51992b53fb4291f31fff619c7e16021ab2e5a89b174e9b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:27 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Wed, 30 Nov 2022 15:42:07 GMT
server
cloudflare
age
15230
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GKpM8SHqHLxBs%2BvKU2Fb3EBRMpus3oCSN3ecWpIDoNqPogGcQeZVAff8iRxq2i4XhXUYudzk10NWrB4upjdOxEwRLPC%2BagIWcd6kosnm5l4eTHZKzUckuWotMJ2V3J0CqbKDPPHc3ZoZUtnAHzu%2F6tO8"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
7757b48228803708-MIA
content-length
27695
release-notes.jpg
www.notateslaapp.com/images/tesla-app-updates/4.15/
57 KB
57 KB
Image
General
Full URL
https://www.notateslaapp.com/images/tesla-app-updates/4.15/release-notes.jpg
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f824ef0ce7a02baeb3e27e2eea5e3940d6616cb477db67e4514f6cc66d01d656

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:27 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Tue, 29 Nov 2022 15:23:27 GMT
server
cloudflare
age
99395
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OlGgVn%2FMVol0PdgaLt9lVSax6ilkZYMnlGfDi4Vt5B2lE3ZynQkUUwLqVFTNnITDpcPYXOtNnurel0EECg5KkKWV7QcRSDNObjsdUij%2BrJRH5FL%2BOUZGyIcaySVt3Batbmgm%2FnFHY%2BBY5OOs%2BCgqCovb"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
7757b48228823708-MIA
content-length
58140
dolby-atmos_600w.jpg
www.notateslaapp.com/images/news/2022/
20 KB
20 KB
Image
General
Full URL
https://www.notateslaapp.com/images/news/2022/dolby-atmos_600w.jpg
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da53c29d865773a7d8c593a900c28867aecc14ed65788ed544867b2442a4dc08

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:27 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Mon, 28 Nov 2022 19:37:26 GMT
server
cloudflare
age
71382
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L0CMTQ60LOatF9qyCNAIv8PW%2BAOe8tD0N8vWlIbaVhOrv0qOF8KpwSTyZ51rue4MrTwDuPpJOfbTyYAqOlJKsD%2FQYAHz1mTqKuuZuLDS0ecCuJHZGyObmDFpA5FcihHNOYhavxxEPCOa7BiTq416OTIr"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
7757b48228853708-MIA
content-length
20631
auto-high-beams_600w.jpg
www.notateslaapp.com/images/news/2022/
13 KB
14 KB
Image
General
Full URL
https://www.notateslaapp.com/images/news/2022/auto-high-beams_600w.jpg
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a49397e0fa8a773e383a4eb11dce7c71ba3a6e537a257c465fda3dbba4273a9e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:27 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Sun, 27 Nov 2022 20:52:47 GMT
server
cloudflare
age
245185
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qPsIIj%2FfQuEg3ar7g0VREHVPKK3boSW4ECJJ%2F2X97W%2BbfsPRctHEjk3orTYTNu%2FgHefyctTS6kCIfkRFQXeAtpuXm4SJkEcnIhoT0%2BeiW%2B25M4OP3lR%2BkiI37JM%2FpJPOYbt2t%2Bbwj4JGRfwT5IGyR9Jo"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
7757b48228883708-MIA
content-length
13679
thai-language.jpg
www.notateslaapp.com/images/2022.44/
59 KB
59 KB
Image
General
Full URL
https://www.notateslaapp.com/images/2022.44/thai-language.jpg
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bccdb3a5c7cee62fcf847cf429062e56d43d87bb9ff51b47ac356814a98b1891

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:27 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Sun, 27 Nov 2022 04:11:44 GMT
server
cloudflare
age
315106
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xv1SyLyrcw8vsg9NjA4P%2BC5XFMaJDOHKhwN8TWEGrPjyqeG4VhYGWxMvDk3k9eBLZ9%2FWukRkZROlGQr1ijC931ZEU%2BkGOHcGtxa65RnAmdnyAU3uT4NlrHXp8vXLQaLEV%2BY8uIF8OEeOz0wLz1wv3Eet"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
7757b48228903708-MIA
content-length
60157
tesla-supercharger2_600w.jpg
www.notateslaapp.com/images/news/2022/
43 KB
44 KB
Image
General
Full URL
https://www.notateslaapp.com/images/news/2022/tesla-supercharger2_600w.jpg
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed3f733ee5f1ba624aa0c053a88a0b56a3c2933b40a7ae35dfe2febe545a1d33

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:27 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Fri, 25 Nov 2022 16:31:18 GMT
server
cloudflare
age
394692
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zkXIqBdwzxR4SfNQ3G7KC6xsb3Tk7KMiBAdNLDTLb%2F%2BI1ApDF1s8ZuQDjEWVRIqnCpBJp0yh3HZj2GDczeOHBO8j2zEbS5QuC%2B%2FElyaIPr2a33IkcHYOZULS9V01kFWKI2%2Bai2Jv9hve8vvI4jUtOTD7"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
7757b48228943708-MIA
content-length
44466
fsd-beta-10.69.3-1_600w.jpg
www.notateslaapp.com/images/news/2022/
24 KB
25 KB
Image
General
Full URL
https://www.notateslaapp.com/images/news/2022/fsd-beta-10.69.3-1_600w.jpg
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6a218c62d93bca75cc9bfc9c27554e7d0abb82aa40f685ed386b392ab483f1a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:27 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Thu, 03 Nov 2022 19:30:55 GMT
server
cloudflare
age
380364
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fbog7Apiiz9jNZcTTA6We%2F2ouVWncGCe78bxvun5%2BrMXjm45LixuriXQe8Rp3yZoMkbzxZg9zkoHFhAZbp59KNVM5zS7tNWqyAG1NYvJetpnRqqxHkGA9ug1V%2BXhPCCOa1VQoJorOQaQebWwzYR05yid"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
7757b48228963708-MIA
content-length
25087
hardware-3.0_600w.jpg
www.notateslaapp.com/images/news/2022/
44 KB
44 KB
Image
General
Full URL
https://www.notateslaapp.com/images/news/2022/hardware-3.0_600w.jpg
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2007ae6d477f93f9e68194fcd9290851eadc66952a2f1f4502418dbf85586f8c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:27 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Wed, 23 Nov 2022 17:20:37 GMT
server
cloudflare
age
370744
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sKzkBAiKk3r64w2LJlaD73K6PVKBDfCexeeoi5QC70WGG0b3jT3eK%2BPbue04NsfNl%2Bgz0DevDaJ%2F4FGRsC0wHBS2ry%2B3BsX9KTdggoOlHO5DLSls7FgL9csPrIHQv1JUKQwCCHteuNB9b1iAdZUsxeMm"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
7757b48228983708-MIA
content-length
44556
tesla-app-referral_600w.jpg
www.notateslaapp.com/images/news/2022/
26 KB
27 KB
Image
General
Full URL
https://www.notateslaapp.com/images/news/2022/tesla-app-referral_600w.jpg
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88c238eb527c695f90f0a3033141eb25fa47361335c4c33fb71aefb668e4a947

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:27 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Tue, 22 Nov 2022 18:09:21 GMT
server
cloudflare
age
438535
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SQoeIXdsK0eR00Wl6TVZl8WVDzw5gYkIy1arlbzqXM6tYB5Z8kKRFU0QpSwNm0qvXrqXAHkKcwciih1LWGZvjd57mSECCabvjWYMbHwsSk80Gso8YVQYS3mq9AkhZ%2FnKi%2BwmkM08W9u%2B7YeWCVXVSyCg"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
7757b48258e43708-MIA
content-length
26723
fsd-beta-19.69.2.2_600w.jpg
www.notateslaapp.com/images/news/2022/
15 KB
16 KB
Image
General
Full URL
https://www.notateslaapp.com/images/news/2022/fsd-beta-19.69.2.2_600w.jpg
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e8683f4e4185008ddc87fc82f4c7a74a8b7b334e8d5d16e61e74fc6c94fd476

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:27 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Tue, 20 Sep 2022 14:44:20 GMT
server
cloudflare
age
380364
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eH1xcCdbp%2FuRGTISqh%2F6yvereb7u6dZIZbCOEYBXxtSoO5tfgmg16yFLQK3iMyiwaWmoI7xUL%2Fh42MhsPJsgVEILAHkhUvI%2FTMbRdANKg2KtvMgaNC22geOZPry3uji5ucXcpqq3H%2BEeBsM10SHgieNf"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
7757b48258e73708-MIA
content-length
15601
apple-music-release-notes2_600w.png
www.notateslaapp.com/images/news/2022/
12 KB
12 KB
Image
General
Full URL
https://www.notateslaapp.com/images/news/2022/apple-music-release-notes2_600w.png
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ecc43c58663f0215c7ed6419a0229898134712d2c6abcccc7f7155e897bcd30

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:27 GMT
cf-cache-status
HIT
last-modified
Mon, 21 Nov 2022 18:09:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
390446
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QH%2BVTYIKDxmdac2dF9RzalgJ8aOdbCTkYLu3AuSyUWCQ%2F%2BqXUX8YWthIU2ljEYbd3z9s0aOTSnmOEUXEvG%2B6HxF6tAq85fxcH74UUvLqL%2FCL5fnRwltIpanKJolGCRFSZnVOLvF0%2F1EhkJGIm60u%2Bdtb"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
7757b48258e93708-MIA
content-length
11816
fsd-vis-arrows_300w.jpg
www.notateslaapp.com/images/news/2021/
6 KB
6 KB
Image
General
Full URL
https://www.notateslaapp.com/images/news/2021/fsd-vis-arrows_300w.jpg
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c1aee9e3d46dfe7acd78b5a549cda6060dcd511d78964eb27bd61b6aa6e2543

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:27 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Wed, 24 Aug 2022 18:21:43 GMT
server
cloudflare
age
94948
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FCCdVE8FNl65xydk9a6gKv05FCJ8rNuxyw4%2BWPDm%2FRl1dHL6yR%2FKY%2B5knJg7ZorMWxDv5wEBS972xxw2E9iGpSlDK8VO4e4ozJw5DWaUoJQzAEC4SoQsKPTOdbQkOyc514M5BGXsP%2FEU7ikyh2wg0Q%2F7"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
7757b48258ed3708-MIA
content-length
5846
quick-tips_300w.png
www.notateslaapp.com/assets/
6 KB
6 KB
Image
General
Full URL
https://www.notateslaapp.com/assets/quick-tips_300w.png
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
750c2ae6c0bf1ddc92ecbaffc384e130eaaf2d9644afb1ea23e591e435fd124a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:27 GMT
cf-cache-status
HIT
last-modified
Fri, 07 May 2021 00:22:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
400499
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sy51JM0VuxtFv3%2FyRsnWnwrlxOhA68sEXexw7h0b8Ue%2BRZl%2FjVQHSKIctVATvGW6M4qU%2FUAo7rheW4pnn4sWEwaZ7jjKomJ9Vapmh%2BTW7N8BV8YnBiwWmjcZm8ypzBpMdL7qB8cU8m3HexJLXiFN7dNl"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
7757b48258ee3708-MIA
content-length
6128
vision-ai_300w.jpg
www.notateslaapp.com/images/news/2021/
21 KB
21 KB
Image
General
Full URL
https://www.notateslaapp.com/images/news/2021/vision-ai_300w.jpg
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61b9f5b9742919378d508f715482b14a3f224e2e57f171685cd39399df95a4a6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:27 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Wed, 24 Aug 2022 18:21:17 GMT
server
cloudflare
age
419951
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sk%2F5paTYl5NUf9pnuT4AfG%2FbNGddZdNUibzMzyEuaduRhYRrz73awMHyOa9YlxWkSRVQGfPUoGRKwG6KFKsr9x12y%2BlARFopp9VCCbyB1EBnLaug4faWrvIGwTxfJKnCffkFVV5%2Bl65gDoH64ULsWA1B"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
7757b48258ef3708-MIA
content-length
21398
pixel
cm.g.doubleclick.net/
170 B
502 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
controllers_300w.jpg
www.notateslaapp.com/images/news/2021/
13 KB
14 KB
Image
General
Full URL
https://www.notateslaapp.com/images/news/2021/controllers_300w.jpg
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
324cb371edc9405f2a2c55d89248ada90510a42bf3d1b24abe575614b0bc7ac5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:27 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Wed, 24 Aug 2022 18:20:29 GMT
server
cloudflare
age
13892
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bdvOaUzIfx78gvneBRRLOBHgnR3nfMycD1vXAPHqWI8ZpBuNA6T%2FjUXPnX9oUpEMuVMo55flUUJyYHw3HPN%2FgKqmZDMnJTxZw4RtGBoBI7axSNeFTQbGsomeCdxUYJ4nnZa3pQQmBJnrUTVMP0Onrt24"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
7757b482a95f3708-MIA
content-length
13684
model-3-team_300w.jpg
www.notateslaapp.com/images/news/2021/
14 KB
15 KB
Image
General
Full URL
https://www.notateslaapp.com/images/news/2021/model-3-team_300w.jpg
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27af37e8eb64d3543696753181b83f0867cf2f9ddc3f51a7c4b3c03237c36dfb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:27 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Wed, 24 Aug 2022 18:22:03 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B5IWBu7qs5PXxx35%2Bd0uVom7wTsqvimG3MYLao81FeoYYrl1kq%2BfNZvZWV8pRXN4VaFbnXzL2a6LbGswHWy5ub1bFQNvzL3zD4tVwGQjRpHcM0gPVfjuwJfSxf5DDy%2BouFt0x7lrwkKPFfWnEU4mD76Q"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
7757b482a9633708-MIA
content-length
14679
marmalade
ads.adthrive.com/api/v1/
6 KB
2 KB
Fetch
General
Full URL
https://ads.adthrive.com/api/v1/marmalade?siteid=6086f736fa0c1f0c8270ab14&url=https%3A%2F%2Fmail.notateslaapp.com%2F&deliveryFeatures=rubiconFloors,recencyFrequency,prebidLoad,gptLoad,amazonLoad
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/6086f736fa0c1f0c8270ab14/ads.min.js?referrer=https%3A%2F%2Fmail.notateslaapp.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.208.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-62.iad66.r.cloudfront.net
Software
/
Resource Hash
0d232bf370ad37e90f5c08dc82e1f1ec0c50f604a5cfd9235608178a350c69de

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:28 GMT
adthrive-is-ios
0
content-encoding
br
via
1.1 0c9c133650294ca2485db2f5e74b2d10.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD66-C1
x-amzn-requestid
860bfc3b-7571-4f42-8b5b-3f231b798a2e
x-amzn-trace-id
Root=1-638fa357-2ab7892416a26e3350052764;Sampled=0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-apigw-id
cvZ1wFIHIAMFf6g=
x-amz-cf-id
TlJGu7SuBNJWAq7SDA15D4AXrwTCmJRLqaHumJGAXnVtqjI1ras0gg==
adthrive-is-chrome
1
apstag.js
d3div1mtym39ic.cloudfront.net/aax2/
Redirect Chain
  • https://c.amazon-adsystem.com/aax2/apstag.js
  • https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
178 KB
39 KB
Script
General
Full URL
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Server
2600:9000:20aa:6800:11:1ed0:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c77c73031f12ad805be49f065989e35ee84cdeaba71e1b64c650732c921409df

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:01:01 GMT
content-encoding
br
via
1.1 c8c9787916110356915bbdbddd0a32d6.cloudfront.net (CloudFront)
last-modified
Wed, 09 Nov 2022 20:51:49 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C2
age
988
x-amz-server-side-encryption
AES256
etag
W/"fa24fe2b94a2fc864b1ec67f32e8db32"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
pFyfAidB6iOO5Nfp1yccOpTfSp3CQXXDQ6fr-kDiuXidZeypDuHSCw==

Redirect headers

date
Tue, 06 Dec 2022 07:18:11 GMT
via
1.1 4eed67f4be7da2537d3407735b8962a8.cloudfront.net (CloudFront), 1.1 f9efe5e72b7e5cc47bf34a0b0debcbe2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
IAD55-P4, IAD89-C1
age
46756
x-cache
Hit from cloudfront
content-type
text/html
location
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
content-length
167
x-amz-cf-id
pAvt18FvihaYF8T8c_8qnGMprgOi45yjCMXjAZCFUXCHJb7nSNjH1w==
gpt.js
securepubads.g.doubleclick.net/tag/js/
80 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/6086f736fa0c1f0c8270ab14/ads.min.js?referrer=https%3A%2F%2Fmail.notateslaapp.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98902d7ab19b23572a22a8c8d6bc11621959c5aae6b531af933cc6f437c8a01f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27544
x-xss-protection
0
server
sffe
etag
"1414 / 724 of 1000 / last-modified: 1670328320"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 06 Dec 2022 20:17:28 GMT
prebid.min.js
ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/
488 KB
131 KB
Script
General
Full URL
https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/6086f736fa0c1f0c8270ab14/ads.min.js?referrer=https%3A%2F%2Fmail.notateslaapp.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.208.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-62.iad66.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f9f85a44a1f63d0eba65f1f0030e46b0324b9909227093716782590c24d9ca54

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id
3l3DHNs7I0UB7AMKX43tYkKoxiQNh8mv
content-encoding
br
via
1.1 7154e2f13d02d1cc12281ca90f1bd47e.cloudfront.net (CloudFront)
date
Tue, 06 Dec 2022 20:07:00 GMT
last-modified
Tue, 29 Nov 2022 18:50:08 GMT
server
AmazonS3
x-amz-cf-pop
IAD66-C1
age
628
etag
W/"a1e77daa27c6f1ab59dd7cf810d4620d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
dI8xm3O_h0I6NLxqCEfKq7rzZDtNnGzY3Le-QxLI89lANZ14JYNLZA==
mail.notateslaapp.com
ads.adthrive.com/api/v2/host/floors/
1 KB
684 B
XHR
General
Full URL
https://ads.adthrive.com/api/v2/host/floors/mail.notateslaapp.com
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/6086f736fa0c1f0c8270ab14/ads.min.js?referrer=https%3A%2F%2Fmail.notateslaapp.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.208.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-62.iad66.r.cloudfront.net
Software
/
Resource Hash
ac0b1c6b0149f9c0a7aa1ffed5cbfa820b55fc53877602a63eb194f0a05ed876

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:27 GMT
content-encoding
br
via
1.1 0c9c133650294ca2485db2f5e74b2d10.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD66-C1
x-amzn-trace-id
Root=1-638fa357-592045ca4fb35fa21186184e;Sampled=0
x-amzn-requestid
d069e1cf-7a96-4ea6-a904-0f7da45e4cdb
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-apigw-id
cvZ1vFtLIAMFivA=
x-amz-cf-id
_BqCVdctMEkH_0bqZ9rVl0VTBSaJlO4VseNLpFY79HS65wCUf3L70w==
adthrive.min.js
ads.adthrive.com/builds/core/b1d93de/es2018/js/
510 KB
124 KB
Script
General
Full URL
https://ads.adthrive.com/builds/core/b1d93de/es2018/js/adthrive.min.js?deployment=ade-454:pr2851:beta1:b1d93de:exp&deliveryFeatures=rubiconFloors,recencyFrequency,prebidLoad,gptLoad,amazonLoad
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/6086f736fa0c1f0c8270ab14/ads.min.js?referrer=https%3A%2F%2Fmail.notateslaapp.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.208.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-62.iad66.r.cloudfront.net
Software
CloudFront /
Resource Hash
02a6f7da76faf52a90feea9f610183f8ca7bd7b20a74d41ad27283d945eacc1a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 17:07:19 GMT
content-encoding
gzip
via
1.1 7154e2f13d02d1cc12281ca90f1bd47e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
IAD66-C1
age
11408
etag
"d8e0067747acaf2d799a39f1dba59687"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600, s-maxage=86400
content-length
126918
x-amz-cf-id
-WO_UxTMT8P9wUp-u9wwIBlArcOXE7EYx2jgeut5lgWp8AGqo3aW5A==
js
www.googletagmanager.com/gtag/
109 KB
43 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-145811549-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N44BWRL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a6baaf2ed0cf38621a11accc672354b46749f170d2f86ec68a7755f5e4a541bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
43666
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 06 Dec 2022 20:17:27 GMT
js
www.googletagmanager.com/gtag/
213 KB
75 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TK8ZNSHLTK&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-145811549-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6f1c61b6de3184d65406f0c14cdc677634057a33f6f63c73db1a90de10452fcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76266
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 06 Dec 2022 20:17:27 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-145811549-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 06 Dec 2022 19:46:25 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
1863
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 06 Dec 2022 21:46:25 GMT
topics.html
ads.adthrive.com/builds/core/b1d93de/html/ Frame C3AB
3 KB
2 KB
Document
General
Full URL
https://ads.adthrive.com/builds/core/b1d93de/html/topics.html
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/es2018/js/adthrive.min.js?deployment=ade-454:pr2851:beta1:b1d93de:exp&deliveryFeatures=rubiconFloors,recencyFrequency,prebidLoad,gptLoad,amazonLoad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.208.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-62.iad66.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d5eacfbef6e883869dcd7bed5e4891901909e463e88fca88ce67e9c90018666f

Request headers

Referer
https://mail.notateslaapp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
598
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Tue, 06 Dec 2022 20:07:31 GMT
etag
W/"1661ff0474b820ed2e9fbc7cd72a6c9a"
last-modified
Tue, 29 Nov 2022 18:53:51 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 7154e2f13d02d1cc12281ca90f1bd47e.cloudfront.net (CloudFront)
x-amz-cf-id
qRjkoGejr25WjXhPBqjjefWjlH3C-2cw_NXu_p9IIVbsCerUPklAlg==
x-amz-cf-pop
IAD66-C1
x-amz-version-id
33_7hKga7S.OKOEC9.DfpWg666fgMoLE
x-cache
Hit from cloudfront
web-vitals.umd.js
unpkg.com/web-vitals@2.0.1/dist/
5 KB
2 KB
Script
General
Full URL
https://unpkg.com/web-vitals@2.0.1/dist/web-vitals.umd.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/es2018/js/adthrive.min.js?deployment=ade-454:pr2851:beta1:b1d93de:exp&deliveryFeatures=rubiconFloors,recencyFrequency,prebidLoad,gptLoad,amazonLoad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd32ac808b323ce6c8560cba52ebba764864c69205de549821a41e1c21cbe51d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:28 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
5296662
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GEPP2TM58NJQ2NPH8MZC9A0J-mia
server
cloudflare
etag
W/"1220-Y/lmqcg3C3bYppxzEKe5wnkwNMc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7757b4880f94dad5-MIA
collect
www.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-TK8ZNSHLTK&gtm=2oebu0&_p=1721253892&cid=355545597.1670357848&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1670357848&sct=1&seg=0&dl=https%3A%2F%2Fmail.notateslaapp.com%2F&dt=Tesla%20News%2C%20Latest%20Software%20Updates%2C%20Tesla%20Rumors%20and%20Tips&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TK8ZNSHLTK&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022120101.js
securepubads.g.doubleclick.net/gpt/
384 KB
130 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c0b59c362ae740c391e742fa4517d90b9461b416b9bec855d14c04603dbaf71c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 20:28:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85717
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133241
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 09:36:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 05 Dec 2023 20:28:51 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
145 B
121 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=mail.notateslaapp.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6fa599a5cb872729a9d1a6adc3dbad43ef54806e6ea4881ba799b300174fb956
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
96
x-xss-protection
0
expires
Tue, 06 Dec 2022 20:17:28 GMT
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1721253892&t=pageview&_s=1&dl=https%3A%2F%2Fmail.notateslaapp.com%2F&ul=en-us&de=UTF-8&dt=Tesla%20News%2C%20Latest%20Software%20Updates%2C%20Tesla%20Rumors%20and%20Tips&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1839449117&gjid=1814472040&cid=355545597.1670357848&tid=UA-145811549-1&_gid=1002999196.1670357848&_r=1&gtm=2oubu0&z=1091954469
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.37.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-37-223.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:29 GMT
x-amz-version-id
vkCJAv2LVCiDvkjoOZrS5s9fefeFFUOq
content-encoding
gzip
via
1.1 7b32163caf7e91fe96df7bbeaa58c0f8.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C1
x-cache
Miss from cloudfront
last-modified
Fri, 18 Nov 2022 03:05:15 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
QMEZIMpnx8BW4nbHxu2CLkCqJEHdyYvCQ0WY24WsCtkbceoS2UaOKA==
event
logger.adthrive.com/
21 B
466 B
XHR
General
Full URL
https://logger.adthrive.com/event?siteId=6086f736fa0c1f0c8270ab14&siteName=Tesla%20Software%20Updates&bucket=beta1%3Aovrd&branch=b1d93de&deployment=ade-454%3Apr2851%3Abeta1%3Ab1d93de%3Aexp&message=Context%3A%3AsessionLogger&pageurl=https%3A%2F%2Fmail.notateslaapp.com%2F&body=%5B%7B%22gaCookie%22%3A%22GA1.2.355545597.1670357848%22%2C%22gidCookie%22%3A%22GA1.2.1002999196.1670357848%22%2C%22sessionId%22%3A%2201GKMHC4AC8WZPTG7R81MC0H70%22%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.94%20Safari%2F537.36%22%7D%5D
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/es2018/js/adthrive.min.js?deployment=ade-454:pr2851:beta1:b1d93de:exp&deliveryFeatures=rubiconFloors,recencyFrequency,prebidLoad,gptLoad,amazonLoad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.208.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-89.iad66.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a14b700bc2581383cfae352c91f00fc65439392344a2f823a9645e8546a3bde

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:29 GMT
via
1.1 3a7c02063c5f3d8ad13db0f8e016ccc2.cloudfront.net (CloudFront)
last-modified
Thu, 12 Nov 2020 16:10:14 GMT
server
AmazonS3
x-amz-cf-pop
IAD66-C1
etag
"711ef07ada64abbd94e9099392aa8d74"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
content-length
21
x-amz-cf-id
bEEntQu-QALQxEmLccTU-7bx9KubXZA3OLeZnHGKtmpFw8hIK4ROsg==
Cypuij8J
cdn.jwplayer.com/v2/playlists/
44 KB
6 KB
Fetch
General
Full URL
https://cdn.jwplayer.com/v2/playlists/Cypuij8J
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/es2018/js/adthrive.min.js?deployment=ade-454:pr2851:beta1:b1d93de:exp&deliveryFeatures=rubiconFloors,recencyFrequency,prebidLoad,gptLoad,amazonLoad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20aa:8600:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
5d4297f01b263a00e5bc7810ffc0db0b0258e22628084be636c5c6282bf8eb02

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:16:36 GMT
content-encoding
gzip
via
1.1 c307613fe3146dad6950808dc74f82f6.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
IAD89-C2
age
52
x-cache
Hit from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-robots-tag
noindex, indexifembedded
content-length
5737
x-amz-cf-id
6XqxWqKDvuiqi8yaAOgAMzbR_HAIBojxHP5ie-hG8-GMmCxnV1nz7w==
expires
Tue, 06 Dec 2022 20:19:36
beacon.js
sb.scorecardresearch.com/
4 KB
2 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/es2018/js/adthrive.min.js?deployment=ade-454:pr2851:beta1:b1d93de:exp&deliveryFeatures=rubiconFloors,recencyFrequency,prebidLoad,gptLoad,amazonLoad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.151.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-151-45.iad66.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 03:21:22 GMT
content-encoding
gzip
via
1.1 70e06614c0a8446cd4a80ab3436628d4.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
IAD66-C2
age
60966
x-amz-server-side-encryption
AES256
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
3LDBdpbQvsuKMii39eioTULequGaQDn9D0Nw7lUP7k_FdxwWXjlGAw==
config.js
cdn.confiant-integrations.net/mOinGM9MTu5v-Lto835XLhlrSPY/gpt_and_prebid/
209 KB
46 KB
Script
General
Full URL
https://cdn.confiant-integrations.net/mOinGM9MTu5v-Lto835XLhlrSPY/gpt_and_prebid/config.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/es2018/js/adthrive.min.js?deployment=ade-454:pr2851:beta1:b1d93de:exp&deliveryFeatures=rubiconFloors,recencyFrequency,prebidLoad,gptLoad,amazonLoad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:116b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e90ac55ec00d8912f79ccad5b0441f1bb4a87162b9b5b149098c8250e62071be

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 06 Dec 2022 20:02:08 GMT
server
cloudflare
x-amz-request-id
4Q4S2ETMMT9Y6TN3
age
300
etag
W/"e21295e6c0d275b4cffa3a49b636ac26"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
7757b489accc6dad-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
iHZRwBTa722wjcXbe63+1R3BWlXozLZS2td/gN5NSrk5fRRTpmvLHK0yTI8xYYwZ3cjszDc95Zg=
event
logger.adthrive.com/
21 B
482 B
XHR
General
Full URL
https://logger.adthrive.com/event?siteId=6086f736fa0c1f0c8270ab14&siteName=Tesla%20Software%20Updates&bucket=beta1%3Aovrd&branch=b1d93de&deployment=ade-454%3Apr2851%3Abeta1%3Ab1d93de%3Aexp&message=VideoManagerComponent%3A%3AnoStickyPlaylistOrSekindo&pageurl=https%3A%2F%2Fmail.notateslaapp.com%2F&body=%5B%7B%22vendor%22%3A%22none%22%2C%22device%22%3A%22desktop%22%2C%22isDesktop%22%3A%22desktop%22%7D%2C%7B%22abgroup%22%3A%7B%22wvtls%22%3A%22on%22%2C%22tpcapi%22%3A%22on%22%2C%22amzn_hold_load%22%3A%22off%22%2C%22flr%22%3A%22rubi%22%2C%22flrdt%22%3A%22none%22%2C%22clsins_ss%22%3A%22true%22%2C%22ebho%22%3A%22yieldmo_ebda%22%2C%22loglevel%22%3A%22off%22%2C%22idho%22%3A%22off%22%2C%22lzhb%22%3A%22on%22%2C%22lzcvp%22%3A%222%22%2C%22lzbpvp%22%3A%220.75%22%2C%22tripleliftdr%22%3A%22both%22%2C%22magnitedr%22%3A%22client%22%2C%22pbs2s_appnexus%22%3A%22off%22%2C%22pbs2s_grid%22%3A%22on%22%2C%22pbs2s_gumgum%22%3A%22off%22%2C%22pbs2s_openx%22%3A%22off%22%2C%22adt%22%3A%220%22%2C%22ito_ds%22%3A%222800%22%2C%223pho%22%3A%22none%22%2C%22vebho%22%3A%22medianet_ebda%22%2C%22cbt%22%3A%220s%22%2C%22vast_to%22%3A%2210s%22%2C%22proto%22%3A%22all%22%2C%22pbm%22%3A%22on%22%2C%22reqTo%22%3A%2210%22%2C%22vadv%22%3A%22on%22%2C%22smhd100%22%3A%22off%22%2C%22smad300%22%3A%22on%22%2C%22dcsll%22%3A%22off%22%2C%22jwb%22%3A%22on%22%2C%22s2sbuff%22%3A%22300%22%2C%22coldr%22%3A%22both%22%2C%22rmos1%22%3A%22off%22%2C%22socon%22%3A%220%22%2C%22dco%22%3A%22relaxed%22%2C%22mxrpog%22%3A%225%22%2C%22dajto%22%3A%22off%22%2C%22vpred_1%22%3A%2290%22%2C%22crtvmon%22%3A%22off%22%2C%22pba%22%3A%22none%22%2C%22amzn_hold_disp%22%3A%22off%22%2C%22bmetrics%22%3A%22on%22%2C%22confiant%22%3A%22prod%22%2C%22cnfep%22%3A%22on%22%2C%22refvidflr%22%3A%221%22%2C%22socbe%22%3A%22sovpct2%22%2C%22logcls%22%3A%22off%22%2C%22rebuildslot%22%3A%22on%22%2C%22upl%22%3A%22off%22%2C%22sekho%22%3A%22off%22%2C%22sospp%22%3A%22on%22%7D%2C%22pubab%22%3A%7B%7D%2C%22sess%22%3A%2201GKMHC4AC8WZPTG7R81MC0H70%22%2C%22pvk%22%3A%2201GKMHC4ACP2NW24G3NES42JG8%22%2C%22hbho%22%3A%5B%22conversant%22%2C%22nativo%22%5D%2C%22vbho%22%3A%5B%22telaria%22%5D%2C%22lmdv%22%3A%221.13.0%22%7D%5D
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/es2018/js/adthrive.min.js?deployment=ade-454:pr2851:beta1:b1d93de:exp&deliveryFeatures=rubiconFloors,recencyFrequency,prebidLoad,gptLoad,amazonLoad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.208.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-89.iad66.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a14b700bc2581383cfae352c91f00fc65439392344a2f823a9645e8546a3bde

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:29 GMT
via
1.1 3a7c02063c5f3d8ad13db0f8e016ccc2.cloudfront.net (CloudFront)
last-modified
Thu, 12 Nov 2020 16:10:14 GMT
server
AmazonS3
x-amz-cf-pop
IAD66-C1
etag
"711ef07ada64abbd94e9099392aa8d74"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
RefreshHit from cloudfront
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
content-length
21
x-amz-cf-id
GIozMjijmEKV2hRO4d9JLZLDtB2KEI7ReBKuaJ2Z2Ysa8nVjZVL6Iw==
event
logger.adthrive.com/
21 B
480 B
XHR
General
Full URL
https://logger.adthrive.com/event?siteId=6086f736fa0c1f0c8270ab14&siteName=Tesla%20Software%20Updates&bucket=beta1%3Aovrd&branch=b1d93de&deployment=ade-454%3Apr2851%3Abeta1%3Ab1d93de%3Aexp&message=BaseDynamicAdsInjector%3A%3A_logDensityInfo&pageurl=https%3A%2F%2Fmail.notateslaapp.com%2F&body=%5B%7B%22onePerViewport%22%3Atrue%2C%22combinedMax%22%3A22%2C%22targetDensityUnits%22%3A5%2C%22targetDensityPercentage%22%3A0.2%2C%22mainContentHeight%22%3A5826%2C%22recipeCount%22%3A0%2C%22numberOfEls%22%3A36%7D%2C%7B%22abgroup%22%3A%7B%22wvtls%22%3A%22on%22%2C%22tpcapi%22%3A%22on%22%2C%22amzn_hold_load%22%3A%22off%22%2C%22flr%22%3A%22rubi%22%2C%22flrdt%22%3A%22none%22%2C%22clsins_ss%22%3A%22true%22%2C%22ebho%22%3A%22yieldmo_ebda%22%2C%22loglevel%22%3A%22off%22%2C%22idho%22%3A%22off%22%2C%22lzhb%22%3A%22on%22%2C%22lzcvp%22%3A%222%22%2C%22lzbpvp%22%3A%220.75%22%2C%22tripleliftdr%22%3A%22both%22%2C%22magnitedr%22%3A%22client%22%2C%22pbs2s_appnexus%22%3A%22off%22%2C%22pbs2s_grid%22%3A%22on%22%2C%22pbs2s_gumgum%22%3A%22off%22%2C%22pbs2s_openx%22%3A%22off%22%2C%22adt%22%3A%220%22%2C%22ito_ds%22%3A%222800%22%2C%223pho%22%3A%22none%22%2C%22vebho%22%3A%22medianet_ebda%22%2C%22cbt%22%3A%220s%22%2C%22vast_to%22%3A%2210s%22%2C%22proto%22%3A%22all%22%2C%22pbm%22%3A%22on%22%2C%22reqTo%22%3A%2210%22%2C%22vadv%22%3A%22on%22%2C%22smhd100%22%3A%22off%22%2C%22smad300%22%3A%22on%22%2C%22dcsll%22%3A%22off%22%2C%22jwb%22%3A%22on%22%2C%22s2sbuff%22%3A%22300%22%2C%22coldr%22%3A%22both%22%2C%22rmos1%22%3A%22off%22%2C%22socon%22%3A%220%22%2C%22dco%22%3A%22relaxed%22%2C%22mxrpog%22%3A%225%22%2C%22dajto%22%3A%22off%22%2C%22vpred_1%22%3A%2290%22%2C%22crtvmon%22%3A%22off%22%2C%22pba%22%3A%22none%22%2C%22amzn_hold_disp%22%3A%22off%22%2C%22bmetrics%22%3A%22on%22%2C%22confiant%22%3A%22prod%22%2C%22cnfep%22%3A%22on%22%2C%22refvidflr%22%3A%221%22%2C%22socbe%22%3A%22sovpct2%22%2C%22logcls%22%3A%22off%22%2C%22rebuildslot%22%3A%22on%22%2C%22upl%22%3A%22off%22%2C%22sekho%22%3A%22off%22%2C%22sospp%22%3A%22on%22%2C%22rmosnv1%22%3A%22off%22%7D%2C%22pubab%22%3A%7B%7D%2C%22sess%22%3A%2201GKMHC4AC8WZPTG7R81MC0H70%22%2C%22pvk%22%3A%2201GKMHC4ACP2NW24G3NES42JG8%22%2C%22hbho%22%3A%5B%22conversant%22%2C%22nativo%22%5D%2C%22vbho%22%3A%5B%22telaria%22%5D%2C%22lmdv%22%3A%221.13.0%22%7D%5D
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/es2018/js/adthrive.min.js?deployment=ade-454:pr2851:beta1:b1d93de:exp&deliveryFeatures=rubiconFloors,recencyFrequency,prebidLoad,gptLoad,amazonLoad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.208.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-89.iad66.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a14b700bc2581383cfae352c91f00fc65439392344a2f823a9645e8546a3bde

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:29 GMT
via
1.1 3a7c02063c5f3d8ad13db0f8e016ccc2.cloudfront.net (CloudFront)
last-modified
Thu, 12 Nov 2020 16:10:14 GMT
server
AmazonS3
x-amz-cf-pop
IAD66-C1
etag
"711ef07ada64abbd94e9099392aa8d74"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
RefreshHit from cloudfront
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
content-length
21
x-amz-cf-id
aSasxt0RXKO-149-JmZGY47grKd562laCskqckdDP5xhjBcH67Td5g==
ads.min.css
ads.adthrive.com/sites/6086f736fa0c1f0c8270ab14/
56 B
371 B
Stylesheet
General
Full URL
https://ads.adthrive.com/sites/6086f736fa0c1f0c8270ab14/ads.min.css
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/es2018/js/adthrive.min.js?deployment=ade-454:pr2851:beta1:b1d93de:exp&deliveryFeatures=rubiconFloors,recencyFrequency,prebidLoad,gptLoad,amazonLoad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.208.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-62.iad66.r.cloudfront.net
Software
CloudFront /
Resource Hash
e37c031766281241c1659b1de4a3f03063e9f18813da28020ce4cb366662c332

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 16:29:00 GMT
content-encoding
gzip
via
1.1 7154e2f13d02d1cc12281ca90f1bd47e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
IAD66-C1
age
13708
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=3600, s-maxage=86400
content-length
68
x-amz-cf-id
Fm7kj0Anr0kk0qxCfqfxRgNPxDXQxNTDqcRIBVnm-X-nQeqQiqvQ6Q==
config
c.amazon-adsystem.com/cdn/prod/
385 B
740 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fmail.notateslaapp.com&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.37.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-37-223.iad89.r.cloudfront.net
Software
Server /
Resource Hash
a63506fb420990f57b718352691d603bd8c4574bd1182dd2f274fe276b83493d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:28 GMT
via
1.1 f9efe5e72b7e5cc47bf34a0b0debcbe2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD89-C1
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
385
x-amz-cf-id
SzYg_kYQW5lW2UIlJRNGUFZKDDdJB26EPzhpSvUlnYqrQEjwEG4v4Q==
id5-api.js
cdn.id5-sync.com/api/1.0/
57 KB
17 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39fae3dc476aaaa594e2c963401633dd5d02eccb3c175eda03912cfe0f91c92e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 24 Nov 2022 12:48:29 GMT
server
cloudflare
x-amz-request-id
HGCR45VE2HKN5MW8
age
1158
etag
W/"9ee82d693d1e83b3a37ee20226716f78"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7757b48aee8ab3bc-MIA
x-amz-id-2
yH1m6Ua4gKdWTyLEyDPnY5vgEid+M7unnauzH2I62u1itd4S/Z7BF3RZQd+j+FFWWDcpEQNRwBU=
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202210130953/
211 KB
67 KB
Script
General
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202210130953/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/mOinGM9MTu5v-Lto835XLhlrSPY/gpt_and_prebid/config.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:116b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a744d98d4cf90a8f6a6c30d9a18fe487b988ebe20a63c604beccecb96e59bb05

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 13 Oct 2022 13:54:41 GMT
server
cloudflare
x-amz-request-id
5DZ6QHG2W2PKG8HT
age
4676980
etag
W/"03a86b5b26a561ee4fc2b40e330e2ac5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
7757b48b282c3706-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
vF2rlDuok4JyCz7L2rUQa8DuF5rA974haJtPITg4GiAoUi0pK5nAOgENtjm3lHnD+H/wDWBHTN4=
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=20567959&cs_it=b3&cv=3.8.0.210223&ns__t=1670357848736&ns_c=UTF-8&c7=https%3A%2F%2Fmail.notateslaapp.com%2F&c8=Tesla%20News%2C%20Latest%20Software%20Update...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=20567959&cs_it=b3&cv=3.8.0.210223&ns__t=1670357848736&ns_c=UTF-8&c7=https%3A%2F%2Fmail.notateslaapp.com%2F&c8=Tesla%20News%2C%20Latest%20Software%20Updat...
0
191 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=20567959&cs_it=b3&cv=3.8.0.210223&ns__t=1670357848736&ns_c=UTF-8&c7=https%3A%2F%2Fmail.notateslaapp.com%2F&c8=Tesla%20News%2C%20Latest%20Software%20Updates%2C%20Tesla%20Rumors%20and%20Tips&c9=
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Server
13.32.151.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-151-45.iad66.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:29 GMT
via
1.1 70e06614c0a8446cd4a80ab3436628d4.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD66-C2
x-amz-cf-id
IWFyEdj4XijgjkaPTVkt0UwGIDNEIXmXTiyq7AFR4W3ybEhrm2fnXQ==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=2&c2=20567959&cs_it=b3&cv=3.8.0.210223&ns__t=1670357848736&ns_c=UTF-8&c7=https%3A%2F%2Fmail.notateslaapp.com%2F&c8=Tesla%20News%2C%20Latest%20Software%20Updates%2C%20Tesla%20Rumors%20and%20Tips&c9=
date
Tue, 06 Dec 2022 20:17:28 GMT
via
1.1 70e06614c0a8446cd4a80ab3436628d4.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD66-C2
content-length
0
x-amz-cf-id
yoPmT8I_hQ1OS0HI0Y9ok9Y7K-cxSeT0vZFleUTb4jIwbvNN_GLR6g==
x-cache
Miss from cloudfront
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://mail.notateslaapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://mail.notateslaapp.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 06 Dec 2022 20:17:29 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://mail.notateslaapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://mail.notateslaapp.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 06 Dec 2022 20:17:29 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://mail.notateslaapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://mail.notateslaapp.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 06 Dec 2022 20:17:29 GMT
server
ATS/9.1.10.25
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/
213 B
657 B
XHR
General
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fmail.notateslaapp.com%2F&pid=8eQOH0t77KuTn&cb=0&ws=1600x1200&v=22.1107.1609&t=2600&slots=%5B%7B%22sd%22%3A%22AdThrive_Footer_1_desktop%22%2C%22s%22%3A%5B%22728x90%22%2C%22320x50%22%2C%22970x90%22%2C%22300x50%22%2C%22320x100%22%2C%22468x60%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Footer_1%2F6086f736fa0c1f0c8270ab14%22%7D%5D&pj=%7B%22adRefresh%22%3A%220%22%7D&schain=1.0%2C1!cafemedia.com%2C6086f736fa0c1f0c8270ab14%2C1%2C%2C%2C&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.184.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-184-78.iad89.r.cloudfront.net
Software
Server /
Resource Hash
5ce88b0880adb4e5fff34fe4b3708c8b82991f343f95ce34c483666a8d11f076
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:29 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 ca8d1424de70ce439236d37048e65f54.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD89-C2
x-amz-rid
GT6JZ0HYD2MJKNQRPNYB
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
213
x-amz-cf-id
JL6Ruc58NR18wL9qo1fxkp9eDxMJpDVkv17Yz46uaQlSekfcT9jHrw==
cafemedia.js
cdn.brandmetrics.com/tag/aa466d868b2742ffa2cc31bb6341dc12/
5 KB
3 KB
Script
General
Full URL
https://cdn.brandmetrics.com/tag/aa466d868b2742ffa2cc31bb6341dc12/cafemedia.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/es2018/js/adthrive.min.js?deployment=ade-454:pr2851:beta1:b1d93de:exp&deliveryFeatures=rubiconFloors,recencyFrequency,prebidLoad,gptLoad,amazonLoad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:79b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a1fb6db1c9f1590294cb8190cfa160f888dc1bbf486d0b1c34640606d190b0c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:29 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 06 Dec 2022 19:56:45 GMT
server
cloudflare
age
1244
cf-polished
origSize=4949
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IIc78n1AESoypa1tLSQ7h3mmuHLBCr6OnmxNFQ9MGMLgL9gLh8s4sBxAOIgmBofO6wo09KvesdqJzxAVIPpXws5dQI%2Bqxx6191PwB5pyH%2Fagfd1OTLsZycvunIu%2BP2lmPWyR3TPpZ7%2FcWmf1OqRBC0hN"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7757b48d7a9d02e8-MIA
cookie_sync
prebid-server.rubiconproject.com/
3 KB
816 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/cookie_sync
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.89.34.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-89-34-248.compute-1.amazonaws.com
Software
/
Resource Hash
d155e5830e7e9913048d1612a000a7912e9498fd735faa5f0dd8e4fe39268506

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:30 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
598
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/
280 B
473 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.89.34.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-89-34-248.compute-1.amazonaws.com
Software
/
Resource Hash
d5a28404ee25c535f69828bb4e2e7454ed96d579e0cb85ed7429b631f0ac69b6

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:31 GMT
content-encoding
gzip
x-prebid
pbs-java/1.105.0
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
235
expires
0
bid-request
a.teads.tv/hb/
413 B
768 B
XHR
General
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.200.33 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-33.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c7f832fcc05ffce1d756792e4890a569170ca02a9a67d1d6c3cb4381ce4a48a0

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:31 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
302
expires
Tue, 06 Dec 2022 20:17:31 GMT
pbjs
htlb.casalemedia.com/openrtb/
37 B
569 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=185770&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22199cd8b6179c68a%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.notateslaapp.com%2F%3F%23PD%3Adesktop%23HVP%3A80%23Source%3Adirect%23Browser%3AChrome%23Topic%3AAuto%23Topic%3ATech%23MCMP%3Aiabc_1%23Sens%3Aalc%23Sens%3Aast%23Sens%3Acbd%23Sens%3Aconl%23Sens%3Acosm%23Sens%3Adat%23Sens%3Adlu%23Sens%3Adrg%23Sens%3Agamc%23Sens%3Agamv%23Sens%3Agrq%23Sens%3Apol%23Sens%3Arel%23Sens%3Asst%23Sens%3Assr%23Sens%3Asrh%23Sens%3Aske%23Sens%3Atob%23Sens%3Awtl%23vp%3A0%23AFOI_2020%3ATrue%23CNST_2021%3ATrue%23DDIG_21%3ATrue%23DEOI_2021%3ATrue%23DSVR_2021%3ATrue%23EXHFCE_2021%3ATrue%23FBSL_2022%3ATrue%23GCREF%3ATrue%23GLDM_2021%3ATrue%23HRSHW_2022%3ATrue%23MSFTA_2022%3ATrue%23NSTLE_22%3ATrue%23SF_RN_122019%3ATrue%23TGNAF_21%3ATrue%23TRGT_022020%3ATrue%23TYTA_22%3ATrue%23VITFM_21%3ATrue%22%2C%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22cafemedia.com%22%2C%22segment%22%3A%5B%7B%22id%22%3A%221%22%7D%5D%2C%22ext%22%3A%7B%22segtax%22%3A6%7D%7D%5D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A2%2C%22msi%22%3A2%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.18.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fmail.notateslaapp.com%2F%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A1%2C%22dms%22%3Atrue%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22%2F18190176%2FAdThrive_Footer_1%2F6086f736fa0c1f0c8270ab14%22%2C%22adunitcode%22%3A%22AdThrive_Footer_1_desktop%22%2C%22divId%22%3A%22AdThrive_Footer_1_desktop%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22207c1b3a4e9e31b%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22185770%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22185770%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22185770%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22185770%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22185770%22%7D%7D%2C%7B%22w%22%3A468%2C%22h%22%3A60%2C%22ext%22%3A%7B%22siteID%22%3A%22185770%22%7D%7D%2C%7B%22w%22%3A1%2C%22h%22%3A1%2C%22ext%22%3A%7B%22siteID%22%3A%22185770%22%7D%7D%5D%2C%22pos%22%3A1%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F18190176%2FAdThrive_Footer_1%2F6086f736fa0c1f0c8270ab14%22%2C%22gpid%22%3A%22%2F18190176%2FAdThrive_Footer_1%2F6086f736fa0c1f0c8270ab14%22%2C%22tid%22%3A%22bc8dfe7a-b2f4-41e7-aa37-c3eb3671913a%22%2C%22sid%22%3A%2212_5%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22cafemedia.com%22%2C%22sid%22%3A%226086f736fa0c1f0c8270ab14%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%7D%5D%7D%5D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
740234740a7d05578201539bf27c43734d8d7923a93c3322b7bdaaf9fce6f2bf

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2B8KPWlgHXV184cVWg3j3NctUyvW1gI1HMyIt5c8DtnrmKITkB58MJKqHUGnn6DaGkeJegkHg9j3XjYXb%2BkYJAIpnHXxZfI3c8Ef4nUMvjgnSUZdb8ZZymd8KQpXwLvar2A2UvTT"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7757b48d7d6d6dbb-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
bid
krk.kargo.com/api/v2/
2 B
656 B
XHR
General
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%2264aa31a5-eca6-4058-bd8c-7b39543aa4ad%22%2C%22requestCount%22%3A0%2C%22timeout%22%3A2800%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1670357849008%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%22261ab3c95c0bcf9%22%3A%22_lP4vuVhICu%22%7D%2C%22bidSizes%22%3A%7B%22261ab3c95c0bcf9%22%3A%5B%5B728%2C90%5D%2C%5B320%2C50%5D%2C%5B970%2C90%5D%2C%5B300%2C50%5D%2C%5B320%2C100%5D%2C%5B468%2C60%5D%2C%5B1%2C1%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_lP4vuVhICu%22%7D%2C%22auctionId%22%3A%22bf3f9d97-d048-4f11-844f-ab0d109d7638%22%2C%22floorData%22%3A%7B%22skipped%22%3Atrue%2C%22skipRate%22%3A10%2C%22modelVersion%22%3A%22cw-cafemedia%402022-12-05-20%22%2C%22modelWeight%22%3A70%2C%22modelTimestamp%22%3A1670270400%2C%22location%22%3A%22setConfig%22%2C%22floorProvider%22%3A%22rubicon%22%7D%2C%22userId%22%3A%7B%22pubcid%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%7D%2C%22userIdAsEids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%2C%22atype%22%3A1%7D%5D%7D%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22data%22%3A%7B%22pos%22%3A%22atf%22%2C%22adserver%22%3A%7B%22name%22%3A%22gam%22%2C%22adslot%22%3A%22%2F18190176%2FAdThrive_Footer_1%2F6086f736fa0c1f0c8270ab14%22%7D%2C%22pbadslot%22%3A%22%2F18190176%2FAdThrive_Footer_1%2F6086f736fa0c1f0c8270ab14%22%7D%2C%22tid%22%3A%22bc8dfe7a-b2f4-41e7-aa37-c3eb3671913a%22%2C%22gpid%22%3A%22%2F18190176%2FAdThrive_Footer_1%2F6086f736fa0c1f0c8270ab14%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B320%2C50%5D%2C%5B970%2C90%5D%2C%5B300%2C50%5D%2C%5B320%2C100%5D%2C%5B468%2C60%5D%2C%5B1%2C1%5D%5D%2C%22pos%22%3A1%7D%7D%2C%22adUnitCode%22%3A%22AdThrive_Footer_1_desktop%22%2C%22transactionId%22%3A%22bc8dfe7a-b2f4-41e7-aa37-c3eb3671913a%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B320%2C50%5D%2C%5B970%2C90%5D%2C%5B300%2C50%5D%2C%5B320%2C100%5D%2C%5B468%2C60%5D%2C%5B1%2C1%5D%5D%2C%22bidId%22%3A%22261ab3c95c0bcf9%22%2C%22bidderRequestId%22%3A%2225790fe8dda2da8%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22userId.init.gdpr%22%3A%5B0.09999942779541016%5D%2C%22userId.mod.init%22%3A%5B0.6999998092651367%2C1.6000003814697266%2C0.20000076293945312%2C0%2C3.6999998092651367%2C0.09999942779541016%2C0.8000001907348633%5D%2C%22userId.mods.connectId.init%22%3A%5B0.6999998092651367%5D%2C%22userId.mods.criteo.init%22%3A%5B1.6000003814697266%5D%2C%22userId.mods.id5Id.init%22%3A%5B0.20000076293945312%5D%2C%22userId.mods.identityLink.init%22%3A%5B0%5D%2C%22userId.mods.sharedId.init%22%3A%5B3.6999998092651367%5D%2C%22userId.mods.unifiedId.init%22%3A%5B0.09999942779541016%5D%2C%22userId.mods.fabrickId.init%22%3A%5B0.8000001907348633%5D%2C%22userId.init.modules%22%3A%5B9.5%5D%2C%22requestBids.usp%22%3A0.19999980926513672%2C%22requestBids.priceFloors%22%3A2.6000003814697266%2C%22requestBids.userId%22%3A3.3000001907348633%2C%22requestBids.validate%22%3A5%2C%22requestBids.makeRequests%22%3A22.699999809265137%2C%22adapter.client.validate%22%3A0%2C%22adapters.client.kargo.validate%22%3A0%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22cafemedia.com%22%2C%22segment%22%3A%5B%7B%22id%22%3A%221%22%7D%5D%2C%22ext%22%3A%7B%22segtax%22%3A6%7D%7D%5D%7D%7D%7D%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22cafemedia.com%22%2C%22sid%22%3A%226086f736fa0c1f0c8270ab14%22%2C%22hp%22%3A1%7D%5D%7D%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%2C%22usp%22%3A%221---%22%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.notateslaapp.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.108.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-108-184.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:29 GMT
Content-Encoding
gzip
X-Accel-Expires
0
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://mail.notateslaapp.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
26
Expires
Thu, 01 Jan 1970 00:00:00 UTC
cdb
bidder.criteo.com/
18 B
318 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.18.0&cb=1912437328&lsavail=1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 20:17:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
auction
tlx.3lift.com/header/
19 B
525 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.18.0&referrer=https%3A%2F%2Fwww.notateslaapp.com%2F&tmax=2800&us_privacy=1---
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.146.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-146-96.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:29 GMT
accept-ch
sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile
x-auction-status
12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
arj
cafemedia-d.openx.net/w/1.0/
190 B
606 B
XHR
General
Full URL
https://cafemedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.notateslaapp.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=bc8dfe7a-b2f4-41e7-aa37-c3eb3671913a&nocache=1670357849022&scsm=cafemedia.com%2F6%3A1&us_privacy=1---&pubcid=996b3fe4-cfc2-4673-b5fd-f5099e120d17&schain=1.0%2C1!cafemedia.com%2C6086f736fa0c1f0c8270ab14%2C1%2C%2C%2C&aus=728x90%2C320x50%2C970x90%2C300x50%2C320x100%2C468x60%2C1x1&divids=AdThrive_Footer_1_desktop&aucs=%252F18190176%252FAdThrive_Footer_1%252F6086f736fa0c1f0c8270ab14&auid=538699840&tps=c2Vucz1hbGMsYXN0LGNiZCxjb25sLGNvc20sZGF0LGRsdSxkcmcsZ2FtYyxnYW12LGdycSxwb2wscmVsLHNzdCxzc3Isc3JoLHNrZSx0b2Isd3RsJmJ1Y2tldD1iZXRhMTpvdnJkJmhpX2F1PQ%3D%3D
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
bf3a35c2458d2465a9335a47473a03eac834a3174cec379847d0ec80b3146cc0

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:29 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
176
expires
Mon, 26 Jul 1997 05:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/
62 B
464 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d00177771bcae21c6941d30023&pos=8a9694d00177771bcae21c6a7d880025&cmd=bid&sens=alc%2Cast%2Ccbd%2Cconl%2Ccosm%2Cdat%2Cdlu%2Cdrg%2Cgamc%2Cgamv%2Cgrq%2Cpol%2Crel%2Csst%2Cssr%2Csrh%2Cske%2Ctob%2Cwtl&secure=1&us_privacy=1---
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
d698ead8474efc4ae550bb6f6cfb3c92825271d161071995b4824d14a8873d81

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 20:17:29 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/
62 B
260 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d00177771bcae21c6941d30023&pos=8a969d580177771bc13c2046cd280081&cmd=bid&sens=alc%2Cast%2Ccbd%2Cconl%2Ccosm%2Cdat%2Cdlu%2Cdrg%2Cgamc%2Cgamv%2Cgrq%2Cpol%2Crel%2Csst%2Cssr%2Csrh%2Cske%2Ctob%2Cwtl&secure=1&us_privacy=1---
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
68daf5bd9470eba988e289b6d1124d8ba50acb46d6e3b8810bf404fbec0f1afb

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 20:17:29 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/
62 B
260 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d00177771bcae21c6941d30023&pos=8a9694d00177771bcae2204408520056&cmd=bid&sens=alc%2Cast%2Ccbd%2Cconl%2Ccosm%2Cdat%2Cdlu%2Cdrg%2Cgamc%2Cgamv%2Cgrq%2Cpol%2Crel%2Csst%2Cssr%2Csrh%2Cske%2Ctob%2Cwtl&secure=1&us_privacy=1---
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
5beea097104dc4c1b27c46946b322b05023b042bc0c89e3016c9dd12232af7b5

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 20:17:29 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
content-length
62
translator
hbopenbid.pubmatic.com/
0
63 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mail.notateslaapp.com
date
Tue, 06 Dec 2022 20:17:29 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/
12 KB
6 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9262&site_id=180726&zone_id=881416&size_id=2&alt_size_ids=1%2C43%2C44%2C55%2C117%2C221&p_pos=atf&us_privacy=1---&rp_schain=1.0,1!cafemedia.com,6086f736fa0c1f0c8270ab14,1,,,&eid_pubcid.org=996b3fe4-cfc2-4673-b5fd-f5099e120d17%5E1&rf=https%3A%2F%2Fwww.notateslaapp.com%2F&tg_i.iab=1&tg_i.site_code=AFOI_2020%2CCNST_2021%2CDDIG_21%2CDEOI_2021%2CDSVR_2021%2CEXHFCE_2021%2CFBSL_2022%2CGCREF%2CGLDM_2021%2CHRSHW_2022%2CMSFTA_2022%2CNSTLE_22%2CSF_RN_122019%2CTGNAF_21%2CTRGT_022020%2CTYTA_22%2CVITFM_21&tg_i.site_id=6086f736fa0c1f0c8270ab14&tg_i.sens=alc%2Cast%2Ccbd%2Cconl%2Ccosm%2Cdat%2Cdlu%2Cdrg%2Cgamc%2Cgamv%2Cgrq%2Cpol%2Crel%2Csst%2Cssr%2Csrh%2Cske%2Ctob%2Cwtl&tg_i.verticals=Auto%2CTech&tg_i.pmp_elig=true&tg_i.mcmp=iabc_1&tg_i.refresh=false&tg_i.vp=0&tg_i.pos=atf&tg_i.pbadslot=%2F18190176%2FAdThrive_Footer_1%2F6086f736fa0c1f0c8270ab14&tk_flint=pbjs_lite_v7.18.0&x_source.tid=bc8dfe7a-b2f4-41e7-aa37-c3eb3671913a&l_pb_bid_id=40037452d189e6e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F18190176%2FAdThrive_Footer_1%2F6086f736fa0c1f0c8270ab14&slots=1&rand=0.20306073999616658
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
53ed6bfc84a715fae3d5f6b0f8f8b4745d014e62e073dc650311ba66733a3529

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:31 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
bidRequest
c2shb.pubgw.yahoo.com/
66 B
264 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
d544031079132960f7b2f8f3f039672fa4e3eb7e7df1947689fe5b08829f6ec2

Request headers

Referer
https://mail.notateslaapp.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 06 Dec 2022 20:17:29 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/
66 B
267 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
54bec5c7338f72786777e2f819ded550993870ca982f719c1737baa10a5bb1fe

Request headers

Referer
https://mail.notateslaapp.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 06 Dec 2022 20:17:29 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/
66 B
263 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
b6630a5fc4a7966c6db002b3f419b3a80d8d1002c794f27b03a1b9b092c1c880

Request headers

Referer
https://mail.notateslaapp.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 06 Dec 2022 20:17:29 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
content-length
66
prebid
ib.adnxs.com/ut/v3/
19 B
715 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.153 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:30 GMT
AN-X-Request-Uuid
9317a56f-5df0-4c2e-9f88-c579e3f2530a
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mail.notateslaapp.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
38.132.118.73; 38.132.118.73; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
btlr.sharethrough.com/universal/
0
263 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.56.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-56-171.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:30 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/
603 B
949 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.56.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-56-171.compute-1.amazonaws.com
Software
/
Resource Hash
e4d76bd55629f3de04f3754cec7b90e4301d2d7718b16016dfff28c5c850e591

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 06 Dec 2022 20:17:31 GMT
content-encoding
gzip
x-openrtb-version
2.5
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://mail.notateslaapp.com
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
403
v1
btlr.sharethrough.com/universal/
0
263 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.56.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-56-171.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:30 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/
0
263 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.56.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-56-171.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:30 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/
0
263 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.56.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-56-171.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:30 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
cafemedia
direct.adsrvr.org/bid/bidder/
0
405 B
XHR
General
Full URL
https://direct.adsrvr.org/bid/bidder/cafemedia
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.250.166.129 , United States, ASN26459 (TTD-ASN-01, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 20:17:30 GMT
x-openrtb-version
2.3
server
Kestrel
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
/
colossusssp.com/
2 B
248 B
XHR
General
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.111.123 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:31 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
imp
g2.gumgum.com/hbid/
3 KB
2 KB
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?lt=1670357849058&to=0&aun=AdThrive_Footer_1_desktop&pubcid=996b3fe4-cfc2-4673-b5fd-f5099e120d17&gpid=%2F18190176%2FAdThrive_Footer_1%2F6086f736fa0c1f0c8270ab14&t=g95nznmj&pi=2&uspConsent=1---&schain=1.0%2C1!cafemedia.com%2C6086f736fa0c1f0c8270ab14%2C1%2C7925dcfe-8bbb-43f1-94fe-1f49607a1c78%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.notateslaapp.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.18.0%22%7D&ogu=null&ns=10138
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.231.190.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-190-210.compute-1.amazonaws.com
Software
nginx /
Resource Hash
79da237116c29209e76b80ebaeb4c688abd1f9b513e2f1a68c06fa06419c42e4

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:31 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/
711 B
1 KB
XHR
General
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fmail.notateslaapp.com%2F&pid=8eQOH0t77KuTn&cb=1&ws=1600x1200&v=22.1107.1609&t=2600&slots=%5B%7B%22sd%22%3A%22AdThrive_Header_1_desktop%22%2C%22s%22%3A%5B%22728x90%22%2C%22320x50%22%2C%22970x250%22%2C%22970x90%22%2C%22300x50%22%2C%22320x100%22%2C%22468x60%22%2C%221x1%22%2C%22728x250%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Header_1%2F6086f736fa0c1f0c8270ab14%22%7D%5D&pj=%7B%22adRefresh%22%3A%220%22%7D&schain=1.0%2C1!cafemedia.com%2C6086f736fa0c1f0c8270ab14%2C1%2C%2C%2C&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.184.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-184-78.iad89.r.cloudfront.net
Software
Server /
Resource Hash
86d4d67d380d6ebb2d819aacd90477c2fc6d43aa1a26482b78d1c9bcf2158545
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:29 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 ca8d1424de70ce439236d37048e65f54.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD89-C2
x-amz-rid
W2326Q0ATDHC15Y45XRZ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
711
x-amz-cf-id
_l9j6EKr87CDCbn4S_10uF5ROSj5eOXIZeEBn8ckO77WVvZyeODxYw==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/
213 B
656 B
XHR
General
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fmail.notateslaapp.com%2F&pid=8eQOH0t77KuTn&cb=2&ws=1600x1200&v=22.1107.1609&t=2600&slots=%5B%7B%22sd%22%3A%22AdThrive_Sidebar_1_desktop%22%2C%22s%22%3A%5B%22120x240%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Sidebar_1%2F6086f736fa0c1f0c8270ab14%22%7D%5D&pj=%7B%22adRefresh%22%3A%220%22%7D&schain=1.0%2C1!cafemedia.com%2C6086f736fa0c1f0c8270ab14%2C1%2C%2C%2C&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.184.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-184-78.iad89.r.cloudfront.net
Software
Server /
Resource Hash
e566dd499b8194e3e62ae8d1ee04cea7be0fb5d1cfb09c30ed22e9fde1a728b6
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:29 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 ca8d1424de70ce439236d37048e65f54.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD89-C2
x-amz-rid
331YK8ZX64S56VSR7XGF
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
213
x-amz-cf-id
trvGbLz49IjgvY_9KOBAln_ywh5PnKMbLWYnUzGNc8sNBZesruP2hw==
auction
prebid-server.rubiconproject.com/openrtb2/
0
0

bid-request
a.teads.tv/hb/
16 B
508 B
XHR
General
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.200.33 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-33.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:31 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Tue, 06 Dec 2022 20:17:31 GMT
cdb
bidder.criteo.com/
0
223 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.18.0&cb=55500173234&lsavail=1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 20:17:28 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
auction
tlx.3lift.com/header/
19 B
526 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.18.0&referrer=https%3A%2F%2Fwww.notateslaapp.com%2F&tmax=2800&us_privacy=1---
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.146.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-146-96.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:29 GMT
accept-ch
sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness
x-auction-status
12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
arj
cafemedia-d.openx.net/w/1.0/
189 B
372 B
XHR
General
Full URL
https://cafemedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.notateslaapp.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=2e742988-5d85-46e1-8c55-cfc8ef794135&nocache=1670357849207&scsm=cafemedia.com%2F6%3A1&us_privacy=1---&pubcid=996b3fe4-cfc2-4673-b5fd-f5099e120d17&schain=1.0%2C1!cafemedia.com%2C6086f736fa0c1f0c8270ab14%2C1%2C7925dcfe-8bbb-43f1-94fe-1f49607a1c78%2C%2C&aus=120x240&divids=AdThrive_Sidebar_1_desktop&aucs=%252F18190176%252FAdThrive_Sidebar_1%252F6086f736fa0c1f0c8270ab14&auid=538699853&tps=c2Vucz1hbGMsYXN0LGNiZCxjb25sLGNvc20sZGF0LGRsdSxkcmcsZ2FtYyxnYW12LGdycSxwb2wscmVsLHNzdCxzc3Isc3JoLHNrZSx0b2Isd3RsJmJ1Y2tldD1iZXRhMTpvdnJkJmhpX2F1PQ%3D%3D
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
3281124c975cc6ac17bda547deb94cc58e7a520f06745bd4e9d7c8c7fd5576e2

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:29 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
175
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/
0
119 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mail.notateslaapp.com
date
Tue, 06 Dec 2022 20:17:29 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/
140 B
837 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.153 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
bb8c1c5aa9ce463b8db81ee99af430c2445f7333a6a3e4d48c5609d864cae41b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:31 GMT
AN-X-Request-Uuid
d8f55920-f1ff-4f21-854f-8c69f282e63b
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mail.notateslaapp.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
38.132.118.73; 38.132.118.73; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cafemedia
direct.adsrvr.org/bid/bidder/
0
405 B
XHR
General
Full URL
https://direct.adsrvr.org/bid/bidder/cafemedia
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.250.166.129 , United States, ASN26459 (TTD-ASN-01, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 20:17:30 GMT
x-openrtb-version
2.3
server
Kestrel
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/
213 B
655 B
XHR
General
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fmail.notateslaapp.com%2F&pid=8eQOH0t77KuTn&cb=3&ws=1600x1200&v=22.1107.1609&t=2600&slots=%5B%7B%22sd%22%3A%22AdThrive_Sidebar_2_desktop%22%2C%22s%22%3A%5B%22300x250%22%2C%22320x50%22%2C%22300x50%22%2C%22320x100%22%2C%22250x250%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Sidebar_2%2F6086f736fa0c1f0c8270ab14%22%7D%5D&pj=%7B%22adRefresh%22%3A%220%22%7D&schain=1.0%2C1!cafemedia.com%2C6086f736fa0c1f0c8270ab14%2C1%2C%2C%2C&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.184.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-184-78.iad89.r.cloudfront.net
Software
Server /
Resource Hash
40e5ca69053fafd83e941d5e32ea0c6b326ac6ea0106dc223ed01c03a561a469
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:29 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 ca8d1424de70ce439236d37048e65f54.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD89-C2
x-amz-rid
B0N476S5Q219C44YFNM6
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
213
x-amz-cf-id
gUTqmYyOT0cGzPdypRRw4D7Q5Y_BWlAItVfzHH-bqAlLV1i56q9I0g==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/
213 B
655 B
XHR
General
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fmail.notateslaapp.com%2F&pid=8eQOH0t77KuTn&cb=4&ws=1600x1200&v=22.1107.1609&t=2600&slots=%5B%7B%22sd%22%3A%22AdThrive_Sidebar_9_desktop%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22320x50%22%2C%22160x600%22%2C%22300x1050%22%2C%22300x50%22%2C%22320x100%22%2C%22250x250%22%2C%221x1%22%2C%22300x420%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Sidebar_9%2F6086f736fa0c1f0c8270ab14%22%7D%5D&pj=%7B%22adRefresh%22%3A%220%22%7D&schain=1.0%2C1!cafemedia.com%2C6086f736fa0c1f0c8270ab14%2C1%2C%2C%2C&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.184.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-184-78.iad89.r.cloudfront.net
Software
Server /
Resource Hash
3b5fe159716b488574c118fa03368bdfec6051190df3de6bb454fb457baf38fc
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:29 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 ca8d1424de70ce439236d37048e65f54.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD89-C2
x-amz-rid
GY1DTS56RGK8ZN5CPHCE
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
213
x-amz-cf-id
03083xD8G2IAW46E0CeHd_h0dHJpDQcL_Los4_Lcgw2TGMgQj30LcA==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/
213 B
657 B
XHR
General
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fmail.notateslaapp.com%2F&pid=8eQOH0t77KuTn&cb=5&ws=1600x1200&v=22.1107.1609&t=2600&slots=%5B%7B%22sd%22%3A%22AdThrive_Content_1_desktop%22%2C%22s%22%3A%5B%22300x250%22%2C%22320x50%22%2C%22336x280%22%2C%22300x50%22%2C%22320x100%22%2C%22468x60%22%2C%22250x250%22%2C%221x1%22%2C%22300x300%22%2C%22552x334%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Content_1%2F6086f736fa0c1f0c8270ab14%22%7D%5D&pj=%7B%22adRefresh%22%3A%220%22%7D&schain=1.0%2C1!cafemedia.com%2C6086f736fa0c1f0c8270ab14%2C1%2C%2C%2C&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.184.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-184-78.iad89.r.cloudfront.net
Software
Server /
Resource Hash
621f9bde5de53516c1b477bc98f0f66596562045673ade3a1544760f0ada0ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:29 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 ca8d1424de70ce439236d37048e65f54.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD89-C2
x-amz-rid
GD09M8MWYJ7X0MW4WD31
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
213
x-amz-cf-id
UWLHCvIxMsXDuqt7q2GzwKTluH4m_YtfX5cFwhDBIFT1Jbs8RsKolw==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/
213 B
655 B
XHR
General
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fmail.notateslaapp.com%2F&pid=8eQOH0t77KuTn&cb=6&ws=1600x1200&v=22.1107.1609&t=2600&slots=%5B%7B%22sd%22%3A%22AdThrive_Content_2_desktop%22%2C%22s%22%3A%5B%22300x250%22%2C%22320x50%22%2C%22336x280%22%2C%22300x50%22%2C%22320x100%22%2C%22468x60%22%2C%22250x250%22%2C%221x1%22%2C%22300x300%22%2C%22552x334%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Content_2%2F6086f736fa0c1f0c8270ab14%22%7D%5D&pj=%7B%22adRefresh%22%3A%220%22%7D&schain=1.0%2C1!cafemedia.com%2C6086f736fa0c1f0c8270ab14%2C1%2C%2C%2C&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.184.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-184-78.iad89.r.cloudfront.net
Software
Server /
Resource Hash
25644b5ce98e0f80a270264717298e512470e4355f8ca099d1e0754e4a51d169
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:29 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 ca8d1424de70ce439236d37048e65f54.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD89-C2
x-amz-rid
26EBFR0X09J0NR1747KE
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
213
x-amz-cf-id
BWtBct2KmAEUOMWJ743D1fsjY8qQQlK6ZwV7Cib-0VSEtMQScFA3Yw==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/
713 B
1 KB
XHR
General
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fmail.notateslaapp.com%2F&pid=8eQOH0t77KuTn&cb=7&ws=1600x1200&v=22.1107.1609&t=2600&slots=%5B%7B%22sd%22%3A%22AdThrive_Content_3_desktop%22%2C%22s%22%3A%5B%22300x250%22%2C%22320x50%22%2C%22336x280%22%2C%22300x50%22%2C%22320x100%22%2C%22468x60%22%2C%22250x250%22%2C%221x1%22%2C%22300x300%22%2C%22552x334%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Content_3%2F6086f736fa0c1f0c8270ab14%22%7D%5D&pj=%7B%22adRefresh%22%3A%220%22%7D&schain=1.0%2C1!cafemedia.com%2C6086f736fa0c1f0c8270ab14%2C1%2C%2C%2C&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.184.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-184-78.iad89.r.cloudfront.net
Software
Server /
Resource Hash
4ed815035bc0200ca756112779c6a550e6d01333b84e25d7c517fc21479ab2fa
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:29 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 ca8d1424de70ce439236d37048e65f54.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD89-C2
x-amz-rid
T4Q2888CN833TNJ137C3
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
713
x-amz-cf-id
nmwVFJ1VRIMI4w9q5TGMVtcnuEjaUCzDparDsDLEWsgZq-eIQuCUrQ==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/
172 B
616 B
XHR
General
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fmail.notateslaapp.com%2F&pid=8eQOH0t77KuTn&cb=8&ws=1600x1200&v=22.1107.1609&t=2600&slots=%5B%7B%22sd%22%3A%22AdThrive_Content_4_desktop%22%2C%22s%22%3A%5B%22300x250%22%2C%22320x50%22%2C%22336x280%22%2C%22300x50%22%2C%22320x100%22%2C%22468x60%22%2C%22250x250%22%2C%221x1%22%2C%22300x300%22%2C%22552x334%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Content_4%2F6086f736fa0c1f0c8270ab14%22%7D%5D&pj=%7B%22adRefresh%22%3A%220%22%7D&cfgv=1&schain=1.0%2C1!cafemedia.com%2C6086f736fa0c1f0c8270ab14%2C1%2C%2C%2C&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.184.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-184-78.iad89.r.cloudfront.net
Software
Server /
Resource Hash
a0c2a3eadd94cb5e0e82c37568b2587f5fadcd1e0c161ef8769a38eea4787d0e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:29 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 ca8d1424de70ce439236d37048e65f54.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD89-C2
x-amz-rid
XWBTBV6ZMWCTKFBWSRYC
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
172
x-amz-cf-id
MJVfq4WJ6Oh0-2Zk1ATuTfidSZ7MMoIzfCTKSkv2MXg3yiQreHcjlQ==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/
172 B
615 B
XHR
General
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fmail.notateslaapp.com%2F&pid=8eQOH0t77KuTn&cb=9&ws=1600x1200&v=22.1107.1609&t=2600&slots=%5B%7B%22sd%22%3A%22AdThrive_Below_Post_1_desktop%22%2C%22s%22%3A%5B%22300x250%22%2C%22320x50%22%2C%22336x280%22%2C%22320x100%22%2C%22468x60%22%2C%22250x250%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Below_Post_1%2F6086f736fa0c1f0c8270ab14%22%7D%5D&pj=%7B%22adRefresh%22%3A%220%22%7D&cfgv=1&schain=1.0%2C1!cafemedia.com%2C6086f736fa0c1f0c8270ab14%2C1%2C%2C%2C&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.184.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-184-78.iad89.r.cloudfront.net
Software
Server /
Resource Hash
836b82e5763aefa91a59e10a6463cb73d8c5b451c43a7f4afcbfe88855b93c0a
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:29 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 ca8d1424de70ce439236d37048e65f54.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD89-C2
x-amz-rid
B48SQTDHTEH17FHRW54M
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
172
x-amz-cf-id
ClwivAwu3qsXpYK0HejeUKXxXeez7vpjqZbhIth-b30VY2InbXOqHw==
iu3
s.amazon-adsystem.com/ Frame A17C
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&dcc=t
342 B
1 KB
Document
General
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
ea3a1376f6a49d6eeb315545bad4d52ff7cb3b46135879d221e48f2eb54fd257
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://mail.notateslaapp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
342
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 06 Dec 2022 20:17:31 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
WMX99SZ3RQ1RFHJ0EX32

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Tue, 06 Dec 2022 20:17:31 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
RGWT1JQ4QA147KJ456EC
v1
lb.eu-1-id5-sync.com/lb/
33 B
408 B
XHR
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
5ad86a767ba6d81e8e7c3939394623daabee6ea5416eae8cee9590ead2953626
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mail.notateslaapp.com
date
Tue, 06 Dec 2022 20:17:30 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
v1
lbs.eu-1-id5-sync.com/lbs/
54 B
235 B
XHR
General
Full URL
https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:701:1000::31d2 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
5b9fd0ac1a8e557b0d6a4bbc6503a288db334fac333d29012c5e3d55302a0b65

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mail.notateslaapp.com
date
Tue, 6 Dec 2022 20:17:30 GMT
content-length
54
vary
Origin
content-type
application/json
65568.js
cdn.brandmetrics.com/scripts/bundle/
44 KB
14 KB
Script
General
Full URL
https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=f9816ecc-b51b-4747-bc3e-1ea86a0677a2&toploc=mail.notateslaapp.com
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/tag/aa466d868b2742ffa2cc31bb6341dc12/cafemedia.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:79b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef0cfe86bb48e434fae6ea677fca71bb60d6d7f50a8746d7ae0982d7ba9f2114

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:30 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 06 Dec 2022 20:17:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OVSooVbsCAt5dz12PXCiJwu%2Fj5qskG%2BNT%2BdlYHGly%2Bofu3qPCOx6mwWJjSShEXBmXTshOeU9i6opiSv8OZvGVc65BA6rRB7tymNiJMlk%2B%2F1JXWfU5TjR8BlrMAzQBDdjJiHWnlANnDZxbINwjL0NK3pg"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7757b4927b3a02e8-MIA
c.js
collector.brandmetrics.com/
0
120 B
Script
General
Full URL
https://collector.brandmetrics.com/c.js?siteid=f9816ecc-b51b-4747-bc3e-1ea86a0677a2&toploc=mail.notateslaapp.com&rnd=5033670
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=f9816ecc-b51b-4747-bc3e-1ea86a0677a2&toploc=mail.notateslaapp.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.40.202.2 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 20:17:31 GMT
Content-Length
0
Content-Type
text/javascript;charset=utf-8
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Di%26uid%3D%24%7BBSW_UUI...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Di%26uid%3D%24%7BB...
  • https://prebid-server.rubiconproject.com/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=1---&account=&f=i&uid=b1d435b5-77d4-4214-8692-93c49c8f540c
86 B
617 B
Image
General
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=1---&account=&f=i&uid=b1d435b5-77d4-4214-8692-93c49c8f540c
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Server
3.89.34.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-89-34-248.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Tue, 06 Dec 2022 20:17:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
expires
0

Redirect headers

Location
https://prebid-server.rubiconproject.com/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=1---&account=&f=i&uid=b1d435b5-77d4-4214-8692-93c49c8f540c
Date
Tue, 06 Dec 2022 20:17:31 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
367.json
id5-sync.com/g/v2/
462 B
1 KB
XHR
General
Full URL
https://id5-sync.com/g/v2/367.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
a7dd9ba96a2574057d279cfde1cad0214bd7f951ab6ad9809ed7524b0be5238d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 20:17:30 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://mail.notateslaapp.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://mail.notateslaapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://mail.notateslaapp.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 06 Dec 2022 20:17:31 GMT
server
ATS/9.1.10.25
auction
prebid-server.rubiconproject.com/openrtb2/
279 B
470 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.89.34.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-89-34-248.compute-1.amazonaws.com
Software
/
Resource Hash
1e8a423450fb3946e93b6dbd2e3c57989f321975c94183e1951e7d746de78465

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:31 GMT
content-encoding
gzip
x-prebid
pbs-java/1.105.0
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
232
expires
0
bid-request
a.teads.tv/hb/
16 B
393 B
XHR
General
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.200.33 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-33.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:31 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Tue, 06 Dec 2022 20:17:31 GMT
pbjs
htlb.casalemedia.com/openrtb/
37 B
545 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=185774&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22834ea762fddd7d7%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.notateslaapp.com%2F%3F%23PD%3Adesktop%23HVP%3A50%23Source%3Adirect%23Browser%3AChrome%23Topic%3AAuto%23Topic%3ATech%23MCMP%3Aiabc_1%23Sens%3Aalc%23Sens%3Aast%23Sens%3Acbd%23Sens%3Aconl%23Sens%3Acosm%23Sens%3Adat%23Sens%3Adlu%23Sens%3Adrg%23Sens%3Agamc%23Sens%3Agamv%23Sens%3Agrq%23Sens%3Apol%23Sens%3Arel%23Sens%3Asst%23Sens%3Assr%23Sens%3Asrh%23Sens%3Aske%23Sens%3Atob%23Sens%3Awtl%23vp%3A0%23AFOI_2020%3ATrue%23CNST_2021%3ATrue%23DDIG_21%3ATrue%23DEOI_2021%3ATrue%23DSVR_2021%3ATrue%23EXHFCE_2021%3ATrue%23FBSL_2022%3ATrue%23GCREF%3ATrue%23GLDM_2021%3ATrue%23HRSHW_2022%3ATrue%23MSFTA_2022%3ATrue%23NSTLE_22%3ATrue%23SF_RN_122019%3ATrue%23TGNAF_21%3ATrue%23TRGT_022020%3ATrue%23TYTA_22%3ATrue%23VITFM_21%3ATrue%22%2C%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22cafemedia.com%22%2C%22segment%22%3A%5B%7B%22id%22%3A%221%22%7D%5D%2C%22ext%22%3A%7B%22segtax%22%3A6%7D%7D%5D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A3%2C%22msi%22%3A3%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.18.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fmail.notateslaapp.com%2F%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A1%2C%22dms%22%3Atrue%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22%2F18190176%2FAdThrive_Header_1%2F6086f736fa0c1f0c8270ab14%22%2C%22adunitcode%22%3A%22AdThrive_Header_1_desktop%22%2C%22divId%22%3A%22AdThrive_Header_1_desktop%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2284fc0548a45bcd5%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22185774%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22185774%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22185774%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22185774%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22185774%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22185774%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A468%2C%22h%22%3A60%2C%22ext%22%3A%7B%22siteID%22%3A%22185774%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A1%2C%22h%22%3A1%2C%22ext%22%3A%7B%22siteID%22%3A%22185774%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22185774%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F18190176%2FAdThrive_Header_1%2F6086f736fa0c1f0c8270ab14%22%2C%22gpid%22%3A%22%2F18190176%2FAdThrive_Header_1%2F6086f736fa0c1f0c8270ab14%22%2C%22tid%22%3A%227c15bf40-847b-44ac-8116-df9a830f5af4%22%2C%22sid%22%3A%2215_6%22%7D%2C%22bidfloor%22%3A0.3847%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22cafemedia.com%22%2C%22sid%22%3A%226086f736fa0c1f0c8270ab14%22%2C%22hp%22%3A1%2C%22rid%22%3A%227925dcfe-8bbb-43f1-94fe-1f49607a1c78%22%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%7D%5D%7D%5D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0a6cf58dd80c6f6c2cbac9c0cbe4055b6ed672a8dffe0c31ffbc05eff95a2fd

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ScMsf0B%2BcOMN2NMsPSx6r2e%2FK1yZ0un5zCPpk%2FrzJ2AoEOjAMoCCHIfv%2Fg6AvHXciaZZqBX%2Ben6qh%2FiwzhzMFSo627K57eCqSWLLeIPMOdRdWJbfUr048UT8x9hrn2rT0Q9sxUt"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7757b49a8c63b3bf-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
bid
krk.kargo.com/api/v2/
2 B
656 B
XHR
General
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%2264aa31a5-eca6-4058-bd8c-7b39543aa4ad%22%2C%22requestCount%22%3A1%2C%22timeout%22%3A2800%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1670357851128%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%2291219aa55f07a2f%22%3A%22_vzS4k9rMKu%22%7D%2C%22bidSizes%22%3A%7B%2291219aa55f07a2f%22%3A%5B%5B728%2C90%5D%2C%5B320%2C50%5D%2C%5B970%2C250%5D%2C%5B970%2C90%5D%2C%5B300%2C50%5D%2C%5B320%2C100%5D%2C%5B468%2C60%5D%2C%5B1%2C1%5D%2C%5B728%2C250%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_vzS4k9rMKu%22%7D%2C%22auctionId%22%3A%220da10ba8-34f2-4e0c-b89d-5ce6af399eff%22%2C%22floorData%22%3A%7B%22skipped%22%3Afalse%2C%22skipRate%22%3A10%2C%22modelVersion%22%3A%22cw-cafemedia%402022-12-05-20%22%2C%22modelWeight%22%3A70%2C%22modelTimestamp%22%3A1670270400%2C%22location%22%3A%22setConfig%22%2C%22floorProvider%22%3A%22rubicon%22%7D%2C%22userId%22%3A%7B%22pubcid%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%7D%2C%22userIdAsEids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%2C%22atype%22%3A1%7D%5D%7D%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22data%22%3A%7B%22adserver%22%3A%7B%22name%22%3A%22gam%22%2C%22adslot%22%3A%22%2F18190176%2FAdThrive_Header_1%2F6086f736fa0c1f0c8270ab14%22%7D%2C%22pbadslot%22%3A%22%2F18190176%2FAdThrive_Header_1%2F6086f736fa0c1f0c8270ab14%22%7D%2C%22tid%22%3A%227c15bf40-847b-44ac-8116-df9a830f5af4%22%2C%22gpid%22%3A%22%2F18190176%2FAdThrive_Header_1%2F6086f736fa0c1f0c8270ab14%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B320%2C50%5D%2C%5B970%2C250%5D%2C%5B970%2C90%5D%2C%5B300%2C50%5D%2C%5B320%2C100%5D%2C%5B468%2C60%5D%2C%5B1%2C1%5D%2C%5B728%2C250%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22AdThrive_Header_1_desktop%22%2C%22transactionId%22%3A%227c15bf40-847b-44ac-8116-df9a830f5af4%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B320%2C50%5D%2C%5B970%2C250%5D%2C%5B970%2C90%5D%2C%5B300%2C50%5D%2C%5B320%2C100%5D%2C%5B468%2C60%5D%2C%5B1%2C1%5D%2C%5B728%2C250%5D%5D%2C%22bidId%22%3A%2291219aa55f07a2f%22%2C%22bidderRequestId%22%3A%229015f8ee9e47fc%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22userId.init.gdpr%22%3A%5B0.09999942779541016%5D%2C%22userId.mod.init%22%3A%5B0.6999998092651367%2C1.6000003814697266%2C0.20000076293945312%2C0%2C3.6999998092651367%2C0.09999942779541016%2C0.8000001907348633%5D%2C%22userId.mods.connectId.init%22%3A%5B0.6999998092651367%5D%2C%22userId.mods.criteo.init%22%3A%5B1.6000003814697266%5D%2C%22userId.mods.id5Id.init%22%3A%5B0.20000076293945312%5D%2C%22userId.mods.identityLink.init%22%3A%5B0%5D%2C%22userId.mods.sharedId.init%22%3A%5B3.6999998092651367%5D%2C%22userId.mods.unifiedId.init%22%3A%5B0.09999942779541016%5D%2C%22userId.mods.fabrickId.init%22%3A%5B0.8000001907348633%5D%2C%22userId.init.modules%22%3A%5B9.5%5D%2C%22requestBids.usp%22%3A0%2C%22requestBids.priceFloors%22%3A0.8999996185302734%2C%22requestBids.userId%22%3A1.3999996185302734%2C%22requestBids.validate%22%3A5.59999942779541%2C%22requestBids.makeRequests%22%3A9%2C%22adapter.client.validate%22%3A0%2C%22adapters.client.kargo.validate%22%3A0%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22cafemedia.com%22%2C%22segment%22%3A%5B%7B%22id%22%3A%221%22%7D%5D%2C%22ext%22%3A%7B%22segtax%22%3A6%7D%7D%5D%7D%7D%7D%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22cafemedia.com%22%2C%22sid%22%3A%226086f736fa0c1f0c8270ab14%22%2C%22hp%22%3A1%2C%22rid%22%3A%227925dcfe-8bbb-43f1-94fe-1f49607a1c78%22%7D%5D%7D%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%2C%22usp%22%3A%221---%22%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.notateslaapp.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.108.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-108-184.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:31 GMT
Content-Encoding
gzip
X-Accel-Expires
0
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://mail.notateslaapp.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
26
Expires
Thu, 01 Jan 1970 00:00:00 UTC
cdb
bidder.criteo.com/
18 B
318 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.18.0&cb=30354818348&lsavail=1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 20:17:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
auction
tlx.3lift.com/header/
19 B
525 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.18.0&referrer=https%3A%2F%2Fwww.notateslaapp.com%2F&tmax=2800&us_privacy=1---
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.146.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-146-96.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:31 GMT
accept-ch
sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version
x-auction-status
12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
arj
cafemedia-d.openx.net/w/1.0/
190 B
199 B
XHR
General
Full URL
https://cafemedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.notateslaapp.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=7c15bf40-847b-44ac-8116-df9a830f5af4&nocache=1670357851139&scsm=cafemedia.com%2F6%3A1&us_privacy=1---&pubcid=996b3fe4-cfc2-4673-b5fd-f5099e120d17&schain=1.0%2C1!cafemedia.com%2C6086f736fa0c1f0c8270ab14%2C1%2C7925dcfe-8bbb-43f1-94fe-1f49607a1c78%2C%2C&aus=728x90%2C320x50%2C970x250%2C970x90%2C300x50%2C320x100%2C468x60%2C1x1%2C728x250&divids=AdThrive_Header_1_desktop&aucs=%252F18190176%252FAdThrive_Header_1%252F6086f736fa0c1f0c8270ab14&auid=538699873&tps=c2Vucz1hbGMsYXN0LGNiZCxjb25sLGNvc20sZGF0LGRsdSxkcmcsZ2FtYyxnYW12LGdycSxwb2wscmVsLHNzdCxzc3Isc3JoLHNrZSx0b2Isd3RsJmJ1Y2tldD1iZXRhMTpvdnJkJmhpX2F1PQ%3D%3D&aumfs=370
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
2606bb5c3dc19714fe9aae7aab1b6cf10452c4e5eedd30d6a5a8b75892f733af

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:31 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
176
expires
Mon, 26 Jul 1997 05:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/
62 B
283 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d00177771bcae21c6941d30023&pos=8a969d580177771bc13c2045cac4007f&cmd=bid&sens=alc%2Cast%2Ccbd%2Cconl%2Ccosm%2Cdat%2Cdlu%2Cdrg%2Cgamc%2Cgamv%2Cgrq%2Cpol%2Crel%2Csst%2Cssr%2Csrh%2Cske%2Ctob%2Cwtl&secure=1&us_privacy=1---
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
daff819f035e671416029f0710b25ccf7cbf5b82361ebaa9a6eed34e1fe14b6e

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 20:17:31 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
content-length
62
translator
hbopenbid.pubmatic.com/
0
63 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mail.notateslaapp.com
date
Tue, 06 Dec 2022 20:17:30 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/
751 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9262&site_id=180726&zone_id=881422&size_id=2&alt_size_ids=1%2C43%2C44%2C55%2C57%2C117%2C221&us_privacy=1---&rp_schain=1.0,1!cafemedia.com,6086f736fa0c1f0c8270ab14,1,7925dcfe-8bbb-43f1-94fe-1f49607a1c78,,&eid_pubcid.org=996b3fe4-cfc2-4673-b5fd-f5099e120d17%5E1&rf=https%3A%2F%2Fwww.notateslaapp.com%2F&tg_i.iab=1&tg_i.site_code=AFOI_2020%2CCNST_2021%2CDDIG_21%2CDEOI_2021%2CDSVR_2021%2CEXHFCE_2021%2CFBSL_2022%2CGCREF%2CGLDM_2021%2CHRSHW_2022%2CMSFTA_2022%2CNSTLE_22%2CSF_RN_122019%2CTGNAF_21%2CTRGT_022020%2CTYTA_22%2CVITFM_21&tg_i.site_id=6086f736fa0c1f0c8270ab14&tg_i.sens=alc%2Cast%2Ccbd%2Cconl%2Ccosm%2Cdat%2Cdlu%2Cdrg%2Cgamc%2Cgamv%2Cgrq%2Cpol%2Crel%2Csst%2Cssr%2Csrh%2Cske%2Ctob%2Cwtl&tg_i.verticals=Auto%2CTech&tg_i.pmp_elig=true&tg_i.mcmp=iabc_1&tg_i.refresh=false&tg_i.vp=0&tg_i.pbadslot=%2F18190176%2FAdThrive_Header_1%2F6086f736fa0c1f0c8270ab14&tk_flint=pbjs_lite_v7.18.0&x_source.tid=7c15bf40-847b-44ac-8116-df9a830f5af4&l_pb_bid_id=1032f622ff6c006b&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.37&rp_maxbids=1&p_gpid=%2F18190176%2FAdThrive_Header_1%2F6086f736fa0c1f0c8270ab14&slots=1&rand=0.8208430905672832
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7ae1e02a3f8189e21f649e730c48b30909bc0717e01dfab58685b0d3b816bc88

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:31 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
bidRequest
c2shb.pubgw.yahoo.com/
66 B
97 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
4fab6095d8a191a1a72d0ea006c236c32aa8bf38350e49d4d2b2f521e3597ba4

Request headers

Referer
https://mail.notateslaapp.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 06 Dec 2022 20:17:31 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
content-length
66
prebid
ib.adnxs.com/ut/v3/
19 B
715 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.153 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:31 GMT
AN-X-Request-Uuid
4703c32e-9497-4bf0-80e6-f33355f1b12a
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mail.notateslaapp.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
38.132.118.73; 38.132.118.73; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
btlr.sharethrough.com/universal/
0
263 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.56.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-56-171.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:31 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/
0
263 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.56.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-56-171.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:31 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/
0
263 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.56.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-56-171.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:31 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/
0
263 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.56.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-56-171.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:31 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/
0
263 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.56.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-56-171.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:31 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
cafemedia
direct.adsrvr.org/bid/bidder/
0
405 B
XHR
General
Full URL
https://direct.adsrvr.org/bid/bidder/cafemedia
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.250.166.129 , United States, ASN26459 (TTD-ASN-01, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 20:17:30 GMT
x-openrtb-version
2.3
server
Kestrel
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
/
colossusssp.com/
2 B
248 B
XHR
General
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.111.123 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:31 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
hb
hb.undertone.com/
0
800 B
XHR
General
Full URL
https://hb.undertone.com/hb?pid=2002&domain=notateslaapp.com&ccpa=1---
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.39.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-39-80.iad89.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:31 GMT
via
1.1 6bc1c280aeef9bbdeb102c7f4e4f773e.cloudfront.net (CloudFront)
server
istio-envoy
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
IAD89-C1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
92
x-amz-cf-id
AXNRnFotSVnVEuX_QcOZbYPS3GxpxelNaSS3GO_l5nxFqRU4S6LXiA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
pr
s.amazon-adsystem.com/v3/ Frame F001
3 KB
3 KB
Document
General
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
8544ab9e3c909a407543379380a7730f4f0d48df828d07cf6757f72f61670370
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
2873
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 06 Dec 2022 20:17:31 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
P3E1ZT1Q7MM3YA252S95
auction
prebid-server.rubiconproject.com/openrtb2/
278 B
470 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.89.34.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-89-34-248.compute-1.amazonaws.com
Software
/
Resource Hash
6e581fee1c8a40386d3a13e85778db6642224d309a2d874ddfe163b066d13ee2

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:31 GMT
content-encoding
gzip
x-prebid
pbs-java/1.105.0
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
232
expires
0
bid-request
a.teads.tv/hb/
16 B
393 B
XHR
General
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.200.33 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-33.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:31 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Tue, 06 Dec 2022 20:17:31 GMT
pbjs
htlb.casalemedia.com/openrtb/
38 B
507 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=185788&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22168254f2d8e98c9f%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.notateslaapp.com%2F%3F%23PD%3Adesktop%23HVP%3A50%23Source%3Adirect%23Browser%3AChrome%23Topic%3AAuto%23Topic%3ATech%23MCMP%3Aiabc_1%23Sens%3Aalc%23Sens%3Aast%23Sens%3Acbd%23Sens%3Aconl%23Sens%3Acosm%23Sens%3Adat%23Sens%3Adlu%23Sens%3Adrg%23Sens%3Agamc%23Sens%3Agamv%23Sens%3Agrq%23Sens%3Apol%23Sens%3Arel%23Sens%3Asst%23Sens%3Assr%23Sens%3Asrh%23Sens%3Aske%23Sens%3Atob%23Sens%3Awtl%23vp%3A0%23AFOI_2020%3ATrue%23CNST_2021%3ATrue%23DDIG_21%3ATrue%23DEOI_2021%3ATrue%23DSVR_2021%3ATrue%23EXHFCE_2021%3ATrue%23FBSL_2022%3ATrue%23GCREF%3ATrue%23GLDM_2021%3ATrue%23HRSHW_2022%3ATrue%23MSFTA_2022%3ATrue%23NSTLE_22%3ATrue%23SF_RN_122019%3ATrue%23TGNAF_21%3ATrue%23TRGT_022020%3ATrue%23TYTA_22%3ATrue%23VITFM_21%3ATrue%22%2C%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22cafemedia.com%22%2C%22segment%22%3A%5B%7B%22id%22%3A%221%22%7D%5D%2C%22ext%22%3A%7B%22segtax%22%3A6%7D%7D%5D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A4%2C%22msi%22%3A4%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.18.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fmail.notateslaapp.com%2F%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A1%2C%22dms%22%3Atrue%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22%2F18190176%2FAdThrive_Sidebar_2%2F6086f736fa0c1f0c8270ab14%22%2C%22adunitcode%22%3A%22AdThrive_Sidebar_2_desktop%22%2C%22divId%22%3A%22AdThrive_Sidebar_2_desktop%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221694ee9cffa60cc4%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22185788%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22185788%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22185788%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22185788%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22185788%22%7D%7D%2C%7B%22w%22%3A1%2C%22h%22%3A1%2C%22ext%22%3A%7B%22siteID%22%3A%22185788%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F18190176%2FAdThrive_Sidebar_2%2F6086f736fa0c1f0c8270ab14%22%2C%22gpid%22%3A%22%2F18190176%2FAdThrive_Sidebar_2%2F6086f736fa0c1f0c8270ab14%22%2C%22tid%22%3A%22916722c8-a6fd-4e3b-ae05-b137ac11e354%22%2C%22sid%22%3A%2228_4%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22cafemedia.com%22%2C%22sid%22%3A%226086f736fa0c1f0c8270ab14%22%2C%22hp%22%3A1%2C%22rid%22%3A%2234285cd3-df71-4ff7-a4cd-5ea27710c400%22%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%7D%5D%7D%5D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
825bf822d401d31d40ba24b8691fa28e26917ad6c8b17c0835de8d4a334a628f

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1w6Yj69%2B1rQJn0XfnUoP0%2BemuTkViLZye6OTFtzPAhyX8U576MDzlYIK2XBc0Qlv%2BosRxLBnlKS9n1YFjoGb8rKGrwP4vuoFWNOzYjGBNU5tiSbGj0EPQ40j64l1bPP0eMZbBVoJ"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7757b49abcedb3bf-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38
expires
0
bid
krk.kargo.com/api/v2/
2 B
656 B
XHR
General
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%2264aa31a5-eca6-4058-bd8c-7b39543aa4ad%22%2C%22requestCount%22%3A2%2C%22timeout%22%3A2800%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1670357851274%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%22172d4cd0a83acec5%22%3A%22_mfu14jCkaN%22%7D%2C%22bidSizes%22%3A%7B%22172d4cd0a83acec5%22%3A%5B%5B300%2C250%5D%2C%5B320%2C50%5D%2C%5B300%2C50%5D%2C%5B320%2C100%5D%2C%5B250%2C250%5D%2C%5B1%2C1%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_mfu14jCkaN%22%7D%2C%22auctionId%22%3A%2223ebe7eb-8cc8-49f4-813d-fc4cccc127a6%22%2C%22floorData%22%3A%7B%22skipped%22%3Atrue%2C%22skipRate%22%3A10%2C%22modelVersion%22%3A%22cw-cafemedia%402022-12-05-20%22%2C%22modelWeight%22%3A70%2C%22modelTimestamp%22%3A1670270400%2C%22location%22%3A%22setConfig%22%2C%22floorProvider%22%3A%22rubicon%22%7D%2C%22userId%22%3A%7B%22pubcid%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%7D%2C%22userIdAsEids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%2C%22atype%22%3A1%7D%5D%7D%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22data%22%3A%7B%22adserver%22%3A%7B%22name%22%3A%22gam%22%2C%22adslot%22%3A%22%2F18190176%2FAdThrive_Sidebar_2%2F6086f736fa0c1f0c8270ab14%22%7D%2C%22pbadslot%22%3A%22%2F18190176%2FAdThrive_Sidebar_2%2F6086f736fa0c1f0c8270ab14%22%7D%2C%22tid%22%3A%22916722c8-a6fd-4e3b-ae05-b137ac11e354%22%2C%22gpid%22%3A%22%2F18190176%2FAdThrive_Sidebar_2%2F6086f736fa0c1f0c8270ab14%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B320%2C50%5D%2C%5B300%2C50%5D%2C%5B320%2C100%5D%2C%5B250%2C250%5D%2C%5B1%2C1%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22AdThrive_Sidebar_2_desktop%22%2C%22transactionId%22%3A%22916722c8-a6fd-4e3b-ae05-b137ac11e354%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B320%2C50%5D%2C%5B300%2C50%5D%2C%5B320%2C100%5D%2C%5B250%2C250%5D%2C%5B1%2C1%5D%5D%2C%22bidId%22%3A%22172d4cd0a83acec5%22%2C%22bidderRequestId%22%3A%22171338e37b7e51b8%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22userId.init.gdpr%22%3A%5B0.09999942779541016%5D%2C%22userId.mod.init%22%3A%5B0.6999998092651367%2C1.6000003814697266%2C0.20000076293945312%2C0%2C3.6999998092651367%2C0.09999942779541016%2C0.8000001907348633%5D%2C%22userId.mods.connectId.init%22%3A%5B0.6999998092651367%5D%2C%22userId.mods.criteo.init%22%3A%5B1.6000003814697266%5D%2C%22userId.mods.id5Id.init%22%3A%5B0.20000076293945312%5D%2C%22userId.mods.identityLink.init%22%3A%5B0%5D%2C%22userId.mods.sharedId.init%22%3A%5B3.6999998092651367%5D%2C%22userId.mods.unifiedId.init%22%3A%5B0.09999942779541016%5D%2C%22userId.mods.fabrickId.init%22%3A%5B0.8000001907348633%5D%2C%22userId.init.modules%22%3A%5B9.5%5D%2C%22requestBids.usp%22%3A0.09999942779541016%2C%22requestBids.priceFloors%22%3A1%2C%22requestBids.userId%22%3A1%2C%22requestBids.validate%22%3A4.09999942779541%2C%22requestBids.makeRequests%22%3A8.300000190734863%2C%22adapter.client.validate%22%3A0%2C%22adapters.client.kargo.validate%22%3A0%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22cafemedia.com%22%2C%22segment%22%3A%5B%7B%22id%22%3A%221%22%7D%5D%2C%22ext%22%3A%7B%22segtax%22%3A6%7D%7D%5D%7D%7D%7D%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22cafemedia.com%22%2C%22sid%22%3A%226086f736fa0c1f0c8270ab14%22%2C%22hp%22%3A1%2C%22rid%22%3A%2234285cd3-df71-4ff7-a4cd-5ea27710c400%22%7D%5D%7D%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%2C%22usp%22%3A%221---%22%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.notateslaapp.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.108.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-108-184.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:31 GMT
Content-Encoding
gzip
X-Accel-Expires
0
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://mail.notateslaapp.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
26
Expires
Thu, 01 Jan 1970 00:00:00 UTC
cdb
bidder.criteo.com/
18 B
318 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.18.0&cb=71447373393&lsavail=1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 20:17:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
auction
tlx.3lift.com/header/
19 B
525 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.18.0&referrer=https%3A%2F%2Fwww.notateslaapp.com%2F&tmax=2800&us_privacy=1---
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.146.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-146-96.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:31 GMT
accept-ch
sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect
x-auction-status
12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
arj
cafemedia-d.openx.net/w/1.0/
189 B
199 B
XHR
General
Full URL
https://cafemedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.notateslaapp.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=916722c8-a6fd-4e3b-ae05-b137ac11e354&nocache=1670357851303&scsm=cafemedia.com%2F6%3A1&us_privacy=1---&pubcid=996b3fe4-cfc2-4673-b5fd-f5099e120d17&schain=1.0%2C1!cafemedia.com%2C6086f736fa0c1f0c8270ab14%2C1%2C34285cd3-df71-4ff7-a4cd-5ea27710c400%2C%2C&aus=300x250%2C320x50%2C300x50%2C320x100%2C250x250%2C1x1&divids=AdThrive_Sidebar_2_desktop&aucs=%252F18190176%252FAdThrive_Sidebar_2%252F6086f736fa0c1f0c8270ab14&auid=538699854&tps=c2Vucz1hbGMsYXN0LGNiZCxjb25sLGNvc20sZGF0LGRsdSxkcmcsZ2FtYyxnYW12LGdycSxwb2wscmVsLHNzdCxzc3Isc3JoLHNrZSx0b2Isd3RsJmJ1Y2tldD1iZXRhMTpvdnJkJmhpX2F1PQ%3D%3D
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
73e48e53d689e0c0d37caf36eb739e95b47eba3e35779eff298bf8e008b4f4ca

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:31 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
176
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/
0
63 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mail.notateslaapp.com
date
Tue, 06 Dec 2022 20:17:31 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/
15 KB
8 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9262&site_id=180726&zone_id=881454&size_id=15&alt_size_ids=14%2C43%2C44%2C117%2C221&us_privacy=1---&rp_schain=1.0,1!cafemedia.com,6086f736fa0c1f0c8270ab14,1,34285cd3-df71-4ff7-a4cd-5ea27710c400,,&eid_pubcid.org=996b3fe4-cfc2-4673-b5fd-f5099e120d17%5E1&rf=https%3A%2F%2Fwww.notateslaapp.com%2F&tg_i.iab=1&tg_i.site_code=AFOI_2020%2CCNST_2021%2CDDIG_21%2CDEOI_2021%2CDSVR_2021%2CEXHFCE_2021%2CFBSL_2022%2CGCREF%2CGLDM_2021%2CHRSHW_2022%2CMSFTA_2022%2CNSTLE_22%2CSF_RN_122019%2CTGNAF_21%2CTRGT_022020%2CTYTA_22%2CVITFM_21&tg_i.site_id=6086f736fa0c1f0c8270ab14&tg_i.sens=alc%2Cast%2Ccbd%2Cconl%2Ccosm%2Cdat%2Cdlu%2Cdrg%2Cgamc%2Cgamv%2Cgrq%2Cpol%2Crel%2Csst%2Cssr%2Csrh%2Cske%2Ctob%2Cwtl&tg_i.verticals=Auto%2CTech&tg_i.pmp_elig=true&tg_i.mcmp=iabc_1&tg_i.refresh=false&tg_i.vp=0&tg_i.pbadslot=%2F18190176%2FAdThrive_Sidebar_2%2F6086f736fa0c1f0c8270ab14&tk_flint=pbjs_lite_v7.18.0&x_source.tid=916722c8-a6fd-4e3b-ae05-b137ac11e354&l_pb_bid_id=182f54551839ff9a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F18190176%2FAdThrive_Sidebar_2%2F6086f736fa0c1f0c8270ab14&slots=1&rand=0.7481894517870873
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
df5fbf95da767cd69bf67c2b02a53061e20b6c28589f61431769ae684a3ff9ff

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:31 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/
19 B
715 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.153 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:31 GMT
AN-X-Request-Uuid
25c337c8-600a-480d-b135-574cf98a0cf9
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mail.notateslaapp.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
38.132.118.73; 38.132.118.73; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
btlr.sharethrough.com/universal/
0
263 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.56.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-56-171.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:31 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/
0
263 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.56.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-56-171.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:31 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/
0
263 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.56.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-56-171.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:31 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
cafemedia
direct.adsrvr.org/bid/bidder/
0
405 B
XHR
General
Full URL
https://direct.adsrvr.org/bid/bidder/cafemedia
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.250.166.129 , United States, ASN26459 (TTD-ASN-01, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 20:17:30 GMT
x-openrtb-version
2.3
server
Kestrel
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
/
colossusssp.com/
2 B
248 B
XHR
General
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.111.123 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:31 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=mail.notateslaapp.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
30 KB
13 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1113482156589776&correlator=3915921852651170&eid=31070873%2C31071149&output=ldjh&gdfp_req=1&vrg=2022120101&ptt=17&impl=fifs&us_privacy=1---&tfcd=0&iu_parts=18190176%3A22569774571%2CAdThrive_Footer_1%2C6086f736fa0c1f0c8270ab14&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C728x90%7C320x50%7C970x90%7C300x50%7C320x100%7C468x60%7C1x1&fluid=height&ifi=1&adks=2228329560&didk=1424519021&sfv=1-0-40&fsbs=1&prev_scp=location%3DFooter%26sequence%3D1%26id%3DAdThrive_Footer_1_desktop%26ATF%3Dtrue%26sticky%3Dtrue%26lazy%3Dfalse%26refresh%3D00%26nref%3D0%26hvp%3D80%26inf_scroll%3D1%26amznbid%3D2%26amznp%3D2%26flag_slot%3Dfv%253As%2Chbf%253A0%26hb_format_teads%3Dbanner%26hb_size_teads%3D728x90%26hb_pb_teads%3D0.00%26hb_adid_teads%3D5092a8c956a36946%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.15%26hb_adid_rubicon%3D510ae57a4adf3109%26hb_adomain%3Doceanbank.com%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.15%26hb_adid%3D510ae57a4adf3109%26hb_bidder%3Drubicon&eri=5&cust_params=flag%3Dtarget%253Aes2018%252Cadsmnche%253A466%252Cpmp_elig%253A1%252Cclson%253Afalse%252CclsBranch%253A%252CclsBucket%253A%252Clmdv%253A1.13.0%252Cidp%253Ash%252Crf%253A0%26siteId%3D6086f736fa0c1f0c8270ab14%26organizationId%3D6233884d998a8b7088d720e4%26siteName%3DTesla%2520Software%2520Updates%26verticals%3DAuto%252CTech%26abgroup%3Dwvtls%253Aon%252Ctpcapi%253Aon%252Camzn_hold_load%253Aoff%252Cflr%253Arubi%252Cflrdt%253Anone%252Cclsins_ss%253Atrue%252Cebho%253Ayieldmo_ebda%252Cloglevel%253Aoff%252Cidho%253Aoff%252Clzhb%253Aon%252Clzcvp%253A2%252Clzbpvp%253A0.75%252Ctripleliftdr%253Aboth%252Cmagnitedr%253Aclient%252Cpbs2s_appnexus%253Aoff%252Cpbs2s_grid%253Aon%252Cpbs2s_gumgum%253Aoff%252Cpbs2s_openx%253Aoff%252Cadt%253A0%252Cito_ds%253A2800%252C3pho%253Anone%252Cvebho%253Amedianet_ebda%252Ccbt%253A0s%252Cvast_to%253A10s%252Cproto%253Aall%252Cpbm%253Aon%252CreqTo%253A10%252Cvadv%253Aon%252Csmhd100%253Aoff%252Csmad300%253Aon%252Cdcsll%253Aoff%252Cjwb%253Aon%252Cs2sbuff%253A300%252Ccoldr%253Aboth%252Crmos1%253Aoff%252Csocon%253A0%252Cdco%253Arelaxed%252Cmxrpog%253A5%252Cdajto%253Aoff%252Cvpred_1%253A90%252Ccrtvmon%253Aoff%252Cpba%253Anone%252Camzn_hold_disp%253Aoff%252Cbmetrics%253Aon%252Cconfiant%253Aprod%252Ccnfep%253Aon%252Crefvidflr%253A1%252Csocbe%253Asovpct2%252Clogcls%253Aoff%252Crebuildslot%253Aon%252Cupl%253Aoff%252Csekho%253Aoff%252Csospp%253Aon%252Crmosnv1%253Aoff%26bucket%3Dbeta1%253Aovrd%26sens%3Dalc%252Cast%252Ccbd%252Cconl%252Ccosm%252Cdat%252Cdlu%252Cdrg%252Cgamc%252Cgamv%252Cgrq%252Cpol%252Crel%252Csst%252Cssr%252Csrh%252Cske%252Ctob%252Cwtl%26domain%3Dmail.notateslaapp.com%26plugin%3Dadthrive-ads-1.0.43-manual%26hi_au%3Dod%252Com%26vpwxvph%3D1600x1200%26ri%3D38%26pvk%3D01GKMHC4ACP2NW24G3NES42JG8%26sess%3D01GKMHC4AC8WZPTG7R81MC0H70%26branch%3Db1d93de%26deployment%3Dade-454%253Apr2851%253Abeta1%253Ab1d93de%253Aexp%26hbho%3Dconversant%252Cnativo%26vbho%3Dtelaria%26gptv%3D2022120101%26connection%3Dniet%253A4g%252Cdl%253A9.9%26fpv%3D1%26mcmp%3Diabc_1%26site_code%3DAFOI_2020%252CCNST_2021%252CDDIG_21%252CDEOI_2021%252CDSVR_2021%252CEXHFCE_2021%252CFBSL_2022%252CGCREF%252CGLDM_2021%252CHRSHW_2022%252CMSFTA_2022%252CNSTLE_22%252CSF_RN_122019%252CTGNAF_21%252CTRGT_022020%252CTYTA_22%252CVITFM_21%26marmalade%3Dtrue&sc=1&cookie_enabled=1&abxe=1&dt=1670357851411&dlt=1670357846833&idt=1993&adxs=436&adys=1130&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fmail.notateslaapp.com%2F&frm=20&vis=1&psz=1600x7361&msz=1600x-1&fws=516&ohw=1600&ga_vid=355545597.1670357848&ga_sid=1670357851&ga_hid=1721253892&ga_fc=true&cbidsp=CsgHCAESEQoIdHJpcGxfc3MQqhIgAjgCEg0KBGdyaWQQqBIgAjgCEhMKCmJyaWdodHJvbGwQqBIgAjgCEhAKB3B1Ym1fc3MQqBIgAjgCEhAKB3lpZWxkbW8QqBIgAjgCEhEKCDMzYWNyb3NzEKgSIAI4AhIPCgZ1bnJ1bHkQqBIgAjgCEg8KBmNvbF9zcxCoEiACOAIScAoFdGVhZHMQmhEaYgoQNTA5MmE4Yzk1NmEzNjk0NhDwTECQThoDVVNEIg1oYl9hZGlkX3RlYWRzIgtoYl9wYl90ZWFkcyINaGJfc2l6ZV90ZWFkcyIPaGJfZm9ybWF0X3RlYWRzKAE6BQjYBRBaIAESCQoCaXgQpQYgAhIJCgJpeBClBiACEgkKAml4EKUGIAISCQoCaXgQpgYgAhIJCgJpeBCmBiACEgwKBWthcmdvEKUGIAISDQoGY3JpdGVvEKMGIAISEQoKdHJpcGxlbGlmdBCrBiACEgwKBW9wZW54EK0GIAISDgoHdmVyaXpvbhCuBiACEg4KB3Zlcml6b24QrgYgAhIOCgd2ZXJpem9uEK4GIAISDwoIcHVibWF0aWMQqwYgAhK0AQoHcnViaWNvbhCFERqjAQoQNTEwYWU1N2E0YWRmMzEwORDwkwkaA1VTRCIJaGJfYmlkZGVyIgdoYl9hZGlkIgVoYl9wYiIHaGJfc2l6ZSIJaGJfZm9ybWF0IgpoYl9hZG9tYWluIg9oYl9hZGlkX3J1Ymljb24iDWhiX3BiX3J1Ymljb24iD2hiX3NpemVfcnViaWNvbiIRaGJfZm9ybWF0X3J1Ymljb24oAToFCNgFEFogARIPCgh5YWhvb3NzcBCrBiACEg8KCHlhaG9vc3NwEKsGIAISDwoIeWFob29zc3AQqwYgAhIPCghhcHBuZXh1cxCjDyACEhMKDHNoYXJldGhyb3VnaBDdECACEhMKDHNoYXJldGhyb3VnaBDdECACEhMKDHNoYXJldGhyb3VnaBDdECACEhMKDHNoYXJldGhyb3VnaBDeECACEhMKDHNoYXJldGhyb3VnaBDeECACEgoKA3R0ZBDzDiACEg8KCGNvbG9zc3VzEPwPIAISDQoGZ3VtZ3VtEOUQIAISDQoHcm91bmRlbBABIAISDQoHcm91bmRlbBABIAISDQoHcm91bmRlbBABIAISDQoHcm91bmRlbBABIAISDQoHcm91bmRlbBABIAIYAiIkYmM4ZGZlN2EtYjJmNC00MWU3LWFhMzctYzNlYjM2NzE5MTNhKgQIAyAASgBAxBM.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68f673bc235adaf2ec82cb034c15c0cf4cddb7bd5427c9ba9a1724a6ae9cb9dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12931
x-xss-protection
0
google-lineitem-id
5139771563
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138248453528
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
db254acb33f678ba851d2ed2560cd682.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F3F3
6 KB
3 KB
Document
General
Full URL
https://db254acb33f678ba851d2ed2560cd682.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mail.notateslaapp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 20:17:31 GMT
expires
Wed, 06 Dec 2023 20:17:31 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ecm3
s.amazon-adsystem.com/ Frame F001
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=b1d435b5-77d4-4214-8692-93c49c8f540c
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=b1d435b5-77d4-4214-8692-93c49c8f540c
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:31 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4B9FWYWE9R0JCWEWR2YZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=b1d435b5-77d4-4214-8692-93c49c8f540c
Date
Tue, 06 Dec 2022 20:17:31 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://mail.notateslaapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://mail.notateslaapp.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 06 Dec 2022 20:17:31 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://mail.notateslaapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://mail.notateslaapp.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 06 Dec 2022 20:17:31 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://mail.notateslaapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://mail.notateslaapp.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 06 Dec 2022 20:17:31 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://mail.notateslaapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://mail.notateslaapp.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 06 Dec 2022 20:17:31 GMT
server
ATS/9.1.10.25
auction
prebid-server.rubiconproject.com/openrtb2/
278 B
470 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.89.34.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-89-34-248.compute-1.amazonaws.com
Software
/
Resource Hash
03a87e15b20c77d97e00f0142587faf28a941a1f9ef10f15296aef7689812616

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:31 GMT
content-encoding
gzip
x-prebid
pbs-java/1.105.0
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
232
expires
0
bid-request
a.teads.tv/hb/
415 B
656 B
XHR
General
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.200.33 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-33.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f3e0ac5e86b8e6aece7d2809b39e01f320f87319271f9d4405fefc6bfc7751ed

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:31 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
304
expires
Tue, 06 Dec 2022 20:17:31 GMT
pbjs
htlb.casalemedia.com/openrtb/
38 B
514 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=185795&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22211a664768d1f312%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.notateslaapp.com%2F%3F%23PD%3Adesktop%23HVP%3A0%23Source%3Adirect%23Browser%3AChrome%23Topic%3AAuto%23Topic%3ATech%23MCMP%3Aiabc_1%23Sens%3Aalc%23Sens%3Aast%23Sens%3Acbd%23Sens%3Aconl%23Sens%3Acosm%23Sens%3Adat%23Sens%3Adlu%23Sens%3Adrg%23Sens%3Agamc%23Sens%3Agamv%23Sens%3Agrq%23Sens%3Apol%23Sens%3Arel%23Sens%3Asst%23Sens%3Assr%23Sens%3Asrh%23Sens%3Aske%23Sens%3Atob%23Sens%3Awtl%23vp%3A0%23AFOI_2020%3ATrue%23CNST_2021%3ATrue%23DDIG_21%3ATrue%23DEOI_2021%3ATrue%23DSVR_2021%3ATrue%23EXHFCE_2021%3ATrue%23FBSL_2022%3ATrue%23GCREF%3ATrue%23GLDM_2021%3ATrue%23HRSHW_2022%3ATrue%23MSFTA_2022%3ATrue%23NSTLE_22%3ATrue%23SF_RN_122019%3ATrue%23TGNAF_21%3ATrue%23TRGT_022020%3ATrue%23TYTA_22%3ATrue%23VITFM_21%3ATrue%22%2C%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22cafemedia.com%22%2C%22segment%22%3A%5B%7B%22id%22%3A%221%22%7D%5D%2C%22ext%22%3A%7B%22segtax%22%3A6%7D%7D%5D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A5%2C%22msi%22%3A5%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.18.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fmail.notateslaapp.com%2F%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A1%2C%22dms%22%3Atrue%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22%2F18190176%2FAdThrive_Sidebar_9%2F6086f736fa0c1f0c8270ab14%22%2C%22adunitcode%22%3A%22AdThrive_Sidebar_9_desktop%22%2C%22divId%22%3A%22AdThrive_Sidebar_9_desktop%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22212a693e79b35e89%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22185795%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22185795%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A1050%2C%22ext%22%3A%7B%22siteID%22%3A%22185795%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A160%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22185795%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22185795%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22185795%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22185795%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22185795%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A1%2C%22h%22%3A1%2C%22ext%22%3A%7B%22siteID%22%3A%22185795%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A420%2C%22ext%22%3A%7B%22siteID%22%3A%22185795%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F18190176%2FAdThrive_Sidebar_9%2F6086f736fa0c1f0c8270ab14%22%2C%22gpid%22%3A%22%2F18190176%2FAdThrive_Sidebar_9%2F6086f736fa0c1f0c8270ab14%22%2C%22tid%22%3A%226263a8ae-5a75-4f0e-b4bf-a962ccfaf634%22%2C%22sid%22%3A%2235_5%22%7D%2C%22bidfloor%22%3A0.3847%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22cafemedia.com%22%2C%22sid%22%3A%226086f736fa0c1f0c8270ab14%22%2C%22hp%22%3A1%2C%22rid%22%3A%2234285cd3-df71-4ff7-a4cd-5ea27710c400%22%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%7D%5D%7D%5D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
594cbc046eaf6d1d29db0cc3643a459ac77b6a2b8bb424519b9b6bfe0587b25d

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JCn3OsfgPByLkKaI2d2tF%2F%2BPBaEptyXYZniKXqnSc%2BxXwpVDVkZe5LMAXIedYMMUW%2B6H9QNdGAaZI8EGHH97zp9phlWHy8M1NuityZxo6wVJWKC733c4UNLilYe%2FbxiW3%2BsFMBVY"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7757b49bf851b3bf-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38
expires
0
bid
krk.kargo.com/api/v2/
2 B
656 B
XHR
General
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%2264aa31a5-eca6-4058-bd8c-7b39543aa4ad%22%2C%22requestCount%22%3A3%2C%22timeout%22%3A2800%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1670357851497%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%22218089ee362a8346%22%3A%22_zxmQwsW17E%22%2C%22219ee2f180f2645d%22%3A%22_mfu14jCkaN%22%7D%2C%22bidSizes%22%3A%7B%22218089ee362a8346%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B320%2C50%5D%2C%5B160%2C600%5D%2C%5B300%2C1050%5D%2C%5B300%2C50%5D%2C%5B320%2C100%5D%2C%5B250%2C250%5D%2C%5B1%2C1%5D%2C%5B300%2C420%5D%5D%2C%22219ee2f180f2645d%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B320%2C50%5D%2C%5B160%2C600%5D%2C%5B300%2C1050%5D%2C%5B300%2C50%5D%2C%5B320%2C100%5D%2C%5B250%2C250%5D%2C%5B1%2C1%5D%2C%5B300%2C420%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_zxmQwsW17E%22%7D%2C%22auctionId%22%3A%22c5905b33-3f02-489b-b2ac-695af215fe08%22%2C%22floorData%22%3A%7B%22skipped%22%3Afalse%2C%22skipRate%22%3A10%2C%22modelVersion%22%3A%22cw-cafemedia%402022-12-05-20%22%2C%22modelWeight%22%3A70%2C%22modelTimestamp%22%3A1670270400%2C%22location%22%3A%22setConfig%22%2C%22floorProvider%22%3A%22rubicon%22%7D%2C%22userId%22%3A%7B%22pubcid%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%7D%2C%22userIdAsEids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%2C%22atype%22%3A1%7D%5D%7D%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22data%22%3A%7B%22adserver%22%3A%7B%22name%22%3A%22gam%22%2C%22adslot%22%3A%22%2F18190176%2FAdThrive_Sidebar_9%2F6086f736fa0c1f0c8270ab14%22%7D%2C%22pbadslot%22%3A%22%2F18190176%2FAdThrive_Sidebar_9%2F6086f736fa0c1f0c8270ab14%22%7D%2C%22tid%22%3A%226263a8ae-5a75-4f0e-b4bf-a962ccfaf634%22%2C%22gpid%22%3A%22%2F18190176%2FAdThrive_Sidebar_9%2F6086f736fa0c1f0c8270ab14%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B320%2C50%5D%2C%5B160%2C600%5D%2C%5B300%2C1050%5D%2C%5B300%2C50%5D%2C%5B320%2C100%5D%2C%5B250%2C250%5D%2C%5B1%2C1%5D%2C%5B300%2C420%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22AdThrive_Sidebar_9_desktop%22%2C%22transactionId%22%3A%226263a8ae-5a75-4f0e-b4bf-a962ccfaf634%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B320%2C50%5D%2C%5B160%2C600%5D%2C%5B300%2C1050%5D%2C%5B300%2C50%5D%2C%5B320%2C100%5D%2C%5B250%2C250%5D%2C%5B1%2C1%5D%2C%5B300%2C420%5D%5D%2C%22bidId%22%3A%22218089ee362a8346%22%2C%22bidderRequestId%22%3A%22217e122ad583e3a3%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22userId.init.gdpr%22%3A%5B0.09999942779541016%5D%2C%22userId.mod.init%22%3A%5B0.6999998092651367%2C1.6000003814697266%2C0.20000076293945312%2C0%2C3.6999998092651367%2C0.09999942779541016%2C0.8000001907348633%5D%2C%22userId.mods.connectId.init%22%3A%5B0.6999998092651367%5D%2C%22userId.mods.criteo.init%22%3A%5B1.6000003814697266%5D%2C%22userId.mods.id5Id.init%22%3A%5B0.20000076293945312%5D%2C%22userId.mods.identityLink.init%22%3A%5B0%5D%2C%22userId.mods.sharedId.init%22%3A%5B3.6999998092651367%5D%2C%22userId.mods.unifiedId.init%22%3A%5B0.09999942779541016%5D%2C%22userId.mods.fabrickId.init%22%3A%5B0.8000001907348633%5D%2C%22userId.init.modules%22%3A%5B9.5%5D%2C%22requestBids.usp%22%3A0.6999998092651367%2C%22requestBids.priceFloors%22%3A4.40000057220459%2C%22requestBids.userId%22%3A0.7999992370605469%2C%22requestBids.validate%22%3A3%2C%22requestBids.makeRequests%22%3A14.100000381469727%2C%22adapter.client.validate%22%3A0%2C%22adapters.client.kargo.validate%22%3A0%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A2%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22cafemedia.com%22%2C%22segment%22%3A%5B%7B%22id%22%3A%221%22%7D%5D%2C%22ext%22%3A%7B%22segtax%22%3A6%7D%7D%5D%7D%7D%7D%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22cafemedia.com%22%2C%22sid%22%3A%226086f736fa0c1f0c8270ab14%22%2C%22hp%22%3A1%2C%22rid%22%3A%2234285cd3-df71-4ff7-a4cd-5ea27710c400%22%7D%5D%7D%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_mfu14jCkaN%22%7D%2C%22auctionId%22%3A%22c5905b33-3f02-489b-b2ac-695af215fe08%22%2C%22floorData%22%3A%7B%22skipped%22%3Afalse%2C%22skipRate%22%3A10%2C%22modelVersion%22%3A%22cw-cafemedia%402022-12-05-20%22%2C%22modelWeight%22%3A70%2C%22modelTimestamp%22%3A1670270400%2C%22location%22%3A%22setConfig%22%2C%22floorProvider%22%3A%22rubicon%22%7D%2C%22userId%22%3A%7B%22pubcid%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%7D%2C%22userIdAsEids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%2C%22atype%22%3A1%7D%5D%7D%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22data%22%3A%7B%22adserver%22%3A%7B%22name%22%3A%22gam%22%2C%22adslot%22%3A%22%2F18190176%2FAdThrive_Sidebar_9%2F6086f736fa0c1f0c8270ab14%22%7D%2C%22pbadslot%22%3A%22%2F18190176%2FAdThrive_Sidebar_9%2F6086f736fa0c1f0c8270ab14%22%7D%2C%22tid%22%3A%226263a8ae-5a75-4f0e-b4bf-a962ccfaf634%22%2C%22gpid%22%3A%22%2F18190176%2FAdThrive_Sidebar_9%2F6086f736fa0c1f0c8270ab14%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B320%2C50%5D%2C%5B160%2C600%5D%2C%5B300%2C1050%5D%2C%5B300%2C50%5D%2C%5B320%2C100%5D%2C%5B250%2C250%5D%2C%5B1%2C1%5D%2C%5B300%2C420%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22AdThrive_Sidebar_9_desktop%22%2C%22transactionId%22%3A%226263a8ae-5a75-4f0e-b4bf-a962ccfaf634%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B320%2C50%5D%2C%5B160%2C600%5D%2C%5B300%2C1050%5D%2C%5B300%2C50%5D%2C%5B320%2C100%5D%2C%5B250%2C250%5D%2C%5B1%2C1%5D%2C%5B300%2C420%5D%5D%2C%22bidId%22%3A%22219ee2f180f2645d%22%2C%22bidderRequestId%22%3A%22217e122ad583e3a3%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22userId.init.gdpr%22%3A%5B0.09999942779541016%5D%2C%22userId.mod.init%22%3A%5B0.6999998092651367%2C1.6000003814697266%2C0.20000076293945312%2C0%2C3.6999998092651367%2C0.09999942779541016%2C0.8000001907348633%5D%2C%22userId.mods.connectId.init%22%3A%5B0.6999998092651367%5D%2C%22userId.mods.criteo.init%22%3A%5B1.6000003814697266%5D%2C%22userId.mods.id5Id.init%22%3A%5B0.20000076293945312%5D%2C%22userId.mods.identityLink.init%22%3A%5B0%5D%2C%22userId.mods.sharedId.init%22%3A%5B3.6999998092651367%5D%2C%22userId.mods.unifiedId.init%22%3A%5B0.09999942779541016%5D%2C%22userId.mods.fabrickId.init%22%3A%5B0.8000001907348633%5D%2C%22userId.init.modules%22%3A%5B9.5%5D%2C%22requestBids.usp%22%3A0.6999998092651367%2C%22requestBids.priceFloors%22%3A4.40000057220459%2C%22requestBids.userId%22%3A0.7999992370605469%2C%22requestBids.validate%22%3A3%2C%22requestBids.makeRequests%22%3A14.100000381469727%2C%22adapter.client.validate%22%3A0%2C%22adapters.client.kargo.validate%22%3A0%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A2%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22cafemedia.com%22%2C%22segment%22%3A%5B%7B%22id%22%3A%221%22%7D%5D%2C%22ext%22%3A%7B%22segtax%22%3A6%7D%7D%5D%7D%7D%7D%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22cafemedia.com%22%2C%22sid%22%3A%226086f736fa0c1f0c8270ab14%22%2C%22hp%22%3A1%2C%22rid%22%3A%2234285cd3-df71-4ff7-a4cd-5ea27710c400%22%7D%5D%7D%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%2C%22usp%22%3A%221---%22%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.notateslaapp.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.108.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-108-184.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:31 GMT
Content-Encoding
gzip
X-Accel-Expires
0
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://mail.notateslaapp.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
26
Expires
Thu, 01 Jan 1970 00:00:00 UTC
cdb
bidder.criteo.com/
18 B
318 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.18.0&cb=88833769449&lsavail=1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 20:17:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
auction
tlx.3lift.com/header/
19 B
525 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.18.0&referrer=https%3A%2F%2Fwww.notateslaapp.com%2F&tmax=2800&us_privacy=1---
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.146.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-146-96.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:31 GMT
accept-ch
sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height
x-auction-status
12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
arj
cafemedia-d.openx.net/w/1.0/
190 B
199 B
XHR
General
Full URL
https://cafemedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.notateslaapp.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=6263a8ae-5a75-4f0e-b4bf-a962ccfaf634&nocache=1670357851515&scsm=cafemedia.com%2F6%3A1&us_privacy=1---&pubcid=996b3fe4-cfc2-4673-b5fd-f5099e120d17&schain=1.0%2C1!cafemedia.com%2C6086f736fa0c1f0c8270ab14%2C1%2C34285cd3-df71-4ff7-a4cd-5ea27710c400%2C%2C&aus=300x250%2C300x600%2C320x50%2C160x600%2C300x1050%2C300x50%2C320x100%2C250x250%2C1x1%2C300x420&divids=AdThrive_Sidebar_9_desktop&aucs=%252F18190176%252FAdThrive_Sidebar_9%252F6086f736fa0c1f0c8270ab14&auid=538699861&tps=c2Vucz1hbGMsYXN0LGNiZCxjb25sLGNvc20sZGF0LGRsdSxkcmcsZ2FtYyxnYW12LGdycSxwb2wscmVsLHNzdCxzc3Isc3JoLHNrZSx0b2Isd3RsJmJ1Y2tldD1iZXRhMTpvdnJkJmhpX2F1PQ%3D%3D&aumfs=370
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
7905e13c18e491cc9b48acde1cf12995b5c22fe26f5e7528a0d54c9960c91bc4

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:31 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
176
expires
Mon, 26 Jul 1997 05:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/
62 B
93 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d00177771bcae21c6941d30023&pos=8a969d580177771bc13c2045ff6b0080&cmd=bid&sens=alc%2Cast%2Ccbd%2Cconl%2Ccosm%2Cdat%2Cdlu%2Cdrg%2Cgamc%2Cgamv%2Cgrq%2Cpol%2Crel%2Csst%2Cssr%2Csrh%2Cske%2Ctob%2Cwtl&secure=1&us_privacy=1---
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
26cdf415d828499005a5db9764380141283134a280ef3a78a65d3c2f6ac16807

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 20:17:31 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/
62 B
93 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d00177771bcae21c6941d30023&pos=8a96918c0177771bc6522043c8540090&cmd=bid&sens=alc%2Cast%2Ccbd%2Cconl%2Ccosm%2Cdat%2Cdlu%2Cdrg%2Cgamc%2Cgamv%2Cgrq%2Cpol%2Crel%2Csst%2Cssr%2Csrh%2Cske%2Ctob%2Cwtl&secure=1&us_privacy=1---
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
d25e9a5d3ea0ed39f13fd80e5cd68879bdd36f5d291a7679f43e4318d2341721

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 20:17:31 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/
62 B
93 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d00177771bcae21c6941d30023&pos=8a969d580177771bc13c2044ea91007d&cmd=bid&sens=alc%2Cast%2Ccbd%2Cconl%2Ccosm%2Cdat%2Cdlu%2Cdrg%2Cgamc%2Cgamv%2Cgrq%2Cpol%2Crel%2Csst%2Cssr%2Csrh%2Cske%2Ctob%2Cwtl&secure=1&us_privacy=1---
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
be18976d038b1e00f25afeecabf058c70ea559738f950d2cf11b390bc583cac2

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 20:17:31 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/
62 B
93 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d00177771bcae21c6941d30023&pos=8a96918c0177771bc6521c6b5f4e003f&cmd=bid&sens=alc%2Cast%2Ccbd%2Cconl%2Ccosm%2Cdat%2Cdlu%2Cdrg%2Cgamc%2Cgamv%2Cgrq%2Cpol%2Crel%2Csst%2Cssr%2Csrh%2Cske%2Ctob%2Cwtl&secure=1&us_privacy=1---
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
2fe09af5cea02994b7a6ced4a78a7a171580e960222ec42ab84f12ad4e52d710

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 20:17:31 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
content-length
62
translator
hbopenbid.pubmatic.com/
0
63 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mail.notateslaapp.com
date
Tue, 06 Dec 2022 20:17:31 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/
756 B
791 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9262&site_id=180726&zone_id=881478&size_id=15&alt_size_ids=9%2C10%2C14%2C43%2C44%2C54%2C117%2C221&us_privacy=1---&rp_schain=1.0,1!cafemedia.com,6086f736fa0c1f0c8270ab14,1,34285cd3-df71-4ff7-a4cd-5ea27710c400,,&eid_pubcid.org=996b3fe4-cfc2-4673-b5fd-f5099e120d17%5E1&rf=https%3A%2F%2Fwww.notateslaapp.com%2F&tg_i.iab=1&tg_i.site_code=AFOI_2020%2CCNST_2021%2CDDIG_21%2CDEOI_2021%2CDSVR_2021%2CEXHFCE_2021%2CFBSL_2022%2CGCREF%2CGLDM_2021%2CHRSHW_2022%2CMSFTA_2022%2CNSTLE_22%2CSF_RN_122019%2CTGNAF_21%2CTRGT_022020%2CTYTA_22%2CVITFM_21&tg_i.site_id=6086f736fa0c1f0c8270ab14&tg_i.sens=alc%2Cast%2Ccbd%2Cconl%2Ccosm%2Cdat%2Cdlu%2Cdrg%2Cgamc%2Cgamv%2Cgrq%2Cpol%2Crel%2Csst%2Cssr%2Csrh%2Cske%2Ctob%2Cwtl&tg_i.verticals=Auto%2CTech&tg_i.pmp_elig=true&tg_i.mcmp=iabc_1&tg_i.refresh=false&tg_i.vp=0&tg_i.pbadslot=%2F18190176%2FAdThrive_Sidebar_9%2F6086f736fa0c1f0c8270ab14&tk_flint=pbjs_lite_v7.18.0&x_source.tid=6263a8ae-5a75-4f0e-b4bf-a962ccfaf634&l_pb_bid_id=234aa4bc92252a63&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.37&rp_maxbids=1&p_gpid=%2F18190176%2FAdThrive_Sidebar_9%2F6086f736fa0c1f0c8270ab14&slots=1&rand=0.06130450756378503
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
fdc4047ec4e20637064789f6849ccd09e2ce1c27bbf63ae07e3cfd5f936467c8

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:31 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
756
expires
Wed, 17 Sep 1975 21:32:10 GMT
bidRequest
c2shb.pubgw.yahoo.com/
66 B
97 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
c453051f5681e2252a535518950ed9ee47a6bc42b0419bbbeda51f4fbf8b0f00

Request headers

Referer
https://mail.notateslaapp.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 06 Dec 2022 20:17:31 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/
66 B
97 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
83e7e1b9a3e40e3e23facc9dc63bd6fe9dfdbd8bc65ce528c7de32492e20f121

Request headers

Referer
https://mail.notateslaapp.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 06 Dec 2022 20:17:31 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/
66 B
97 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
03b6c2614512cf2c9e211603695dfd3934688b42d44563ea116b34263aafa81a

Request headers

Referer
https://mail.notateslaapp.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 06 Dec 2022 20:17:31 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/
66 B
97 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
87b746d43f5e28bbb73946f9289d74f6fa5c98b07e1688ae6c38993352084e82

Request headers

Referer
https://mail.notateslaapp.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 06 Dec 2022 20:17:31 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
content-length
66
prebid
ib.adnxs.com/ut/v3/
19 B
715 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.153 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:31 GMT
AN-X-Request-Uuid
2d32354b-772f-45de-b8fb-44b5a628bfe4
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mail.notateslaapp.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
38.132.118.73; 38.132.118.73; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
btlr.sharethrough.com/universal/
647 B
934 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.56.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-56-171.compute-1.amazonaws.com
Software
/
Resource Hash
dc63c0251c229d9875924c94e7f83b32ee77aa2551b485c9e4898475cc1f743d

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 06 Dec 2022 20:17:31 GMT
content-encoding
gzip
x-openrtb-version
2.5
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://mail.notateslaapp.com
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
388
v1
btlr.sharethrough.com/universal/
0
263 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.56.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-56-171.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:31 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/
0
263 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.56.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-56-171.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:31 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/
0
263 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.56.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-56-171.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:31 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/
0
263 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.56.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-56-171.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:31 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/
871 B
1 KB
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.56.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-56-171.compute-1.amazonaws.com
Software
/
Resource Hash
d510f69a0ebf254a395d4e331d242ac398497babb08413db0a2f8d1b95cceef2

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 06 Dec 2022 20:17:31 GMT
content-encoding
gzip
x-openrtb-version
2.5
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://mail.notateslaapp.com
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
499
cafemedia
direct.adsrvr.org/bid/bidder/
0
405 B
XHR
General
Full URL
https://direct.adsrvr.org/bid/bidder/cafemedia
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.250.166.129 , United States, ASN26459 (TTD-ASN-01, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 20:17:31 GMT
x-openrtb-version
2.3
server
Kestrel
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
/
colossusssp.com/
2 B
248 B
XHR
General
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.111.123 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:31 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
hb
hb.undertone.com/
0
798 B
XHR
General
Full URL
https://hb.undertone.com/hb?pid=2002&domain=notateslaapp.com&ccpa=1---
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.39.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-39-80.iad89.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:31 GMT
via
1.1 6bc1c280aeef9bbdeb102c7f4e4f773e.cloudfront.net (CloudFront)
server
istio-envoy
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
IAD89-C1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
228
x-amz-cf-id
fLM1Vlm8BOuN-r84L7vedW583X5vXAHQXftO5NiWGc4K9xD5XIjcPg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
amzns2s
rtb.gumgum.com/usync/ Frame 5B21
4 KB
2 KB
Document
General
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.163.73.10 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-163-73-10.compute-1.amazonaws.com
Software
nginx /
Resource Hash
7179d659049d922bc40c68542957a93bc3f87a4c5405f9e0f55a5b30ae12071f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Tue, 06 Dec 2022 20:17:33 GMT
etag
W/"0d90f3128f09ff174579d4337fc779b34"
server
nginx
timing-allow-origin
*
usermatch
ssum-sec.casalemedia.com/ Frame D42A
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
1 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef0e3544088abb1a74d7fa41110081eae53d5cabb0f57d5cc8b9184aa8e24e20

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7757b4a51c2167c9-MIA
content-encoding
br
content-type
text/html
date
Tue, 06 Dec 2022 20:17:33 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iHfYVciWSMDHBEL7q%2F%2B%2F3gt319kfvaYt4FacE5%2FNNmfhmxZayby8N13v51CJKGLDFePPjwBClYowuh01RMAzZbj0u2JJ2hwvGuIM%2BStmydG7ZmTNX1p9fZnuw6YXvUgN4NMAc2u9VMeG2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7757b49d69d58da3-MIA
content-length
0
date
Tue, 06 Dec 2022 20:17:31 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KUTh1aUdrG7povhypaUpKugCdyfJrA1Q3oPMZTCahFfvQ7x5BWS%2FrCeS5BVNYGffN6U84UAfYcZjcdOJBz%2BS1UDRjkEW9KAySCFff0rz1jWsqxt8Fa8al2xrwTs1Hpi8PLuap7ctFoJkCg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
match.sharethrough.com/jwumXNuB/v1/ Frame C6C7
427 B
612 B
Document
General
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.92.113.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-113-255.compute-1.amazonaws.com
Software
/
Resource Hash
6102575cd8e8cbd2045f9724a09f80f682ec8e8427fc87ddb0e636816a577628

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
427
date
Tue, 06 Dec 2022 20:17:33 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7D33
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.221.203.12 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-203-12.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157725
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 06 Dec 2022 20:17:33 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 08 Dec 2022 16:06:18 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
tamptsync
sync-amz.ads.yieldmo.com/ Frame 5A51
1022 B
819 B
Document
General
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.97.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-97-218.compute-1.amazonaws.com
Software
/
Resource Hash
8efe12be22edf21c5bc20df9f3a7d3ac035efd730aeeafcbc8f2ef927bb8ee00

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Tue, 06 Dec 2022 20:17:33 GMT
pragma
no-cache
vary
accept-encoding
usync.html
eus.rubiconproject.com/ Frame D5E6
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.3.115.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-115-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 06 Dec 2022 20:17:33 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame 10D4
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1RSW9sYlpwRTJ1Sy5OWU15SnM3cU1uN3M1aTlOVHl0d35B
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1RSW9sYlpwRTJ1Sy5OWU15SnM3cU1uN3M1aTlOVHl0d35B
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 06 Dec 2022 20:17:33 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
09Z3RY8C0YEKFN0EGTHJ

Redirect headers

age
0
content-length
0
date
Tue, 06 Dec 2022 20:17:33 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1RSW9sYlpwRTJ1Sy5OWU15SnM3cU1uN3M1aTlOVHl0d35B
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
cm
u.openx.net/w/1.0/ Frame 6C1C
722 B
770 B
Document
General
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
27257680e58829bb8a0efc80c3d078a9896f472dbea21df5b599f6bac085eeb7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
459
content-type
text/html
date
Tue, 06 Dec 2022 20:17:31 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame 1B19
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=630481314781216515&ex=appnexus.com
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=630481314781216515&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 06 Dec 2022 20:17:33 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
H7GG34WVDFF135ZSZRQD

Redirect headers

AN-X-Request-Uuid
4f3139fd-8721-4446-82f5-97ed5cafc1c8
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Tue, 06 Dec 2022 20:17:32 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://s.amazon-adsystem.com/ecm3?id=630481314781216515&ex=appnexus.com
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
38.132.118.73; 38.132.118.73; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
ecm3
s.amazon-adsystem.com/ Frame D46D
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3483547462859989278829
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3483547462859989278829
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 06 Dec 2022 20:17:33 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
X54QNAZXJQQ3QASVWEYR

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Tue, 06 Dec 2022 20:17:33 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3483547462859989278829
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ads
securepubads.g.doubleclick.net/gampad/
68 KB
14 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1113482156589776&correlator=2329018613278027&eid=31070873%2C31071149&output=ldjh&gdfp_req=1&vrg=2022120101&ptt=17&impl=fifs&us_privacy=1---&tfcd=0&iu_parts=18190176%3A22569774571%2CAdThrive_Header_1%2C6086f736fa0c1f0c8270ab14&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C728x90%7C320x50%7C970x250%7C970x90%7C300x50%7C320x100%7C468x60%7C1x1%7C728x250&fluid=height&ifi=2&adks=1601962022&didk=803891078&sfv=1-0-40&fsbs=1&prev_scp=location%3DHeader%26sequence%3D1%26id%3DAdThrive_Header_1_desktop%26lazy%3Dfalse%26refresh%3D00%26nref%3D0%26hvp%3D50%26inf_scroll%3D1%26amznbid%3D138wa9s%26amznp%3D16d9pts%26amzniid%3DJNqaVWCuL8oarlkFLSHlY3kAAAGE6RYVxAEAAAJYAQBOL0EgICAgICAgICAgICBOL0EgICAgICAgICAgICA_-igz%26amznsz%3D728x90%26flag_slot%3Dfv%253A0%2Chbf%253A0&eri=5&cust_params=flag%3Dtarget%253Aes2018%252Cadsmnche%253A466%252Cpmp_elig%253A1%252Cclson%253Afalse%252CclsBranch%253A%252CclsBucket%253A%252Clmdv%253A1.13.0%252Cidp%253Ash%252Crf%253A0%26siteId%3D6086f736fa0c1f0c8270ab14%26organizationId%3D6233884d998a8b7088d720e4%26siteName%3DTesla%2520Software%2520Updates%26verticals%3DAuto%252CTech%26abgroup%3Dwvtls%253Aon%252Ctpcapi%253Aon%252Camzn_hold_load%253Aoff%252Cflr%253Arubi%252Cflrdt%253Anone%252Cclsins_ss%253Atrue%252Cebho%253Ayieldmo_ebda%252Cloglevel%253Aoff%252Cidho%253Aoff%252Clzhb%253Aon%252Clzcvp%253A2%252Clzbpvp%253A0.75%252Ctripleliftdr%253Aboth%252Cmagnitedr%253Aclient%252Cpbs2s_appnexus%253Aoff%252Cpbs2s_grid%253Aon%252Cpbs2s_gumgum%253Aoff%252Cpbs2s_openx%253Aoff%252Cadt%253A0%252Cito_ds%253A2800%252C3pho%253Anone%252Cvebho%253Amedianet_ebda%252Ccbt%253A0s%252Cvast_to%253A10s%252Cproto%253Aall%252Cpbm%253Aon%252CreqTo%253A10%252Cvadv%253Aon%252Csmhd100%253Aoff%252Csmad300%253Aon%252Cdcsll%253Aoff%252Cjwb%253Aon%252Cs2sbuff%253A300%252Ccoldr%253Aboth%252Crmos1%253Aoff%252Csocon%253A0%252Cdco%253Arelaxed%252Cmxrpog%253A5%252Cdajto%253Aoff%252Cvpred_1%253A90%252Ccrtvmon%253Aoff%252Cpba%253Anone%252Camzn_hold_disp%253Aoff%252Cbmetrics%253Aon%252Cconfiant%253Aprod%252Ccnfep%253Aon%252Crefvidflr%253A1%252Csocbe%253Asovpct2%252Clogcls%253Aoff%252Crebuildslot%253Aon%252Cupl%253Aoff%252Csekho%253Aoff%252Csospp%253Aon%252Crmosnv1%253Aoff%26bucket%3Dbeta1%253Aovrd%26sens%3Dalc%252Cast%252Ccbd%252Cconl%252Ccosm%252Cdat%252Cdlu%252Cdrg%252Cgamc%252Cgamv%252Cgrq%252Cpol%252Crel%252Csst%252Cssr%252Csrh%252Cske%252Ctob%252Cwtl%26domain%3Dmail.notateslaapp.com%26plugin%3Dadthrive-ads-1.0.43-manual%26hi_au%3Dod%252Com%26vpwxvph%3D1600x1200%26ri%3D38%26pvk%3D01GKMHC4ACP2NW24G3NES42JG8%26sess%3D01GKMHC4AC8WZPTG7R81MC0H70%26branch%3Db1d93de%26deployment%3Dade-454%253Apr2851%253Abeta1%253Ab1d93de%253Aexp%26hbho%3Dconversant%252Cnativo%26vbho%3Dtelaria%26gptv%3D2022120101%26connection%3Dniet%253A4g%252Cdl%253A9.9%26fpv%3D1%26mcmp%3Diabc_1%26site_code%3DAFOI_2020%252CCNST_2021%252CDDIG_21%252CDEOI_2021%252CDSVR_2021%252CEXHFCE_2021%252CFBSL_2022%252CGCREF%252CGLDM_2021%252CHRSHW_2022%252CMSFTA_2022%252CNSTLE_22%252CSF_RN_122019%252CTGNAF_21%252CTRGT_022020%252CTYTA_22%252CVITFM_21%26marmalade%3Dtrue&sc=1&cookie_enabled=1&abxe=1&dt=1670357851726&dlt=1670357846833&idt=1993&adxs=436&adys=150&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fmail.notateslaapp.com%2F&frm=20&vis=1&psz=1600x7290&msz=1600x90&fws=0&ohw=0&ga_vid=355545597.1670357848&ga_sid=1670357851&ga_hid=1721253892&ga_fc=true&cbidsp=CrsECAESEQoIdHJpcGxfc3MQ5AIgAjgCEg0KBGdyaWQQ5AIgAjgCEhMKCmJyaWdodHJvbGwQ5AIgAjgCEhAKB3B1Ym1fc3MQ5AIgAjgCEhAKB3lpZWxkbW8Q5AIgAjgCEhEKCDMzYWNyb3NzEOQCIAI4AhIPCgZ1bnJ1bHkQ5AIgAjgCEg8KBmNvbF9zcxDkAiACOAISDAoFdGVhZHMQ5QIgAhIJCgJpeBDlAiACEgkKAml4EOYCIAISCQoCaXgQ5gIgAhIJCgJpeBDmAiACEgkKAml4EOYCIAISCQoCaXgQ5gIgAhILCgVrYXJnbxBrIAISDAoGY3JpdGVvEGsgAhIQCgp0cmlwbGVsaWZ0EF8gAhIMCgVvcGVueBDOAiACEg4KB3Zlcml6b24QtwEgAhIPCghwdWJtYXRpYxC4ASACEg4KB3J1Ymljb24QhQQgAhIPCgh5YWhvb3NzcBDMAiACEg8KCGFwcG5leHVzEJoBIAISEwoMc2hhcmV0aHJvdWdoEIsBIAISEwoMc2hhcmV0aHJvdWdoEIsBIAISEwoMc2hhcmV0aHJvdWdoEIsBIAISEwoMc2hhcmV0aHJvdWdoEIwBIAISEwoMc2hhcmV0aHJvdWdoEIwBIAISCgoDdHRkEI0BIAISDwoIY29sb3NzdXMQiwIgAhIQCgl1bmRlcnRvbmUQ8BUgAxgCIiQ3YzE1YmY0MC04NDdiLTQ0YWMtODExNi1kZjlhODMwZjVhZjQqBAgDIABKAEDEEw..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
13758fdece627c8f82163b617a1048e72c6393c7a34754f33342cb30cd4888f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14050
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
eb2.3lift.com/ Frame 928D
Redirect Chain
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26accoun...
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26accoun...
1 KB
2 KB
Document
General
Full URL
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D%24UID&ld=1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
df59d32b011719d3717d95781f58fd07f14f01770f4ba8d05589148dd37da66a

Request headers

Referer
https://mail.notateslaapp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1308
content-type
text/html; charset=utf-8
date
Tue, 06 Dec 2022 20:17:33 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Tue, 06 Dec 2022 20:17:32 GMT
location
/sync?gdpr=&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D%24UID&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ads
securepubads.g.doubleclick.net/gampad/
30 KB
13 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1113482156589776&correlator=416860311267248&eid=31070873%2C31071149&output=ldjh&gdfp_req=1&vrg=2022120101&ptt=17&impl=fifs&us_privacy=1---&tfcd=0&iu_parts=18190176%3A22569774571%2CAdThrive_Sidebar_2%2C6086f736fa0c1f0c8270ab14&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C320x50%7C300x50%7C320x100%7C250x250%7C1x1&fluid=height&ifi=3&adks=1631033190&didk=2880680132&sfv=1-0-40&fsbs=1&prev_scp=location%3DSidebar%26sequence%3D2%26id%3DAdThrive_Sidebar_2_desktop%26lazy%3Dfalse%26refresh%3D00%26nref%3D0%26hvp%3D50%26inf_scroll%3D1%26amznbid%3D2%26amznp%3D2%26flag_slot%3Dfv%253As%2Chbf%253A0%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D300x250%26hb_pb_rubicon%3D0.05%26hb_adid_rubicon%3D512e8467185a248%26hb_adomain%3Doceanbank.com%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.05%26hb_adid%3D512e8467185a248%26hb_bidder%3Drubicon&eri=5&cust_params=flag%3Dtarget%253Aes2018%252Cadsmnche%253A466%252Cpmp_elig%253A1%252Cclson%253Afalse%252CclsBranch%253A%252CclsBucket%253A%252Clmdv%253A1.13.0%252Cidp%253Ash%252Crf%253A0%26siteId%3D6086f736fa0c1f0c8270ab14%26organizationId%3D6233884d998a8b7088d720e4%26siteName%3DTesla%2520Software%2520Updates%26verticals%3DAuto%252CTech%26abgroup%3Dwvtls%253Aon%252Ctpcapi%253Aon%252Camzn_hold_load%253Aoff%252Cflr%253Arubi%252Cflrdt%253Anone%252Cclsins_ss%253Atrue%252Cebho%253Ayieldmo_ebda%252Cloglevel%253Aoff%252Cidho%253Aoff%252Clzhb%253Aon%252Clzcvp%253A2%252Clzbpvp%253A0.75%252Ctripleliftdr%253Aboth%252Cmagnitedr%253Aclient%252Cpbs2s_appnexus%253Aoff%252Cpbs2s_grid%253Aon%252Cpbs2s_gumgum%253Aoff%252Cpbs2s_openx%253Aoff%252Cadt%253A0%252Cito_ds%253A2800%252C3pho%253Anone%252Cvebho%253Amedianet_ebda%252Ccbt%253A0s%252Cvast_to%253A10s%252Cproto%253Aall%252Cpbm%253Aon%252CreqTo%253A10%252Cvadv%253Aon%252Csmhd100%253Aoff%252Csmad300%253Aon%252Cdcsll%253Aoff%252Cjwb%253Aon%252Cs2sbuff%253A300%252Ccoldr%253Aboth%252Crmos1%253Aoff%252Csocon%253A0%252Cdco%253Arelaxed%252Cmxrpog%253A5%252Cdajto%253Aoff%252Cvpred_1%253A90%252Ccrtvmon%253Aoff%252Cpba%253Anone%252Camzn_hold_disp%253Aoff%252Cbmetrics%253Aon%252Cconfiant%253Aprod%252Ccnfep%253Aon%252Crefvidflr%253A1%252Csocbe%253Asovpct2%252Clogcls%253Aoff%252Crebuildslot%253Aon%252Cupl%253Aoff%252Csekho%253Aoff%252Csospp%253Aon%252Crmosnv1%253Aoff%26bucket%3Dbeta1%253Aovrd%26sens%3Dalc%252Cast%252Ccbd%252Cconl%252Ccosm%252Cdat%252Cdlu%252Cdrg%252Cgamc%252Cgamv%252Cgrq%252Cpol%252Crel%252Csst%252Cssr%252Csrh%252Cske%252Ctob%252Cwtl%26domain%3Dmail.notateslaapp.com%26plugin%3Dadthrive-ads-1.0.43-manual%26hi_au%3Dod%252Com%26vpwxvph%3D1600x1200%26ri%3D38%26pvk%3D01GKMHC4ACP2NW24G3NES42JG8%26sess%3D01GKMHC4AC8WZPTG7R81MC0H70%26branch%3Db1d93de%26deployment%3Dade-454%253Apr2851%253Abeta1%253Ab1d93de%253Aexp%26hbho%3Dconversant%252Cnativo%26vbho%3Dtelaria%26gptv%3D2022120101%26connection%3Dniet%253A4g%252Cdl%253A9.9%26fpv%3D1%26mcmp%3Diabc_1%26site_code%3DAFOI_2020%252CCNST_2021%252CDDIG_21%252CDEOI_2021%252CDSVR_2021%252CEXHFCE_2021%252CFBSL_2022%252CGCREF%252CGLDM_2021%252CHRSHW_2022%252CMSFTA_2022%252CNSTLE_22%252CSF_RN_122019%252CTGNAF_21%252CTRGT_022020%252CTYTA_22%252CVITFM_21%26marmalade%3Dtrue&sc=1&cookie_enabled=1&abxe=1&dt=1670357851877&dlt=1670357846833&idt=1993&adxs=1110&adys=350&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fmail.notateslaapp.com%2F&frm=20&vis=1&psz=300x7075&msz=300x250&fws=0&ohw=0&ga_vid=355545597.1670357848&ga_sid=1670357851&ga_hid=1721253892&ga_fc=true&cbidsp=CtwECAESEQoIdHJpcGxfc3MQuwQgAjgCEg0KBGdyaWQQuwQgAjgCEhMKCmJyaWdodHJvbGwQuwQgAjgCEhAKB3B1Ym1fc3MQuwQgAjgCEhAKB3lpZWxkbW8QuwQgAjgCEhEKCDMzYWNyb3NzELsEIAI4AhIPCgZ1bnJ1bHkQuwQgAjgCEg8KBmNvbF9zcxC7BCACOAISDAoFdGVhZHMQngQgAhIJCgJpeBDYASACEgkKAml4ENgBIAISDAoFa2FyZ28QkAQgAhINCgZjcml0ZW8QmwIgAhIRCgp0cmlwbGVsaWZ0ELcBIAISDAoFb3BlbngQ3QMgAhIPCghwdWJtYXRpYxDeAyACErQBCgdydWJpY29uEO0DGqMBCg81MTJlODQ2NzE4NWEyNDgQ0IYDGgNVU0QiCWhiX2JpZGRlciIHaGJfYWRpZCIFaGJfcGIiB2hiX3NpemUiCWhiX2Zvcm1hdCIKaGJfYWRvbWFpbiIPaGJfYWRpZF9ydWJpY29uIg1oYl9wYl9ydWJpY29uIg9oYl9zaXplX3J1Ymljb24iEWhiX2Zvcm1hdF9ydWJpY29uKAE6BgisAhD6ASABEg8KCGFwcG5leHVzEPIBIAISEwoMc2hhcmV0aHJvdWdoEOwBIAISEwoMc2hhcmV0aHJvdWdoEOwBIAISEwoMc2hhcmV0aHJvdWdoEOwBIAISCgoDdHRkEOwBIAISDwoIY29sb3NzdXMQ9wEgAhgCIiQ5MTY3MjJjOC1hNmZkLTRlM2ItYWUwNS1iMTM3YWMxMWUzNTQqBAgDIABKAEDEEw..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
99f10729c15cf2cd689721db494021f8535a772dfc7916d189cee89abddc31ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12862
x-xss-protection
0
google-lineitem-id
5139771563
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138234767403
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/
281 B
468 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.89.34.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-89-34-248.compute-1.amazonaws.com
Software
/
Resource Hash
7667c6afa0557de2c13835cfed91554cfa9e4b54c4ba1fcd1319ef185996e434

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:33 GMT
content-encoding
gzip
x-prebid
pbs-java/1.105.0
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
230
expires
0
bid-request
a.teads.tv/hb/
16 B
393 B
XHR
General
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.200.33 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-33.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:32 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Tue, 06 Dec 2022 20:17:32 GMT
pbjs
htlb.casalemedia.com/openrtb/
38 B
505 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=404597&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%222733183c7d5b4459%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.notateslaapp.com%2F%3F%23PD%3Adesktop%23HVP%3A60%23Source%3Adirect%23Browser%3AChrome%23Topic%3AAuto%23Topic%3ATech%23MCMP%3Aiabc_1%23Sens%3Aalc%23Sens%3Aast%23Sens%3Acbd%23Sens%3Aconl%23Sens%3Acosm%23Sens%3Adat%23Sens%3Adlu%23Sens%3Adrg%23Sens%3Agamc%23Sens%3Agamv%23Sens%3Agrq%23Sens%3Apol%23Sens%3Arel%23Sens%3Asst%23Sens%3Assr%23Sens%3Asrh%23Sens%3Aske%23Sens%3Atob%23Sens%3Awtl%23vp%3A0%23AFOI_2020%3ATrue%23CNST_2021%3ATrue%23DDIG_21%3ATrue%23DEOI_2021%3ATrue%23DSVR_2021%3ATrue%23EXHFCE_2021%3ATrue%23FBSL_2022%3ATrue%23GCREF%3ATrue%23GLDM_2021%3ATrue%23HRSHW_2022%3ATrue%23MSFTA_2022%3ATrue%23NSTLE_22%3ATrue%23SF_RN_122019%3ATrue%23TGNAF_21%3ATrue%23TRGT_022020%3ATrue%23TYTA_22%3ATrue%23VITFM_21%3ATrue%22%2C%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22cafemedia.com%22%2C%22segment%22%3A%5B%7B%22id%22%3A%221%22%7D%5D%2C%22ext%22%3A%7B%22segtax%22%3A6%7D%7D%5D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A6%2C%22msi%22%3A6%2C%22mfu%22%3A1%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A1%2C%22ren%22%3Atrue%2C%22version%22%3A%227.18.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fmail.notateslaapp.com%2F%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A1%2C%22dms%22%3Atrue%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22%2F18190176%2FAdThrive_Content_1%2F6086f736fa0c1f0c8270ab14%22%2C%22adunitcode%22%3A%22AdThrive_Content_1_desktop%22%2C%22divId%22%3A%22AdThrive_Content_1_desktop%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22274e1ae54d458b61%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22404597%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22185761%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22404597%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22185761%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22404597%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22185761%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22404597%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22185761%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22404597%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A468%2C%22h%22%3A60%2C%22ext%22%3A%7B%22siteID%22%3A%22404597%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22404597%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A1%2C%22h%22%3A1%2C%22ext%22%3A%7B%22siteID%22%3A%22404597%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A300%2C%22ext%22%3A%7B%22siteID%22%3A%22404597%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A552%2C%22h%22%3A334%2C%22ext%22%3A%7B%22siteID%22%3A%22404597%22%2C%22fl%22%3A%22p%22%7D%7D%5D%2C%22pos%22%3A1%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F18190176%2FAdThrive_Content_1%2F6086f736fa0c1f0c8270ab14%22%2C%22gpid%22%3A%22%2F18190176%2FAdThrive_Content_1%2F6086f736fa0c1f0c8270ab14%22%2C%22tid%22%3A%22d386f25b-93c1-445d-8816-f375a25aa2aa%22%2C%22sid%22%3A%223_6%22%7D%2C%22bidfloor%22%3A0.3847%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22cafemedia.com%22%2C%22sid%22%3A%226086f736fa0c1f0c8270ab14%22%2C%22hp%22%3A1%2C%22rid%22%3A%2212317dbc-af2b-452d-bd62-96255db5d35a%22%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%7D%5D%7D%5D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0dfb677bfef2f3b6b9bd5c029f9895a4a0f68a380f7d2412b38802fa8a01a522

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jUFBOVOv7SKEeYrN6qunqjIRKB%2FQ4pdcQWFNyQ8RfDKqTsyrmNN3aXivbTj9Jpoodu90MNCVjorIsLwY88lKUW7hcsszZ1yb8R7MSAqTTNcgRWzcpviCRAjFvsphAPAj95ax2Jk7"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7757b49f2906b3bf-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38
expires
0
pbjs
htlb.casalemedia.com/openrtb/
38 B
511 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=404597&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%222733183c7d5b4459%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.notateslaapp.com%2F%3F%23PD%3Adesktop%23HVP%3A60%23Source%3Adirect%23Browser%3AChrome%23Topic%3AAuto%23Topic%3ATech%23MCMP%3Aiabc_1%23Sens%3Aalc%23Sens%3Aast%23Sens%3Acbd%23Sens%3Aconl%23Sens%3Acosm%23Sens%3Adat%23Sens%3Adlu%23Sens%3Adrg%23Sens%3Agamc%23Sens%3Agamv%23Sens%3Agrq%23Sens%3Apol%23Sens%3Arel%23Sens%3Asst%23Sens%3Assr%23Sens%3Asrh%23Sens%3Aske%23Sens%3Atob%23Sens%3Awtl%23vp%3A0%23AFOI_2020%3ATrue%23CNST_2021%3ATrue%23DDIG_21%3ATrue%23DEOI_2021%3ATrue%23DSVR_2021%3ATrue%23EXHFCE_2021%3ATrue%23FBSL_2022%3ATrue%23GCREF%3ATrue%23GLDM_2021%3ATrue%23HRSHW_2022%3ATrue%23MSFTA_2022%3ATrue%23NSTLE_22%3ATrue%23SF_RN_122019%3ATrue%23TGNAF_21%3ATrue%23TRGT_022020%3ATrue%23TYTA_22%3ATrue%23VITFM_21%3ATrue%22%2C%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22cafemedia.com%22%2C%22segment%22%3A%5B%7B%22id%22%3A%221%22%7D%5D%2C%22ext%22%3A%7B%22segtax%22%3A6%7D%7D%5D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A1%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A1%2C%22ren%22%3Atrue%2C%22version%22%3A%227.18.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fmail.notateslaapp.com%2F%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A1%2C%22dms%22%3Atrue%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22%2F18190176%2FAdThrive_Content_1%2F6086f736fa0c1f0c8270ab14%22%2C%22adunitcode%22%3A%22AdThrive_Content_1_desktop%22%2C%22divId%22%3A%22AdThrive_Content_1_desktop%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222859fbb0c9af7149%22%2C%22ext%22%3A%7B%22siteID%22%3A%22820298%22%2C%22sid%22%3A%223_6%22%2C%22tid%22%3A%22d386f25b-93c1-445d-8816-f375a25aa2aa%22%2C%22fl%22%3A%22p%22%2C%22gpid%22%3A%22%2F18190176%2FAdThrive_Content_1%2F6086f736fa0c1f0c8270ab14%22%7D%2C%22video%22%3A%7B%22playerSize%22%3A%5B%5B640%2C480%5D%5D%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%2C%22api%22%3A%5B2%5D%2C%22skip%22%3A0%2C%22pos%22%3A1%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%2C7%2C8%5D%2C%22linearity%22%3A1%2C%22minduration%22%3A0%2C%22maxduration%22%3A30%2C%22playbackmethod%22%3A%5B2%5D%2C%22placement%22%3A4%2C%22w%22%3A640%2C%22h%22%3A480%7D%2C%22bidfloor%22%3A0.3847%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22cafemedia.com%22%2C%22sid%22%3A%226086f736fa0c1f0c8270ab14%22%2C%22hp%22%3A1%2C%22rid%22%3A%2212317dbc-af2b-452d-bd62-96255db5d35a%22%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%7D%5D%7D%5D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0dfb677bfef2f3b6b9bd5c029f9895a4a0f68a380f7d2412b38802fa8a01a522

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6IbJQgFzjXmSLzXF0BgVPgFm7tIp6d1OxQFaAQVEkwiSNOY6qkO3O4KJ34TXZBBFxRxbHqLYrjMqxOewzPzweb%2BvBCQhlSnr%2F4rdniPdbx8eMaUvC8Cr%2BnPoYPetAiGhRT%2BIcuPJ"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7757b49f2908b3bf-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38
expires
0
bid
krk.kargo.com/api/v2/
2 B
656 B
XHR
General
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%2264aa31a5-eca6-4058-bd8c-7b39543aa4ad%22%2C%22requestCount%22%3A4%2C%22timeout%22%3A2800%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1670357851994%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%2228772df78331dbd%22%3A%22_mfu14jCkaN%22%7D%2C%22bidSizes%22%3A%7B%2228772df78331dbd%22%3A%5B%5B300%2C250%5D%2C%5B320%2C50%5D%2C%5B336%2C280%5D%2C%5B300%2C50%5D%2C%5B320%2C100%5D%2C%5B468%2C60%5D%2C%5B250%2C250%5D%2C%5B1%2C1%5D%2C%5B300%2C300%5D%2C%5B552%2C334%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_mfu14jCkaN%22%7D%2C%22auctionId%22%3A%225f49fcc2-9912-49d5-a4c1-a3f91aeeaab9%22%2C%22floorData%22%3A%7B%22skipped%22%3Afalse%2C%22skipRate%22%3A10%2C%22modelVersion%22%3A%22cw-cafemedia%402022-12-05-20%22%2C%22modelWeight%22%3A70%2C%22modelTimestamp%22%3A1670270400%2C%22location%22%3A%22setConfig%22%2C%22floorProvider%22%3A%22rubicon%22%7D%2C%22userId%22%3A%7B%22pubcid%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%7D%2C%22userIdAsEids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%2C%22atype%22%3A1%7D%5D%7D%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22data%22%3A%7B%22pos%22%3A%22atf%22%2C%22adserver%22%3A%7B%22name%22%3A%22gam%22%2C%22adslot%22%3A%22%2F18190176%2FAdThrive_Content_1%2F6086f736fa0c1f0c8270ab14%22%7D%2C%22pbadslot%22%3A%22%2F18190176%2FAdThrive_Content_1%2F6086f736fa0c1f0c8270ab14%22%7D%2C%22tid%22%3A%22d386f25b-93c1-445d-8816-f375a25aa2aa%22%2C%22gpid%22%3A%22%2F18190176%2FAdThrive_Content_1%2F6086f736fa0c1f0c8270ab14%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B320%2C50%5D%2C%5B336%2C280%5D%2C%5B300%2C50%5D%2C%5B320%2C100%5D%2C%5B468%2C60%5D%2C%5B250%2C250%5D%2C%5B1%2C1%5D%2C%5B300%2C300%5D%2C%5B552%2C334%5D%5D%2C%22pos%22%3A1%7D%2C%22video%22%3A%7B%22playerSize%22%3A%5B%5B640%2C480%5D%5D%2C%22context%22%3A%22outstream%22%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%2C%22api%22%3A%5B2%5D%2C%22skip%22%3A0%2C%22pos%22%3A1%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%2C7%2C8%5D%2C%22linearity%22%3A1%2C%22minduration%22%3A0%2C%22maxduration%22%3A30%2C%22playbackmethod%22%3A%5B2%5D%2C%22renderer%22%3A%7B%22url%22%3A%22https%3A%2F%2Facdn.adnxs.com%2Fvideo%2Foutstream%2FANOutstreamVideo.js%22%2C%22backupOnly%22%3Atrue%7D%7D%7D%2C%22adUnitCode%22%3A%22AdThrive_Content_1_desktop%22%2C%22transactionId%22%3A%22d386f25b-93c1-445d-8816-f375a25aa2aa%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B320%2C50%5D%2C%5B336%2C280%5D%2C%5B300%2C50%5D%2C%5B320%2C100%5D%2C%5B468%2C60%5D%2C%5B250%2C250%5D%2C%5B1%2C1%5D%2C%5B300%2C300%5D%2C%5B552%2C334%5D%5D%2C%22bidId%22%3A%2228772df78331dbd%22%2C%22bidderRequestId%22%3A%22286f4ea9fbad1d49%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22userId.init.gdpr%22%3A%5B0.09999942779541016%5D%2C%22userId.mod.init%22%3A%5B0.6999998092651367%2C1.6000003814697266%2C0.20000076293945312%2C0%2C3.6999998092651367%2C0.09999942779541016%2C0.8000001907348633%5D%2C%22userId.mods.connectId.init%22%3A%5B0.6999998092651367%5D%2C%22userId.mods.criteo.init%22%3A%5B1.6000003814697266%5D%2C%22userId.mods.id5Id.init%22%3A%5B0.20000076293945312%5D%2C%22userId.mods.identityLink.init%22%3A%5B0%5D%2C%22userId.mods.sharedId.init%22%3A%5B3.6999998092651367%5D%2C%22userId.mods.unifiedId.init%22%3A%5B0.09999942779541016%5D%2C%22userId.mods.fabrickId.init%22%3A%5B0.8000001907348633%5D%2C%22userId.init.modules%22%3A%5B9.5%5D%2C%22requestBids.usp%22%3A0.19999980926513672%2C%22requestBids.priceFloors%22%3A0.9000005722045898%2C%22requestBids.userId%22%3A0.8999996185302734%2C%22requestBids.validate%22%3A4.600000381469727%2C%22requestBids.makeRequests%22%3A17.90000057220459%2C%22adapter.client.validate%22%3A0%2C%22adapters.client.kargo.validate%22%3A0%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22cafemedia.com%22%2C%22segment%22%3A%5B%7B%22id%22%3A%221%22%7D%5D%2C%22ext%22%3A%7B%22segtax%22%3A6%7D%7D%5D%7D%7D%7D%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22cafemedia.com%22%2C%22sid%22%3A%226086f736fa0c1f0c8270ab14%22%2C%22hp%22%3A1%2C%22rid%22%3A%2212317dbc-af2b-452d-bd62-96255db5d35a%22%7D%5D%7D%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%2C%22usp%22%3A%221---%22%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.notateslaapp.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.108.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-108-184.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:32 GMT
Content-Encoding
gzip
X-Accel-Expires
0
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://mail.notateslaapp.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
26
Expires
Thu, 01 Jan 1970 00:00:00 UTC
auction
tlx.3lift.com/header/
19 B
525 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.18.0&referrer=https%3A%2F%2Fwww.notateslaapp.com%2F&tmax=2800&us_privacy=1---
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.146.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-146-96.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:32 GMT
accept-ch
sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version
x-auction-status
12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
arj
cafemedia-d.openx.net/w/1.0/
190 B
198 B
XHR
General
Full URL
https://cafemedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.notateslaapp.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=d386f25b-93c1-445d-8816-f375a25aa2aa&nocache=1670357852025&scsm=cafemedia.com%2F6%3A1&us_privacy=1---&pubcid=996b3fe4-cfc2-4673-b5fd-f5099e120d17&schain=1.0%2C1!cafemedia.com%2C6086f736fa0c1f0c8270ab14%2C1%2C12317dbc-af2b-452d-bd62-96255db5d35a%2C%2C&aus=300x250%2C320x50%2C336x280%2C300x50%2C320x100%2C468x60%2C250x250%2C1x1%2C300x300%2C552x334&divids=AdThrive_Content_1_desktop&aucs=%252F18190176%252FAdThrive_Content_1%252F6086f736fa0c1f0c8270ab14&auid=538699864&tps=c2Vucz1hbGMsYXN0LGNiZCxjb25sLGNvc20sZGF0LGRsdSxkcmcsZ2FtYyxnYW12LGdycSxwb2wscmVsLHNzdCxzc3Isc3JoLHNrZSx0b2Isd3RsJmJ1Y2tldD1iZXRhMTpvdnJkJmhpX2F1PWludGVyc2Nyb2xsZXIsbWluaXNjcm9sbGVy&aumfs=370
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
06afbe95f7fe4c40349749b304ff11518d63881145b4c57eca68cb44b562de79

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:32 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
175
expires
Mon, 26 Jul 1997 05:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/
62 B
283 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d00177771bcae21c6941d30023&pos=8a969d580177771bc13c20458198007e&cmd=bid&sens=alc%2Cast%2Ccbd%2Cconl%2Ccosm%2Cdat%2Cdlu%2Cdrg%2Cgamc%2Cgamv%2Cgrq%2Cpol%2Crel%2Csst%2Cssr%2Csrh%2Cske%2Ctob%2Cwtl&secure=1&us_privacy=1---
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
132fa7d064d1993dd8c6e04569b3cafd75facc71cab6ee8ab866fd5d3fce9127

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 20:17:32 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
content-length
62
translator
hbopenbid.pubmatic.com/
0
63 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mail.notateslaapp.com
date
Tue, 06 Dec 2022 20:17:32 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/
764 B
822 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9262&site_id=180726&zone_id=881398&size_id=15&alt_size_ids=1%2C14%2C16%2C43%2C44%2C48%2C117%2C221&p_pos=atf&us_privacy=1---&rp_schain=1.0,1!cafemedia.com,6086f736fa0c1f0c8270ab14,1,12317dbc-af2b-452d-bd62-96255db5d35a,,&eid_pubcid.org=996b3fe4-cfc2-4673-b5fd-f5099e120d17%5E1&rf=https%3A%2F%2Fwww.notateslaapp.com%2F&tg_i.iab=1&tg_i.site_code=AFOI_2020%2CCNST_2021%2CDDIG_21%2CDEOI_2021%2CDSVR_2021%2CEXHFCE_2021%2CFBSL_2022%2CGCREF%2CGLDM_2021%2CHRSHW_2022%2CMSFTA_2022%2CNSTLE_22%2CSF_RN_122019%2CTGNAF_21%2CTRGT_022020%2CTYTA_22%2CVITFM_21&tg_i.site_id=6086f736fa0c1f0c8270ab14&tg_i.sens=alc%2Cast%2Ccbd%2Cconl%2Ccosm%2Cdat%2Cdlu%2Cdrg%2Cgamc%2Cgamv%2Cgrq%2Cpol%2Crel%2Csst%2Cssr%2Csrh%2Cske%2Ctob%2Cwtl&tg_i.verticals=Auto%2CTech&tg_i.pmp_elig=true&tg_i.mcmp=iabc_1&tg_i.refresh=false&tg_i.vp=0&tg_i.pos=atf&tg_i.pbadslot=%2F18190176%2FAdThrive_Content_1%2F6086f736fa0c1f0c8270ab14&tk_flint=pbjs_lite_v7.18.0&x_source.tid=d386f25b-93c1-445d-8816-f375a25aa2aa&l_pb_bid_id=299daf895f21d14b&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.37&rp_maxbids=1&p_gpid=%2F18190176%2FAdThrive_Content_1%2F6086f736fa0c1f0c8270ab14&slots=1&rand=0.5293724657595122
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
93cc8dfe71bbdc66e2e4a3c017e7b33ed3e3ee7457db1e41f1f80f9471e93cb8

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:32 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
764
expires
Wed, 17 Sep 1975 21:32:10 GMT
bidRequest
c2shb.pubgw.yahoo.com/
66 B
97 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
fdd496ace92a8ca730e931577955f0767e769e7f56b5027dda30e7448552381e

Request headers

Referer
https://mail.notateslaapp.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 06 Dec 2022 20:17:32 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
content-length
66
prebid
ib.adnxs.com/ut/v3/
19 B
869 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.153 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:32 GMT
AN-X-Request-Uuid
65b0af98-e9c0-40a4-8b2b-af720c64f82e
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mail.notateslaapp.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
38.132.118.73; 38.132.118.73; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
btlr.sharethrough.com/universal/
0
263 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.56.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-56-171.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:32 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/
0
263 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.56.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-56-171.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:32 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/
0
263 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.56.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-56-171.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:32 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/
0
263 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.56.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-56-171.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:32 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
cafemedia
direct.adsrvr.org/bid/bidder/
0
405 B
XHR
General
Full URL
https://direct.adsrvr.org/bid/bidder/cafemedia
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.250.166.129 , United States, ASN26459 (TTD-ASN-01, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 20:17:31 GMT
x-openrtb-version
2.3
server
Kestrel
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
/
colossusssp.com/
2 B
248 B
XHR
General
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.111.123 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:32 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
ads
securepubads.g.doubleclick.net/gampad/
30 KB
13 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1113482156589776&correlator=999956221781352&eid=31070873%2C31071149&output=ldjh&gdfp_req=1&vrg=2022120101&ptt=17&impl=fifs&us_privacy=1---&tfcd=0&iu_parts=18190176%3A22569774571%2CAdThrive_Sidebar_9%2C6086f736fa0c1f0c8270ab14&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C300x600%7C320x50%7C160x600%7C300x1050%7C300x50%7C320x100%7C250x250%7C1x1%7C300x420&fluid=height&ifi=4&adks=1972371562&didk=87755247&sfv=1-0-40&fsbs=1&prev_scp=location%3DSidebar%26sequence%3D9%26id%3DAdThrive_Sidebar_9_desktop%26sticky%3Dtrue%26lazy%3Dfalse%26refresh%3D00%26nref%3D0%26inf_scroll%3D1%26amznbid%3D2%26amznp%3D2%26flag_slot%3Dfv%253A0%2Chbf%253A0.37%26hb_format_teads%3Dbanner%26hb_size_teads%3D300x250%26hb_pb_teads%3D0.00%26hb_adid_teads%3D51329c5316612eb7%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.00%26hb_adid%3D51329c5316612eb7%26hb_bidder%3Dteads&eri=5&cust_params=flag%3Dtarget%253Aes2018%252Cadsmnche%253A466%252Cpmp_elig%253A1%252Cclson%253Afalse%252CclsBranch%253A%252CclsBucket%253A%252Clmdv%253A1.13.0%252Cidp%253Ash%252Crf%253A0%26siteId%3D6086f736fa0c1f0c8270ab14%26organizationId%3D6233884d998a8b7088d720e4%26siteName%3DTesla%2520Software%2520Updates%26verticals%3DAuto%252CTech%26abgroup%3Dwvtls%253Aon%252Ctpcapi%253Aon%252Camzn_hold_load%253Aoff%252Cflr%253Arubi%252Cflrdt%253Anone%252Cclsins_ss%253Atrue%252Cebho%253Ayieldmo_ebda%252Cloglevel%253Aoff%252Cidho%253Aoff%252Clzhb%253Aon%252Clzcvp%253A2%252Clzbpvp%253A0.75%252Ctripleliftdr%253Aboth%252Cmagnitedr%253Aclient%252Cpbs2s_appnexus%253Aoff%252Cpbs2s_grid%253Aon%252Cpbs2s_gumgum%253Aoff%252Cpbs2s_openx%253Aoff%252Cadt%253A0%252Cito_ds%253A2800%252C3pho%253Anone%252Cvebho%253Amedianet_ebda%252Ccbt%253A0s%252Cvast_to%253A10s%252Cproto%253Aall%252Cpbm%253Aon%252CreqTo%253A10%252Cvadv%253Aon%252Csmhd100%253Aoff%252Csmad300%253Aon%252Cdcsll%253Aoff%252Cjwb%253Aon%252Cs2sbuff%253A300%252Ccoldr%253Aboth%252Crmos1%253Aoff%252Csocon%253A0%252Cdco%253Arelaxed%252Cmxrpog%253A5%252Cdajto%253Aoff%252Cvpred_1%253A90%252Ccrtvmon%253Aoff%252Cpba%253Anone%252Camzn_hold_disp%253Aoff%252Cbmetrics%253Aon%252Cconfiant%253Aprod%252Ccnfep%253Aon%252Crefvidflr%253A1%252Csocbe%253Asovpct2%252Clogcls%253Aoff%252Crebuildslot%253Aon%252Cupl%253Aoff%252Csekho%253Aoff%252Csospp%253Aon%252Crmosnv1%253Aoff%26bucket%3Dbeta1%253Aovrd%26sens%3Dalc%252Cast%252Ccbd%252Cconl%252Ccosm%252Cdat%252Cdlu%252Cdrg%252Cgamc%252Cgamv%252Cgrq%252Cpol%252Crel%252Csst%252Cssr%252Csrh%252Cske%252Ctob%252Cwtl%26domain%3Dmail.notateslaapp.com%26plugin%3Dadthrive-ads-1.0.43-manual%26hi_au%3Dod%252Com%26vpwxvph%3D1600x1200%26ri%3D38%26pvk%3D01GKMHC4ACP2NW24G3NES42JG8%26sess%3D01GKMHC4AC8WZPTG7R81MC0H70%26branch%3Db1d93de%26deployment%3Dade-454%253Apr2851%253Abeta1%253Ab1d93de%253Aexp%26hbho%3Dconversant%252Cnativo%26vbho%3Dtelaria%26gptv%3D2022120101%26connection%3Dniet%253A4g%252Cdl%253A9.9%26fpv%3D1%26mcmp%3Diabc_1%26site_code%3DAFOI_2020%252CCNST_2021%252CDDIG_21%252CDEOI_2021%252CDSVR_2021%252CEXHFCE_2021%252CFBSL_2022%252CGCREF%252CGLDM_2021%252CHRSHW_2022%252CMSFTA_2022%252CNSTLE_22%252CSF_RN_122019%252CTGNAF_21%252CTRGT_022020%252CTYTA_22%252CVITFM_21%26marmalade%3Dtrue&sc=1&cookie_enabled=1&abxe=1&dt=1670357852154&dlt=1670357846833&idt=1993&adxs=1110&adys=3128&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fmail.notateslaapp.com%2F&frm=20&vis=1&psz=300x7075&msz=300x250&fws=0&ohw=0&ga_vid=355545597.1670357848&ga_sid=1670357851&ga_hid=1721253892&ga_fc=true&cbidsp=Cs8GCAESEQoIdHJpcGxfc3MQnQMgAjgCEg0KBGdyaWQQnQMgAjgCEhMKCmJyaWdodHJvbGwQnQMgAjgCEhAKB3B1Ym1fc3MQnQMgAjgCEhAKB3lpZWxkbW8QnQMgAjgCEhEKCDMzYWNyb3NzEJ0DIAI4AhIPCgZ1bnJ1bHkQnQMgAjgCEg8KBmNvbF9zcxCdAyACOAISoQEKBXRlYWRzENECGpIBChA1MTMyOWM1MzE2NjEyZWI3EPBMQJBOGgNVU0QiCWhiX2JpZGRlciIHaGJfYWRpZCIFaGJfcGIiB2hiX3NpemUiCWhiX2Zvcm1hdCINaGJfYWRpZF90ZWFkcyILaGJfcGJfdGVhZHMiDWhiX3NpemVfdGVhZHMiD2hiX2Zvcm1hdF90ZWFkcygBOgYIrAIQ-gEgARIJCgJpeBC1AyACEgkKAml4ELUDIAISCQoCaXgQtQMgAhIJCgJpeBC1AyACEgkKAml4ELUDIAISDAoFa2FyZ28QjQMgAhIMCgVrYXJnbxCNAyACEg0KBmNyaXRlbxCtAyACEhEKCnRyaXBsZWxpZnQQvQMgAhIMCgVvcGVueBDBAiACEg4KB3Zlcml6b24QtgIgAhIOCgd2ZXJpem9uELYCIAISDgoHdmVyaXpvbhC2AiACEg4KB3Zlcml6b24QtgIgAhIPCghwdWJtYXRpYxC5AiACEg4KB3J1Ymljb24QhgMgAhIPCgh5YWhvb3NzcBCQAyACEg8KCHlhaG9vc3NwEJADIAISDwoIeWFob29zc3AQkAMgAhIPCgh5YWhvb3NzcBCQAyACEg8KCGFwcG5leHVzELEDIAISEwoMc2hhcmV0aHJvdWdoEJsEIAISEwoMc2hhcmV0aHJvdWdoEJsEIAISEwoMc2hhcmV0aHJvdWdoEJsEIAISEwoMc2hhcmV0aHJvdWdoEJsEIAISEwoMc2hhcmV0aHJvdWdoEJsEIAISEwoMc2hhcmV0aHJvdWdoEJsEIAISCgoDdHRkEJkEIAISDwoIY29sb3NzdXMQmAIgAhIQCgl1bmRlcnRvbmUQ8BUgAxgCIiQ2MjYzYThhZS01YTc1LTRmMGUtYjRiZi1hOTYyY2NmYWY2MzQqBAgDIABKAEDEEw..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5a649d454517d4df892198f2a476c2e012b056ad4cb5c64135a755c19e240909
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:33 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12860
x-xss-protection
0
google-lineitem-id
5139771563
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138248641369
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=mail.notateslaapp.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
50 KB
12 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1113482156589776&correlator=2473754146139360&eid=31070873%2C31071149&output=ldjh&gdfp_req=1&vrg=2022120101&ptt=17&impl=fifs&us_privacy=1---&tfcd=0&iu_parts=18190176%3A22569774571%2CAdThrive_Sidebar_1%2C6086f736fa0c1f0c8270ab14&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C120x240&fluid=height&ifi=5&adks=51355784&didk=3296002910&sfv=1-0-40&fsbs=1&prev_scp=location%3DSidebar%26sequence%3D1%26id%3DAdThrive_Sidebar_1_desktop%26lazy%3Dfalse%26refresh%3D00%26nref%3D0%26hvp%3D60%26inf_scroll%3D1%26amznbid%3D2%26amznp%3D2%26flag_slot%3Dfv%253As%2Chbf%253A0&eri=5&cust_params=flag%3Dtarget%253Aes2018%252Cadsmnche%253A466%252Cpmp_elig%253A1%252Cclson%253Afalse%252CclsBranch%253A%252CclsBucket%253A%252Clmdv%253A1.13.0%252Cidp%253Ash%252Crf%253A0%26siteId%3D6086f736fa0c1f0c8270ab14%26organizationId%3D6233884d998a8b7088d720e4%26siteName%3DTesla%2520Software%2520Updates%26verticals%3DAuto%252CTech%26abgroup%3Dwvtls%253Aon%252Ctpcapi%253Aon%252Camzn_hold_load%253Aoff%252Cflr%253Arubi%252Cflrdt%253Anone%252Cclsins_ss%253Atrue%252Cebho%253Ayieldmo_ebda%252Cloglevel%253Aoff%252Cidho%253Aoff%252Clzhb%253Aon%252Clzcvp%253A2%252Clzbpvp%253A0.75%252Ctripleliftdr%253Aboth%252Cmagnitedr%253Aclient%252Cpbs2s_appnexus%253Aoff%252Cpbs2s_grid%253Aon%252Cpbs2s_gumgum%253Aoff%252Cpbs2s_openx%253Aoff%252Cadt%253A0%252Cito_ds%253A2800%252C3pho%253Anone%252Cvebho%253Amedianet_ebda%252Ccbt%253A0s%252Cvast_to%253A10s%252Cproto%253Aall%252Cpbm%253Aon%252CreqTo%253A10%252Cvadv%253Aon%252Csmhd100%253Aoff%252Csmad300%253Aon%252Cdcsll%253Aoff%252Cjwb%253Aon%252Cs2sbuff%253A300%252Ccoldr%253Aboth%252Crmos1%253Aoff%252Csocon%253A0%252Cdco%253Arelaxed%252Cmxrpog%253A5%252Cdajto%253Aoff%252Cvpred_1%253A90%252Ccrtvmon%253Aoff%252Cpba%253Anone%252Camzn_hold_disp%253Aoff%252Cbmetrics%253Aon%252Cconfiant%253Aprod%252Ccnfep%253Aon%252Crefvidflr%253A1%252Csocbe%253Asovpct2%252Clogcls%253Aoff%252Crebuildslot%253Aon%252Cupl%253Aoff%252Csekho%253Aoff%252Csospp%253Aon%252Crmosnv1%253Aoff%26bucket%3Dbeta1%253Aovrd%26sens%3Dalc%252Cast%252Ccbd%252Cconl%252Ccosm%252Cdat%252Cdlu%252Cdrg%252Cgamc%252Cgamv%252Cgrq%252Cpol%252Crel%252Csst%252Cssr%252Csrh%252Cske%252Ctob%252Cwtl%26domain%3Dmail.notateslaapp.com%26plugin%3Dadthrive-ads-1.0.43-manual%26hi_au%3Dod%252Com%26vpwxvph%3D1600x1200%26ri%3D38%26pvk%3D01GKMHC4ACP2NW24G3NES42JG8%26sess%3D01GKMHC4AC8WZPTG7R81MC0H70%26branch%3Db1d93de%26deployment%3Dade-454%253Apr2851%253Abeta1%253Ab1d93de%253Aexp%26hbho%3Dconversant%252Cnativo%26vbho%3Dtelaria%26gptv%3D2022120101%26connection%3Dniet%253A4g%252Cdl%253A9.9%26fpv%3D1%26mcmp%3Diabc_1%26site_code%3DAFOI_2020%252CCNST_2021%252CDDIG_21%252CDEOI_2021%252CDSVR_2021%252CEXHFCE_2021%252CFBSL_2022%252CGCREF%252CGLDM_2021%252CHRSHW_2022%252CMSFTA_2022%252CNSTLE_22%252CSF_RN_122019%252CTGNAF_21%252CTRGT_022020%252CTYTA_22%252CVITFM_21%26marmalade%3Dtrue&sc=1&cookie_enabled=1&abxe=1&dt=1670357852285&dlt=1670357846833&idt=1993&adxs=190&adys=877&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fmail.notateslaapp.com%2F&frm=20&vis=1&psz=220x7075&msz=220x250&fws=0&ohw=0&ga_vid=355545597.1670357848&ga_sid=1670357851&ga_hid=1721253892&ga_fc=true&cbidsp=CrACCAESEQoIdHJpcGxfc3MQxBMgAzgCEg0KBGdyaWQQxBMgAzgCEhMKCmJyaWdodHJvbGwQxBMgAzgCEhAKB3B1Ym1fc3MQxBMgAzgCEhAKB3lpZWxkbW8QxBMgAzgCEhEKCDMzYWNyb3NzEMQTIAM4AhIPCgZ1bnJ1bHkQxBMgAzgCEgwKBXRlYWRzENQPIAISDQoGY3JpdGVvEJIFIAISEQoKdHJpcGxlbGlmdBCLBSACEgwKBW9wZW54EI8FIAISDwoIcHVibWF0aWMQkAUgAhIOCgdydWJpY29uEPAVIAMSDwoIYXBwbmV4dXMQvQ4gAhIKCgN0dGQQnA4gAhgCIiQyZTc0Mjk4OC01ZDg1LTQ2ZTEtOGM1NS1jZmM4ZWY3OTQxMzUqBAgDIABKAEDEEw..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c05a21c8dcf050e0e94eebd5d61ec89f42d6f18963f8c5f5e88a85c446c49be0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12350
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame ED5C
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssvlL4JxIWpBySmbR0nKvNfaE9lIFULfPx5eIEXoP_IStuq6rfw_7eRBuiXeX1LGv9Ps-UbvFRWNZoEgH5-wRE1wuBvSXE5aefNhLzb4-MM4J8s9YCVg4ajwgHcIJLzA0EVNsbGGNyUhIyxIpfiRbBfM55v2zIXH67yaKPkzpmSZiQq-VTuRUhyBL41hhR2XqLvKdb-0a5ASUe-N-zQlWTZ1HdEEtH8veuQe0HJwc2FXeV8d8DB-MwpdnWqUJ52w39tPHGfsPEMqslaKsgAuanb-H2LptHT5d6kacq0dLYMM8u30A0yAY6kUZwTG1p6i2BmdWMh_66hrMtneQqqmIk28qQrZbG1nhdqkmXxXXyIEhrw&sai=AMfl-YT7U3MSTsSD_JEmW7iAejMQwIfByftwqlVxFRLMoRNaN0lVrYkcFj4V0oZY5WPswfF2Mk1CaGxRRdSAsrO1jnI4llXp4dbfTRBKSuOfANLaieKozoGGJ2jWZWflb6D-C1sK4r8DPPWJHq2G5lAIlz0&sig=Cg0ArKJSzG56Sb179WZ8EAE&uach_m=[UACH]&adurl=
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 06 Dec 2022 20:17:32 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame ED5C
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/window_focus_fy2021.js
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 00:36:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
70884
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Dec 2022 00:36:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame ED5C
153 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47692
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670243872199174"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Dec 2022 20:17:33 GMT
15842465133016810807
tpc.googlesyndication.com/simgad/ Frame ED5C
43 B
391 B
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/15842465133016810807
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 07:53:21 GMT
x-content-type-options
nosniff
age
563052
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
last-modified
Wed, 30 May 2018 18:01:52 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 30 Nov 2023 07:53:21 GMT
ats.js
ats.rlcdn.com/
109 KB
36 KB
Script
General
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/es2018/js/adthrive.min.js?deployment=ade-454:pr2851:beta1:b1d93de:exp&deliveryFeatures=rubiconFloors,recencyFrequency,prebidLoad,gptLoad,amazonLoad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.39.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-39-67.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 16:02:38 GMT
x-amz-version-id
qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
content-encoding
br
via
1.1 fba666ceffdeb316c8edf476d8994bd4.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C1
age
15296
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
58acf9e97c03c481f490be71338f7f57
last-modified
Tue, 17 May 2022 11:35:33 GMT
server
AmazonS3
etag
W/"148e21f812b555a13b2a9c6b616141f4"
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
content-type
application/x-javascript
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-id
4dMiGsju4gufqDutCdCNGy-hofGpusJyL78rMsQE7ekiJXr2ubjHhQ==
idsv2
mid.rkdms.com/
2 B
464 B
XHR
General
Full URL
https://mid.rkdms.com/idsv2?ptk=17c1789b-e660-493b-aa74-3c8fb990dc5f&pubid=CAFEMEDIA
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/es2018/js/adthrive.min.js?deployment=ade-454:pr2851:beta1:b1d93de:exp&deliveryFeatures=rubiconFloors,recencyFrequency,prebidLoad,gptLoad,amazonLoad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.200.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-200-106.compute-1.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin
https://mail.notateslaapp.com
date
Tue, 06 Dec 2022 20:17:33 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
application/json
pandg-sdk.js
pghub.io/js/
14 KB
4 KB
Script
General
Full URL
https://pghub.io/js/pandg-sdk.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/es2018/js/adthrive.min.js?deployment=ade-454:pr2851:beta1:b1d93de:exp&deliveryFeatures=rubiconFloors,recencyFrequency,prebidLoad,gptLoad,amazonLoad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
217.45.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
cb260fbfa3add6553864bf1c8dd753a45d7a1504b159c8aa6cbec89f9223a89d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:45:51 GMT
content-encoding
gzip
age
1902
x-guploader-uploadid
ADPycdsC3sLi7I-ZoDxlOny76UdaVApeH-kk3CrM_XDyBUPZaMen4NySfphEaWohwOimlN9WnlP6Xt7PXG6wzDrS0qg2IQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
9
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3690
last-modified
Tue, 05 Apr 2022 17:08:24 GMT
server
UploadServer
etag
"1f39af8c4109e6a95d6895228aab0692"
vary
Accept-Encoding
x-goog-generation
1649178504809914
x-goog-hash
crc32c=eS3F7w==, md5=HzmvjEEJ5qldaJUiiqsGkg==
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=3600
x-goog-meta-last-modified
2022-07-11T15:04:42.732Z
x-goog-stored-content-length
3690
x-goog-meta-cache-control
public, max-age=230400
accept-ranges
bytes
content-type
application/javascript
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://insight.adsrvr.org/track/evnt/?adv=z127r4i&ct=0:p21aj7j&fmt=3
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=MDkzOWFjZDgtZWRlZi00MzA5LTk2YzYtMzRmOGUzZDMxZDQz&gdpr=0&gdpr_consent=&ttd_tdid=0939acd8-edef-4309-96c6-34f8e...
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=0939acd8-edef-4309-96c6-34f8e3d31d43&google_gid=CAESEOjNwBEXIO4xilExCoksZLg&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MjBiOWI3MmQtNGJlNS00MjhiLWI1NjItMTEwZmVlN2M4MjA2&google_push&gdpr=0&gdpr_consent=&ttd_tdid=20b9b72d-4be5-428b-b562-110fee7c8206
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MjBiOWI3MmQtNGJlNS00MjhiLWI1NjItMTEwZmVlN2M4MjA2&google_push&gdpr=0&gdpr_consent=&ttd_tdid=20b9b72d-4be5-428b-b562-110fee7c8206
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:34 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MjBiOWI3MmQtNGJlNS00MjhiLWI1NjItMTEwZmVlN2M4MjA2&google_push&gdpr=0&gdpr_consent=&ttd_tdid=20b9b72d-4be5-428b-b562-110fee7c8206
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
423
truncated
/ Frame ED5C
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
11b2a9f4f6c6d82d7ae0cac2a5204c93e85f8d2573a13bf8173075f57405ab44

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012211060024000/ Frame 9515
221 KB
61 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202210130953/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 01 Dec 2022 20:39:09 GMT
age
430704
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61592
x-xss-protection
0
server
sffe
etag
"a2fca7132416d151"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 01 Dec 2023 20:39:09 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 9515
14 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202210130953/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 01 Dec 2022 20:39:09 GMT
age
430704
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5218
x-xss-protection
0
server
sffe
etag
"abd4378f71571d78"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 01 Dec 2023 20:39:09 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 9515
94 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202210130953/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 01 Dec 2022 20:39:09 GMT
age
430704
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28809
x-xss-protection
0
server
sffe
etag
"dd6615029de85e23"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 01 Dec 2023 20:39:09 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 9515
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202210130953/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 01 Dec 2022 20:39:09 GMT
age
430704
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
etag
"403438c4d550ee88"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 01 Dec 2023 20:39:09 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 9515
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202210130953/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 01 Dec 2022 20:39:09 GMT
age
430704
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12946
x-xss-protection
0
server
sffe
etag
"0bacd3f1ce38a7db"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 01 Dec 2023 20:39:09 GMT
css
fonts.googleapis.com/ Frame 9515
3 KB
601 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202210130953/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 06 Dec 2022 20:17:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 06 Dec 2022 18:29:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Dec 2022 20:17:32 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9515
2 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 20:39:09 GMT
x-content-type-options
nosniff
server
cafe
age
85104
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 06 Dec 2022 20:39:09 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9515
295 B
757 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 20:39:09 GMT
x-content-type-options
nosniff
server
cafe
age
85104
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 06 Dec 2022 20:39:09 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 9515
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cxje6W6OPY9fEM4LWo9kP-s6V0AyjtNrnbfLazJGUELjUsYbTARABIKivqhVgyYaAgNyjxBCgAbG9tv0DyAEG4AIAqAMByAMKqgT-AU_Qkp9wXxSbeVJQ62vJtEIdlFTWdBzYe8yNs3vTp3HLkUT1G8bPRS4dFqyLb4q5VGPSksiFQt8fqhOt767VD1pkLqsZ9Dl6TzORJNvLC0BHBhxbEEZxo5j--Eih_iN3oZ4T1fWLjf5HkmxLWHDDOahq-VE0Kw2J6ZLvE1U_WTex1xBLbNZs_vAISDlxtEPmz1g3txKbRxYi-e_Owy-4brl1VUBkUxlE3O68sZ2wV9eViSGMDLf909Y5KzlW1BKkjTKOJ0O8t1CTnz0JtxFzvTx-lBOuHxIXCyWJmQHUxt7vbPpO3X1luFxx6l-TksTKNomcnllVNbiA6F5oWr65wASkx7zTlgTgBAGSBQQIBBgBkgUECAUYBKAGN4AHt8LJAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAfIHBBDIsCHSCA8IgGEQARgdMgKKAjoCgEDyCBthZHgtc3Vic3luLTQ0NTI0ODMxOTkzMDk5NTCACgPICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItODUwMTY3NDQzMDkwOTA4MhjA4BA&sigh=9YjsxF3S8yM&uach_m=[UACH]&cid=CAQSSwDq26N95xnz3Vli8jd_YZX4lPGKbuupF37elhPulqTEg0rNPGRtKGMwAVppvvD1MWgp1D94IwYbMaHYrmqpBXPaZ9sDNS4oMq7vDhgBIBM&template_id=493
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

shopping
encrypted-tbn3.gstatic.com/ Frame 9515
29 KB
30 KB
Image
General
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSQuva-GAPyRBjOn432HXpVwjKIreWoLItAFu1kqOM9QyciNqLtIpYH7oLA-Q&usqp=CAI
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b24935b56b62e594113332bf1438a3df3641e006ffd02454d3faeb0f98b8f8b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 21:17:01 GMT
x-content-type-options
nosniff
age
514832
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30177
x-xss-protection
0
last-modified
Tue, 05 Jul 2022 16:50:43 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 30 Nov 2023 21:17:01 GMT
6882328095556613470
tpc.googlesyndication.com/simgad/ Frame 9515
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCf5rXh1wEQ0QgY0QgyCPbVWbHXAlY3
  • https://tpc.googlesyndication.com/simgad/6882328095556613470
141 KB
141 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/6882328095556613470
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H3
Server
2607:f8b0:4006:817::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b13ee23847c33658eede97d4b3cde752af5f976251b3c7e63ae68d18652b0505
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 18:09:45 GMT
x-content-type-options
nosniff
age
94068
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
143904
x-xss-protection
0
last-modified
Thu, 25 Nov 2021 14:43:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 05 Dec 2023 18:09:45 GMT

Redirect headers

date
Mon, 05 Dec 2022 21:17:37 GMT
x-content-type-options
nosniff
server
cafe
age
82796
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/6882328095556613470
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 04 Jan 2023 21:17:37 GMT
truncated
/ Frame 9515
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aebc9e41a275f16f51c1539be841bcd8ce2d4a3da1206c84220fdb02e5623541

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/png
ecm3
s.amazon-adsystem.com/ Frame 6C1C
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=12117cc0-7aef-c27e-2f25-bf769206f50a
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
DVM8FXRYXDEBTY7Q5GMH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 6C1C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=Y4_jXQAB-6N2IwAo
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y4_jXQAB-6N2IwAo&_test=Y4_jXQAB-6N2IwAo
43 B
106 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y4_jXQAB-6N2IwAo&_test=Y4_jXQAB-6N2IwAo
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:34 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-mia11360-MIA
pragma
no-cache
date
Tue, 06 Dec 2022 20:17:33 GMT
via
1.1 varnish
server
Varnish
x-timer
S1670357853.499331,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y4_jXQAB-6N2IwAo&_test=Y4_jXQAB-6N2IwAo
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
de0066f9-f6e9-ebcd-defc-2b140562f3a3
pr-bh.ybp.yahoo.com/sync/openx/ Frame 6C1C
43 B
602 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/de0066f9-f6e9-ebcd-defc-2b140562f3a3?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a05:b0ca:7df6:43a8:f557 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sd
us-u.openx.net/w/1.0/ Frame 6C1C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=4ac700bd-6645-7984-ef2b-3de1fa353eea&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=4ac700bd-6645-7984-ef2b-3de1fa353eea&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=20b9b72d-4be5-428b-b562-110fee7c8206&ttd_puid=4ac700bd-6645-7984-ef2b-3de1fa353eea&gdpr=0&gdpr_consent=
43 B
62 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=20b9b72d-4be5-428b-b562-110fee7c8206&ttd_puid=4ac700bd-6645-7984-ef2b-3de1fa353eea&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:34 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:33 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=20b9b72d-4be5-428b-b562-110fee7c8206&ttd_puid=4ac700bd-6645-7984-ef2b-3de1fa353eea&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
pixel
cm.g.doubleclick.net/ Frame 6C1C
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjZhOGQzNzctYWYzMi0yNzIwLWZhY2ItNjc1ODMwZDdmMDhh
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 6C1C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP1vxdmsoyVTGqyM6acwS88&google_cver=1
43 B
122 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP1vxdmsoyVTGqyM6acwS88&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:34 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP1vxdmsoyVTGqyM6acwS88&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 9515
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mail.notateslaapp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 16:38:24 GMT
x-content-type-options
nosniff
age
185949
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20784
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:21:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Dec 2023 16:38:24 GMT
ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 9515
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mail.notateslaapp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 22:39:19 GMT
x-content-type-options
nosniff
age
596294
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21428
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:32:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Nov 2023 22:39:19 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://mail.notateslaapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://mail.notateslaapp.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 06 Dec 2022 20:17:32 GMT
server
ATS/9.1.10.25
view
securepubads.g.doubleclick.net/pcs/ Frame 4B01
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvF6Bn47OyMRoU3YxCfdTRSR5LCa5ur9_ehZyVOPcFcqTp59-R8ILojubxixKk0vFztLWjicXi9eLusGBdrvLSOXiMoIfNJQKxzrJsj0fbALgMarn8kHEAP4KVPFcXa5iLk6dOba_DH5mpfMRhIKjUxEXPk8PUNpZX3fRz1HSm_LKU0kkCl0NqcnU8iGb2NKYgBrRltkR2WLUI_f1jB5AxYhNlykGoa-VAE6V79sc1rkoqBagY7adl_oJG8oGJYcqf3hh5oqged8sQU_vgyOEB0QQ99HpuVzQqRWaVkVhCxT2yVIrtkwkqWeeEdjXACcz307a829hYeJv-SrYBvXjcVroMe5Ww3A2j9Dqug8DlBD4mKUA&sai=AMfl-YRi5O-dhSFUJ8pBQ_kmHPdFDHuAPRz40mfu7CwtwXgOEDYxVLQ5hiK-IVAN-4SFjudRk_vH22mUgO5NrvNOx9EEQWX_vrFe5YYofs-bGIatE-hVezQiM9DiMgOSG6A9I5WIwQU1uk3YF7K4XGH7OmY&sig=Cg0ArKJSzMhetZJW4wHlEAE&uach_m=[UACH]&adurl=
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
15842465133016810807
tpc.googlesyndication.com/simgad/ Frame 4B01
43 B
104 B
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/15842465133016810807
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 07:53:21 GMT
x-content-type-options
nosniff
age
563052
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
last-modified
Wed, 30 May 2018 18:01:52 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 30 Nov 2023 07:53:21 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame 4B01
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/window_focus_fy2021.js
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 00:36:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
70884
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Dec 2022 00:36:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4B01
153 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47692
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670243872199174"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Dec 2022 20:17:33 GMT
truncated
/ Frame 4B01
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1d53d874ff0037788b1b33b17b9886a3d9e78af4c885560a5271b3d7b9abf177

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/png
dcm
s.amazon-adsystem.com/ Frame D42A
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4-jW4WwZUQrKydWgaf8DQAAAZUAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
PFX11DHKAHC0REPYCJ6Q
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame D42A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y4.jW4WwZUQrKydWgaf8DQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKqb4sB-k-bxi3-Pece7Kw4&google_cver=1&google_hm=2
43 B
765 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKqb4sB-k-bxi3-Pece7Kw4&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:35 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKqb4sB-k-bxi3-Pece7Kw4&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame D42A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y4-jW4WwZUQrKydWgaf8DQAAAZUAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPDviWBHLO4TRN_UZhLpA4E&google_cver=1
43 B
842 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPDviWBHLO4TRN_UZhLpA4E&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hPl6o5PLYQvwbdlzMPLu1ObXhGkZcq4njGpjuHDbmw4JPYnMm1kv3ZbnCcQazQ%2FKiBQFOR1fR4lmqZ0vVXV0423i8CI1TlCYhQxAv1HXGkwa8NrmvpNdNuTAAwndWeFoV7Lqw2dV2hCG%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7757b4ad486367c9-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPDviWBHLO4TRN_UZhLpA4E&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame D42A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=20b9b72d-4be5-428b-b562-110fee7c8206&expiration=1672949853&gdpr=0&gdpr_consent=
43 B
765 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=20b9b72d-4be5-428b-b562-110fee7c8206&expiration=1672949853&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:34 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:33 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=20b9b72d-4be5-428b-b562-110fee7c8206&expiration=1672949853&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
crum
dsum-sec.casalemedia.com/ Frame D42A
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0875220407bc04a94302b9e5&expiration=[EXPIRATION]
43 B
765 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0875220407bc04a94302b9e5&expiration=[EXPIRATION]
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:35 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0875220407bc04a94302b9e5&expiration=[EXPIRATION]
Date
Tue, 06 Dec 2022 20:17:23 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Powered-By
Express
Content-Length
0
Vary
Origin
crum
dsum-sec.casalemedia.com/ Frame D42A
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=31ff557f-346d-4d8e-9562-0114f1de7176
43 B
765 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=31ff557f-346d-4d8e-9562-0114f1de7176
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:34 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:33 GMT
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=31ff557f-346d-4d8e-9562-0114f1de7176
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame D42A
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=MHbgFxllIZAxE2VBBjzy&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2TKIMJTUM...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=MHbgFxllIZAxE2VBBjzy
43 B
764 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=MHbgFxllIZAxE2VBBjzy
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:36 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:35 GMT
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=MHbgFxllIZAxE2VBBjzy
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame D42A
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=Y4-jW4WwZUQrKydWgaf8DQAAAZUAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
K6JDS6R7B3J8XVQG5NSW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 5A51
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=gc5be86089e62789db8b
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
X2Y94XQFQMNN7K52N2W3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ads.yieldmo.com/ Frame 5A51
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=21
  • https://ads.yieldmo.com/sync?pn_id=stk&userid=gkpqVRvARrp_1qKxdAy9ISaEdkk&gdpr=&gdpr_consent=
43 B
333 B
Image
General
Full URL
https://ads.yieldmo.com/sync?pn_id=stk&userid=gkpqVRvARrp_1qKxdAy9ISaEdkk&gdpr=&gdpr_consent=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
3.231.99.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-99-187.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 06 Dec 2022 20:17:35 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Location
https://ads.yieldmo.com/sync?pn_id=stk&userid=gkpqVRvARrp_1qKxdAy9ISaEdkk&gdpr=&gdpr_consent=
Date
Tue, 06 Dec 2022 20:17:33 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
sync
sync-adform.ads.yieldmo.com/ Frame 5A51
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1283
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1283
  • https://sync-adform.ads.yieldmo.com/sync?pn_id=adfm&id=188842751989571768
43 B
324 B
Image
General
Full URL
https://sync-adform.ads.yieldmo.com/sync?pn_id=adfm&id=188842751989571768
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
34.205.97.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-97-218.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 06 Dec 2022 20:17:34 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://sync-adform.ads.yieldmo.com/sync?pn_id=adfm&id=188842751989571768
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sync
sync-pm.ads.yieldmo.com/ Frame 5A51
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODVEQzIwNTEtNTdDQi00QUY1LThCMzgtOTg0N0EwMDk5RTk5&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D85DC2051-57CB-4AF5-8B38-9847A0099E99
  • https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=85DC2051-57CB-4AF5-8B38-9847A0099E99
43 B
762 B
Image
General
Full URL
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=85DC2051-57CB-4AF5-8B38-9847A0099E99
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
34.205.97.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-97-218.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 06 Dec 2022 20:17:37 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

location
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=85DC2051-57CB-4AF5-8B38-9847A0099E99
date
Tue, 06 Dec 2022 20:17:36 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
ads.yieldmo.com/v000/ Frame 5A51
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
  • https://ads.yieldmo.com/v000/sync?userid=630481314781216515&pn_id=an
43 B
322 B
Image
General
Full URL
https://ads.yieldmo.com/v000/sync?userid=630481314781216515&pn_id=an
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
3.231.99.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-99-187.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 06 Dec 2022 20:17:35 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:33 GMT
AN-X-Request-Uuid
b7dd7acd-4ef7-4d93-9f7d-4d6182ab3498
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://ads.yieldmo.com/v000/sync?userid=630481314781216515&pn_id=an
Connection
keep-alive
X-Proxy-Origin
38.132.118.73; 38.132.118.73; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.yieldmo.com/ Frame 5A51
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=yieldmo
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LBCNXQNN-11-M5LE
43 B
323 B
Image
General
Full URL
https://ads.yieldmo.com/sync?pn_id=rc&id=LBCNXQNN-11-M5LE
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
3.231.99.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-99-187.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 06 Dec 2022 20:17:35 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.yieldmo.com/sync?pn_id=rc&id=LBCNXQNN-11-M5LE
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
2dd9fa24169fa04536d533da131679f8
Expires
0
usync.js
eus.rubiconproject.com/ Frame D5E6
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.3.115.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-115-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
646602d51b516d8e5462483f63a38e99d9960d569f04e1b67ed84a0cb748188a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 20:17:33 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Dec 2022 04:10:43 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=28410
Connection
keep-alive
Content-Length
10066
Expires
Wed, 07 Dec 2022 04:11:03 GMT
cs&eq_cc=1
um2.eqads.com/um/ Frame B444
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B
Document
General
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.152.229.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-152-229-173.compute-1.amazonaws.com
Software
/
Resource Hash
bc6c4ce419560989deb88ec1d96d318d24ae50f301f1836ad5e9cf348e65910e

Request headers

Referer
https://ssum-sec.casalemedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, must-revalidate
content-length
186
content-type
text/html; charset=utf-8
date
Tue, 06 Dec 2022 20:17:33 GMT
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Tue, 06 Dec 2022 20:17:33 GMT
pragma
no-cache

Redirect headers

content-length
41
content-type
text/html; charset=utf-8
date
Tue, 06 Dec 2022 20:17:33 GMT
location
/um/cs&eq_cc=1
xuid
eb2.3lift.com/ Frame 928D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=20b9b72d-4be5-428b-b562-110fee7c8206&dongle=0cfd
37 B
355 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=20b9b72d-4be5-428b-b562-110fee7c8206&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 06 Dec 2022 20:17:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:33 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=20b9b72d-4be5-428b-b562-110fee7c8206&dongle=0cfd
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
209
ebda
eb2.3lift.com/ Frame 928D
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzQ4MzU0NzQ2Mjg1OTk4OTI3ODgyOQ%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B
Image
General
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 928D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEadntj_6GTJsMLiqEqnOVY&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
355 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEadntj_6GTJsMLiqEqnOVY&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 06 Dec 2022 20:17:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEadntj_6GTJsMLiqEqnOVY&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 928D
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzQ4MzU0NzQ2Mjg1OTk4OTI3ODgyOQ%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzQ4MzU0NzQ2Mjg1OTk4OTI3ODgyOQ%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzQ4MzU0NzQ2Mjg1OTk4OTI3ODgyOQ%3D%3D
date
Tue, 06 Dec 2022 20:17:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame 928D
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3483547462859989278829&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3483547462859989278829&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=9a60fe37-b838-4441-8d01-6498245af41e&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=9a60fe37-b838-4441-8d01-6498245af41e&_noobservation=1&_expected_cookie=da9d7f5...
43 B
164 B
Image
General
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=9a60fe37-b838-4441-8d01-6498245af41e&_noobservation=1&_expected_cookie=da9d7f5aac5b6c524d4a378fe3d406b6
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
104.18.99.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Tue, 06 Dec 2022 20:17:36 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7757b4baf9c067da-MIA
content-length
43
content-type
image/gif

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=9a60fe37-b838-4441-8d01-6498245af41e&_noobservation=1&_expected_cookie=da9d7f5aac5b6c524d4a378fe3d406b6
date
Tue, 06 Dec 2022 20:17:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7757b4b5ef3767da-MIA
content-length
0
xuid
eb2.3lift.com/ Frame 928D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3483547462859989278829&gdpr=0&gdpr_consent=
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dtrip...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=bc4452818b984146a3f3af99e6f4260a&ssp=triplelift&bsw_param=b1d435b5-77d4-4214-8692-93c49c8f540c&gdpr=0&consent=&gdpr_pd=&expires=7
  • https://eb2.3lift.com/xuid?mid=2409&xuid=b1d435b5-77d4-4214-8692-93c49c8f540c&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
37 B
355 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=b1d435b5-77d4-4214-8692-93c49c8f540c&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 06 Dec 2022 20:17:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=b1d435b5-77d4-4214-8692-93c49c8f540c&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Tue, 06 Dec 2022 20:17:35 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame 928D
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3483547462859989278829?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-.wRvKXFE2oRzb2iybCZx4EtRgcv5nNx3XkC5ac5aWg--~A&dongle=0883
37 B
355 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-.wRvKXFE2oRzb2iybCZx4EtRgcv5nNx3XkC5ac5aWg--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 06 Dec 2022 20:17:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Tue, 06 Dec 2022 20:17:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-.wRvKXFE2oRzb2iybCZx4EtRgcv5nNx3XkC5ac5aWg--~A&dongle=0883
content-length
0
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame 928D
0
0
Image
General
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=3483547462859989278829
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

c.gif
c.bing.com/ Frame 928D
42 B
666 B
Image
General
Full URL
https://c.bing.com/c.gif?xid=3483547462859989278829&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:33 GMT
last-modified
Thu, 13 Oct 2022 20:05:21 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 18588CAE6F254CE7B324B7FCEE62928E Ref B: MIAEDGE1817 Ref C: 2022-12-06T20:17:34Z
etag
"b656771f3fdfd81:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame 928D
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=630481314781216515&dongle=4d58&gdpr=0&gdpr_consent=
37 B
355 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=630481314781216515&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 06 Dec 2022 20:17:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:34 GMT
AN-X-Request-Uuid
96be0b9b-794c-43f6-9323-ae2e850dec89
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=630481314781216515&dongle=4d58&gdpr=0&gdpr_consent=
Connection
keep-alive
X-Proxy-Origin
38.132.118.73; 38.132.118.73; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
prebid-server.rubiconproject.com/ Frame 928D
0
572 B
Image
General
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=triplelift&gdpr=&gdpr_consent=&us_privacy=1---&account=&f=b&uid=3483547462859989278829
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.89.34.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-89-34-248.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
text/html
pragma
no-cache
date
Tue, 06 Dec 2022 20:17:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://mail.notateslaapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://mail.notateslaapp.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 06 Dec 2022 20:17:33 GMT
server
ATS/9.1.10.25
auction
prebid-server.rubiconproject.com/openrtb2/
367 B
525 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.89.34.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-89-34-248.compute-1.amazonaws.com
Software
/
Resource Hash
635127efc3432b97b13e89fdc3d86de186bb7ca7e3d71da1ee17d33af68ad62e

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:35 GMT
content-encoding
gzip
x-prebid
pbs-java/1.105.0
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
287
expires
0
bid-request
a.teads.tv/hb/
16 B
393 B
XHR
General
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.200.33 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-33.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:33 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Tue, 06 Dec 2022 20:17:33 GMT
pbjs
htlb.casalemedia.com/openrtb/
38 B
513 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=185762&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22336080d8e54512e6%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.notateslaapp.com%2F%3F%23PD%3Adesktop%23HVP%3A0%23Source%3Adirect%23Browser%3AChrome%23Topic%3AAuto%23Topic%3ATech%23MCMP%3Aiabc_1%23Sens%3Aalc%23Sens%3Aast%23Sens%3Acbd%23Sens%3Aconl%23Sens%3Acosm%23Sens%3Adat%23Sens%3Adlu%23Sens%3Adrg%23Sens%3Agamc%23Sens%3Agamv%23Sens%3Agrq%23Sens%3Apol%23Sens%3Arel%23Sens%3Asst%23Sens%3Assr%23Sens%3Asrh%23Sens%3Aske%23Sens%3Atob%23Sens%3Awtl%23vp%3A0%23AFOI_2020%3ATrue%23CNST_2021%3ATrue%23DDIG_21%3ATrue%23DEOI_2021%3ATrue%23DSVR_2021%3ATrue%23EXHFCE_2021%3ATrue%23FBSL_2022%3ATrue%23GCREF%3ATrue%23GLDM_2021%3ATrue%23HRSHW_2022%3ATrue%23MSFTA_2022%3ATrue%23NSTLE_22%3ATrue%23SF_RN_122019%3ATrue%23TGNAF_21%3ATrue%23TRGT_022020%3ATrue%23TYTA_22%3ATrue%23VITFM_21%3ATrue%22%2C%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22cafemedia.com%22%2C%22segment%22%3A%5B%7B%22id%22%3A%221%22%7D%5D%2C%22ext%22%3A%7B%22segtax%22%3A6%7D%7D%5D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A6%2C%22msi%22%3A6%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.18.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fmail.notateslaapp.com%2F%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A1%2C%22dms%22%3Atrue%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22%2F18190176%2FAdThrive_Content_2%2F6086f736fa0c1f0c8270ab14%22%2C%22adunitcode%22%3A%22AdThrive_Content_2_desktop%22%2C%22divId%22%3A%22AdThrive_Content_2_desktop%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22337aa9e77c8e8f4c%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22185762%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22185762%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22185762%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22185762%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22185762%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A468%2C%22h%22%3A60%2C%22ext%22%3A%7B%22siteID%22%3A%22185762%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22185762%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A1%2C%22h%22%3A1%2C%22ext%22%3A%7B%22siteID%22%3A%22185762%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A300%2C%22ext%22%3A%7B%22siteID%22%3A%22185762%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A552%2C%22h%22%3A334%2C%22ext%22%3A%7B%22siteID%22%3A%22185762%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F18190176%2FAdThrive_Content_2%2F6086f736fa0c1f0c8270ab14%22%2C%22gpid%22%3A%22%2F18190176%2FAdThrive_Content_2%2F6086f736fa0c1f0c8270ab14%22%2C%22tid%22%3A%22dd887fcb-4b7f-4c88-8eaf-05370f99194e%22%2C%22sid%22%3A%224_6%22%7D%2C%22bidfloor%22%3A0.3847%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22cafemedia.com%22%2C%22sid%22%3A%226086f736fa0c1f0c8270ab14%22%2C%22hp%22%3A1%2C%22rid%22%3A%2297a65491-9853-4e6f-baa7-39b5de92a236%22%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%7D%5D%7D%5D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2618ddd431518fca8ae077fe954bf6e98aa4e3e1e9dc59efa360fb57a4697b01

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mdaq6uPeUxjaTXTZ8ub%2BTfxBXQZM%2BzWr0j4%2FLdV%2FY4KSSogaC%2FOeMHKSyI71BfNAEm0hkR9yrYx87LOhwh9xM7XAJ4xPjXMLEl1kiHysNfQ0qsD%2F3jBMDD0Q6fBglx80pXYFnSla"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7757b4a85f17b3bf-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38
expires
0
bid
krk.kargo.com/api/v2/
2 B
656 B
XHR
General
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%2264aa31a5-eca6-4058-bd8c-7b39543aa4ad%22%2C%22requestCount%22%3A5%2C%22timeout%22%3A2800%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1670357853415%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%22342eb0e5a250df8f%22%3A%22_mfu14jCkaN%22%7D%2C%22bidSizes%22%3A%7B%22342eb0e5a250df8f%22%3A%5B%5B300%2C250%5D%2C%5B320%2C50%5D%2C%5B336%2C280%5D%2C%5B300%2C50%5D%2C%5B320%2C100%5D%2C%5B468%2C60%5D%2C%5B250%2C250%5D%2C%5B1%2C1%5D%2C%5B300%2C300%5D%2C%5B552%2C334%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_mfu14jCkaN%22%7D%2C%22auctionId%22%3A%2271cff08f-72d3-49fb-8613-1ce8e3a29fb4%22%2C%22floorData%22%3A%7B%22skipped%22%3Afalse%2C%22skipRate%22%3A10%2C%22modelVersion%22%3A%22cw-cafemedia%402022-12-05-20%22%2C%22modelWeight%22%3A70%2C%22modelTimestamp%22%3A1670270400%2C%22location%22%3A%22setConfig%22%2C%22floorProvider%22%3A%22rubicon%22%7D%2C%22userId%22%3A%7B%22pubcid%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%7D%2C%22userIdAsEids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%2C%22atype%22%3A1%7D%5D%7D%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22data%22%3A%7B%22adserver%22%3A%7B%22name%22%3A%22gam%22%2C%22adslot%22%3A%22%2F18190176%2FAdThrive_Content_2%2F6086f736fa0c1f0c8270ab14%22%7D%2C%22pbadslot%22%3A%22%2F18190176%2FAdThrive_Content_2%2F6086f736fa0c1f0c8270ab14%22%7D%2C%22tid%22%3A%22dd887fcb-4b7f-4c88-8eaf-05370f99194e%22%2C%22gpid%22%3A%22%2F18190176%2FAdThrive_Content_2%2F6086f736fa0c1f0c8270ab14%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B320%2C50%5D%2C%5B336%2C280%5D%2C%5B300%2C50%5D%2C%5B320%2C100%5D%2C%5B468%2C60%5D%2C%5B250%2C250%5D%2C%5B1%2C1%5D%2C%5B300%2C300%5D%2C%5B552%2C334%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22AdThrive_Content_2_desktop%22%2C%22transactionId%22%3A%22dd887fcb-4b7f-4c88-8eaf-05370f99194e%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B320%2C50%5D%2C%5B336%2C280%5D%2C%5B300%2C50%5D%2C%5B320%2C100%5D%2C%5B468%2C60%5D%2C%5B250%2C250%5D%2C%5B1%2C1%5D%2C%5B300%2C300%5D%2C%5B552%2C334%5D%5D%2C%22bidId%22%3A%22342eb0e5a250df8f%22%2C%22bidderRequestId%22%3A%22341ab2a9c102314d%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22userId.init.gdpr%22%3A%5B0.09999942779541016%5D%2C%22userId.mod.init%22%3A%5B0.6999998092651367%2C1.6000003814697266%2C0.20000076293945312%2C0%2C3.6999998092651367%2C0.09999942779541016%2C0.8000001907348633%5D%2C%22userId.mods.connectId.init%22%3A%5B0.6999998092651367%5D%2C%22userId.mods.criteo.init%22%3A%5B1.6000003814697266%5D%2C%22userId.mods.id5Id.init%22%3A%5B0.20000076293945312%5D%2C%22userId.mods.identityLink.init%22%3A%5B0%5D%2C%22userId.mods.sharedId.init%22%3A%5B3.6999998092651367%5D%2C%22userId.mods.unifiedId.init%22%3A%5B0.09999942779541016%5D%2C%22userId.mods.fabrickId.init%22%3A%5B0.8000001907348633%5D%2C%22userId.init.modules%22%3A%5B9.5%5D%2C%22requestBids.usp%22%3A0.09999942779541016%2C%22requestBids.priceFloors%22%3A1%2C%22requestBids.userId%22%3A0.5999994277954102%2C%22requestBids.validate%22%3A2.40000057220459%2C%22requestBids.makeRequests%22%3A5.800000190734863%2C%22adapter.client.validate%22%3A0%2C%22adapters.client.kargo.validate%22%3A0%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22cafemedia.com%22%2C%22segment%22%3A%5B%7B%22id%22%3A%221%22%7D%5D%2C%22ext%22%3A%7B%22segtax%22%3A6%7D%7D%5D%7D%7D%7D%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22cafemedia.com%22%2C%22sid%22%3A%226086f736fa0c1f0c8270ab14%22%2C%22hp%22%3A1%2C%22rid%22%3A%2297a65491-9853-4e6f-baa7-39b5de92a236%22%7D%5D%7D%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%2C%22usp%22%3A%221---%22%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.notateslaapp.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.108.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-108-184.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:33 GMT
Content-Encoding
gzip
X-Accel-Expires
0
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://mail.notateslaapp.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
26
Expires
Thu, 01 Jan 1970 00:00:00 UTC
cdb
bidder.criteo.com/
18 B
318 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.18.0&cb=39049040515&lsavail=1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 20:17:32 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
auction
tlx.3lift.com/header/
19 B
740 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.18.0&referrer=https%3A%2F%2Fwww.notateslaapp.com%2F&tmax=2800&us_privacy=1---
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.146.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-146-96.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:33 GMT
accept-ch
user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect
x-auction-status
7
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
arj
cafemedia-d.openx.net/w/1.0/
188 B
197 B
XHR
General
Full URL
https://cafemedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.notateslaapp.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=dd887fcb-4b7f-4c88-8eaf-05370f99194e&nocache=1670357853450&scsm=cafemedia.com%2F6%3A1&us_privacy=1---&pubcid=996b3fe4-cfc2-4673-b5fd-f5099e120d17&schain=1.0%2C1!cafemedia.com%2C6086f736fa0c1f0c8270ab14%2C1%2C97a65491-9853-4e6f-baa7-39b5de92a236%2C%2C&aus=300x250%2C320x50%2C336x280%2C300x50%2C320x100%2C468x60%2C250x250%2C1x1%2C300x300%2C552x334&divids=AdThrive_Content_2_desktop&aucs=%252F18190176%252FAdThrive_Content_2%252F6086f736fa0c1f0c8270ab14&auid=538699865&tps=c2Vucz1hbGMsYXN0LGNiZCxjb25sLGNvc20sZGF0LGRsdSxkcmcsZ2FtYyxnYW12LGdycSxwb2wscmVsLHNzdCxzc3Isc3JoLHNrZSx0b2Isd3RsJmJ1Y2tldD1iZXRhMTpvdnJkJmhpX2F1PQ%3D%3D&aumfs=370
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
1b8a1e0af4fa9dc8e308f3a9be19421aea123736b829d7427893bfd93f4dd8e4

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:33 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
174
expires
Mon, 26 Jul 1997 05:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/
62 B
283 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d00177771bcae21c6941d30023&pos=8a96918c0177771bc652204531fe0091&cmd=bid&sens=alc%2Cast%2Ccbd%2Cconl%2Ccosm%2Cdat%2Cdlu%2Cdrg%2Cgamc%2Cgamv%2Cgrq%2Cpol%2Crel%2Csst%2Cssr%2Csrh%2Cske%2Ctob%2Cwtl&secure=1&us_privacy=1---
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
bd80356efd749b6f368d6d4d51b80576dda7ef0affe8f1d325929e301ae57d7b

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 20:17:33 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
content-length
62
translator
hbopenbid.pubmatic.com/
0
63 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mail.notateslaapp.com
date
Tue, 06 Dec 2022 20:17:32 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/
752 B
810 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9262&site_id=180726&zone_id=881400&size_id=15&alt_size_ids=1%2C14%2C16%2C43%2C44%2C48%2C117%2C221&us_privacy=1---&rp_schain=1.0,1!cafemedia.com,6086f736fa0c1f0c8270ab14,1,97a65491-9853-4e6f-baa7-39b5de92a236,,&eid_pubcid.org=996b3fe4-cfc2-4673-b5fd-f5099e120d17%5E1&rf=https%3A%2F%2Fwww.notateslaapp.com%2F&tg_i.iab=1&tg_i.site_code=AFOI_2020%2CCNST_2021%2CDDIG_21%2CDEOI_2021%2CDSVR_2021%2CEXHFCE_2021%2CFBSL_2022%2CGCREF%2CGLDM_2021%2CHRSHW_2022%2CMSFTA_2022%2CNSTLE_22%2CSF_RN_122019%2CTGNAF_21%2CTRGT_022020%2CTYTA_22%2CVITFM_21&tg_i.site_id=6086f736fa0c1f0c8270ab14&tg_i.sens=alc%2Cast%2Ccbd%2Cconl%2Ccosm%2Cdat%2Cdlu%2Cdrg%2Cgamc%2Cgamv%2Cgrq%2Cpol%2Crel%2Csst%2Cssr%2Csrh%2Cske%2Ctob%2Cwtl&tg_i.verticals=Auto%2CTech&tg_i.pmp_elig=true&tg_i.mcmp=iabc_1&tg_i.refresh=false&tg_i.vp=0&tg_i.pbadslot=%2F18190176%2FAdThrive_Content_2%2F6086f736fa0c1f0c8270ab14&tk_flint=pbjs_lite_v7.18.0&x_source.tid=dd887fcb-4b7f-4c88-8eaf-05370f99194e&l_pb_bid_id=354ff0057d20b115&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.37&rp_maxbids=1&p_gpid=%2F18190176%2FAdThrive_Content_2%2F6086f736fa0c1f0c8270ab14&slots=1&rand=0.5696545097450656
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
86648e3d719ec4241881ad3288ea66ded0941e14d3c3c6f0cb3b33f80186c888

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:33 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
752
expires
Wed, 17 Sep 1975 21:32:10 GMT
bidRequest
c2shb.pubgw.yahoo.com/
66 B
97 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
718b64a56a1347a3e26ad729b15c32130635ced9c6363c71fb82ede6c5469a25

Request headers

Referer
https://mail.notateslaapp.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 06 Dec 2022 20:17:33 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
content-length
66
prebid
ib.adnxs.com/ut/v3/
140 B
991 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.153 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0ed9f50ebd146a91e79142b120d8cff70ac1ebae98533cadc434b164dbb24684
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:33 GMT
AN-X-Request-Uuid
117e94e2-6ee9-46f3-852e-a822b78fb4f2
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mail.notateslaapp.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
38.132.118.73; 38.132.118.73; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
btlr.sharethrough.com/universal/
0
263 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.56.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-56-171.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:33 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/
0
263 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.56.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-56-171.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:33 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/
0
263 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.56.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-56-171.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:33 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/
0
263 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.56.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-56-171.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:33 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
cafemedia
direct.adsrvr.org/bid/bidder/
0
405 B
XHR
General
Full URL
https://direct.adsrvr.org/bid/bidder/cafemedia
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.250.166.129 , United States, ASN26459 (TTD-ASN-01, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 20:17:32 GMT
x-openrtb-version
2.3
server
Kestrel
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
/
colossusssp.com/
2 B
248 B
XHR
General
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.111.123 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:33 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
ads
securepubads.g.doubleclick.net/gampad/
47 KB
11 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1113482156589776&correlator=2159333212404583&eid=31070873%2C31071149&output=ldjh&gdfp_req=1&vrg=2022120101&ptt=17&impl=fifs&us_privacy=1---&tfcd=0&iu_parts=18190176%3A22569774571%2CAdThrive_Content_1%2C6086f736fa0c1f0c8270ab14&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C320x50%7C336x280%7C300x50%7C320x100%7C468x60%7C250x250%7C1x1%7C300x300%7C552x334&fluid=height&ifi=6&adks=728848274&didk=472767859&sfv=1-0-40&fsbs=1&prev_scp=location%3DContent%26sequence%3D1%26id%3DAdThrive_Content_1_desktop%26ATF%3Dtrue%26lazy%3Dfalse%26refresh%3D00%26nref%3D0%26hvp%3D60%26inf_scroll%3D1%26amznbid%3D2%26amznp%3D2%26flag_slot%3Dfv%253A0%2Chbf%253A0&eri=5&cust_params=flag%3Dtarget%253Aes2018%252Cadsmnche%253A466%252Cpmp_elig%253A1%252Cclson%253Afalse%252CclsBranch%253A%252CclsBucket%253A%252Clmdv%253A1.13.0%252Cidp%253Ash%252Crf%253A0%26siteId%3D6086f736fa0c1f0c8270ab14%26organizationId%3D6233884d998a8b7088d720e4%26siteName%3DTesla%2520Software%2520Updates%26verticals%3DAuto%252CTech%26abgroup%3Dwvtls%253Aon%252Ctpcapi%253Aon%252Camzn_hold_load%253Aoff%252Cflr%253Arubi%252Cflrdt%253Anone%252Cclsins_ss%253Atrue%252Cebho%253Ayieldmo_ebda%252Cloglevel%253Aoff%252Cidho%253Aoff%252Clzhb%253Aon%252Clzcvp%253A2%252Clzbpvp%253A0.75%252Ctripleliftdr%253Aboth%252Cmagnitedr%253Aclient%252Cpbs2s_appnexus%253Aoff%252Cpbs2s_grid%253Aon%252Cpbs2s_gumgum%253Aoff%252Cpbs2s_openx%253Aoff%252Cadt%253A0%252Cito_ds%253A2800%252C3pho%253Anone%252Cvebho%253Amedianet_ebda%252Ccbt%253A0s%252Cvast_to%253A10s%252Cproto%253Aall%252Cpbm%253Aon%252CreqTo%253A10%252Cvadv%253Aon%252Csmhd100%253Aoff%252Csmad300%253Aon%252Cdcsll%253Aoff%252Cjwb%253Aon%252Cs2sbuff%253A300%252Ccoldr%253Aboth%252Crmos1%253Aoff%252Csocon%253A0%252Cdco%253Arelaxed%252Cmxrpog%253A5%252Cdajto%253Aoff%252Cvpred_1%253A90%252Ccrtvmon%253Aoff%252Cpba%253Anone%252Camzn_hold_disp%253Aoff%252Cbmetrics%253Aon%252Cconfiant%253Aprod%252Ccnfep%253Aon%252Crefvidflr%253A1%252Csocbe%253Asovpct2%252Clogcls%253Aoff%252Crebuildslot%253Aon%252Cupl%253Aoff%252Csekho%253Aoff%252Csospp%253Aon%252Crmosnv1%253Aoff%26bucket%3Dbeta1%253Aovrd%26sens%3Dalc%252Cast%252Ccbd%252Cconl%252Ccosm%252Cdat%252Cdlu%252Cdrg%252Cgamc%252Cgamv%252Cgrq%252Cpol%252Crel%252Csst%252Cssr%252Csrh%252Cske%252Ctob%252Cwtl%26domain%3Dmail.notateslaapp.com%26plugin%3Dadthrive-ads-1.0.43-manual%26hi_au%3Dod%252Com%26vpwxvph%3D1600x1200%26ri%3D38%26pvk%3D01GKMHC4ACP2NW24G3NES42JG8%26sess%3D01GKMHC4AC8WZPTG7R81MC0H70%26branch%3Db1d93de%26deployment%3Dade-454%253Apr2851%253Abeta1%253Ab1d93de%253Aexp%26hbho%3Dconversant%252Cnativo%26vbho%3Dtelaria%26gptv%3D2022120101%26connection%3Dniet%253A4g%252Cdl%253A9.9%26fpv%3D1%26mcmp%3Diabc_1%26site_code%3DAFOI_2020%252CCNST_2021%252CDDIG_21%252CDEOI_2021%252CDSVR_2021%252CEXHFCE_2021%252CFBSL_2022%252CGCREF%252CGLDM_2021%252CHRSHW_2022%252CMSFTA_2022%252CNSTLE_22%252CSF_RN_122019%252CTGNAF_21%252CTRGT_022020%252CTYTA_22%252CVITFM_21%26marmalade%3Dtrue&sc=1&cookie=ID%3D99fcdbc37be7c6a2%3AT%3D1670357851%3AS%3DALNI_MaUE578Ct6HrwkWKDEawnCUTvQ3QQ&gpic=UID%3D00000577a206ce35%3AT%3D1670357851%3ART%3D1670357851%3AS%3DALNI_MYCOU4igVufYm8XkPukE8gr9c91oA&abxe=1&dt=1670357853672&dlt=1670357846833&idt=1993&adxs=430&adys=1544&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fmail.notateslaapp.com%2F&frm=20&vis=1&psz=660x7075&msz=660x250&fws=0&ohw=0&psts=AMjMPc1mjJ2mvMkpawzY4PTaCwJKkPvjbHbPz3rZTKLnfAiLGNtVeFLrcnlhoqpdpwjKJW4PkDbft7NgKwaJbo-UczwWYS0U7aCbmQ%2CAMjMPc0ejTN65aBuLIOuiXOjG3gy6i82jUGYxYarG_YFVH4VNOmmACxGijThxBqFTT74alCKYjv9QnQAyAs4vAvdPV8-jT8WthuZtQ&ga_vid=355545597.1670357848&ga_sid=1670357851&ga_hid=1721253892&ga_fc=true&cbidsp=CpYFCAESEQoIdHJpcGxfc3MQiwkgAjgCEg0KBGdyaWQQiwkgAjgCEhMKCmJyaWdodHJvbGwQiwkgAjgCEhAKB3B1Ym1fc3MQiwkgAjgCEhAKB3lpZWxkbW8QiwkgAjgCEhEKCDMzYWNyb3NzEIsJIAI4AhIPCgZ1bnJ1bHkQiwkgAjgCEg8KBmNvbF9zcxCLCSACOAISDAoFdGVhZHMQ0gogAhIJCgJpeBDQCiACEgkKAml4ENAKIAISCQoCaXgQ0AogAhIJCgJpeBDQCiACEgkKAml4ENAKIAISCQoCaXgQ0AogAhIJCgJpeBDQCiACEgkKAml4ENAKIAISCQoCaXgQ0AogAhIJCgJpeBDQCiACEgkKAml4ENAKIAISCQoCaXgQ0AogAhIMCgVrYXJnbxDTCiACEgwKBmNyaXRlbxAAIAISEQoKdHJpcGxlbGlmdBDHCiACEgwKBW9wZW54EMkKIAISDgoHdmVyaXpvbhDJCiACEg8KCHB1Ym1hdGljEMkKIAISDgoHcnViaWNvbhC6CiACEg8KCHlhaG9vc3NwELkKIAISDwoIYXBwbmV4dXMQwwogAhIPCghhcHBuZXh1cxDDCiACEhMKDHNoYXJldGhyb3VnaBDNCyACEhMKDHNoYXJldGhyb3VnaBDNCyACEhMKDHNoYXJldGhyb3VnaBDNCyACEhMKDHNoYXJldGhyb3VnaBDNCyACEgoKA3R0ZBDMCyACEg8KCGNvbG9zc3VzEMoLIAISDQoHcm91bmRlbBABIAISDQoHcm91bmRlbBABIAISDQoHcm91bmRlbBABIAIYAiIkZDM4NmYyNWItOTNjMS00NDVkLTg4MTYtZjM3NWEyNWFhMmFhKgQIAyAASgBAxBM.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
35e29252dafb90e3154c19f560ddc1727f0f85b518cf864138e140fb42a155b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11517
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012211060024000/ Frame 4001
221 KB
60 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202210130953/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 01 Dec 2022 20:39:09 GMT
age
430705
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61592
x-xss-protection
0
server
sffe
etag
"a2fca7132416d151"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 01 Dec 2023 20:39:09 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 4001
14 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202210130953/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 01 Dec 2022 20:39:09 GMT
age
430705
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5218
x-xss-protection
0
server
sffe
etag
"abd4378f71571d78"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 01 Dec 2023 20:39:09 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 4001
94 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202210130953/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 01 Dec 2022 20:39:09 GMT
age
430705
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28809
x-xss-protection
0
server
sffe
etag
"dd6615029de85e23"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 01 Dec 2023 20:39:09 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 4001
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202210130953/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 01 Dec 2022 20:39:09 GMT
age
430705
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
etag
"403438c4d550ee88"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 01 Dec 2023 20:39:09 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 4001
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202210130953/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 01 Dec 2022 20:39:09 GMT
age
430705
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12946
x-xss-protection
0
server
sffe
etag
"0bacd3f1ce38a7db"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 01 Dec 2023 20:39:09 GMT
css
fonts.googleapis.com/ Frame 4001
8 KB
895 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202210130953/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 06 Dec 2022 20:17:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 06 Dec 2022 20:13:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Dec 2022 20:17:33 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4001
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202210130953/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 20:39:09 GMT
x-content-type-options
nosniff
server
cafe
age
85104
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 06 Dec 2022 20:39:09 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4001
295 B
319 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202210130953/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 20:39:09 GMT
x-content-type-options
nosniff
server
cafe
age
85104
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 06 Dec 2022 20:39:09 GMT
l
www.google.com/ads/measurement/ Frame 4001
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaREiHgJR_40iGQ0-gbtAp-N9KmkM7YoiSkbCKtvZInEZn4WTrvIqu89TqblOwaGxfn24lq_DyT6vdKrVoVBHzZhrfVXGQ
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

adview
securepubads.g.doubleclick.net/pagead/ Frame 4001
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CeCvxXKOPY_XaGMDao9kPiIGEsAmdlY--bYvJ-bbjEOajtvmfGhABIKivqhVgyYaAgNyjxBCgAY7qmZEByAEB4AIAqAMByAMKqgT_AU_QHjmqHkI6k8NhRTGUQHNKLKExu3WcFS1XzX-Y1vEOvmDdghaNwjjmDrpXJ5yJDMNMAn4SZ5aMRKG8TxVXHUXQU1OgZ6RQuhIl9c8BUa_53nOGHMf-VlkmSp23HzZnRs33IhjeuXHGFNoaS7aeiIH7iCuMzBSdxRszuMpeGHEKEzmbXtQPelWwuVoksEO6cdcQrYBOUmE03xgPvPMwo9jQIOizRbiNbNL66xvlLSVbujlnEhnuOxIWZM70-jEs6gLv50A9x5oI5QY9Cadsz0H_hG32Kh3ahEZQIRBn7xjhp1XoImcvkS7wt3Hr2tBlokAUqdWvDpAlzW7rXaYqi8AE_PzAq50E4AQBgAfalebuAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEL7jD9IIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tNDQ1MjQ4MzE5OTMwOTk1MIAKA8gLAdgTA9AVAZgWAYAXAbIXHgocCAASFHB1Yi04NTAxNjc0NDMwOTA5MDgyGMDgEA&sigh=aU8NdNgZN-Q&uach_m=[UACH]&cid=CAQSPADq26N9_RGkHfqEiVw2hkledM0Le23qWUnyqmi_zVirmDBQz2NbqDPh8b2ZgLg1JJdVcQPM_4vTs0-sVRgBIBM
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

truncated
/ Frame 4001
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb1d5fc3b8af87301d2ba5085dd4d700adaa30e8d32f5e5026d0150d773e2426

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/png
usersync
usersync.gumgum.com/ Frame 5B21
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=630481314781216515
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=630481314781216515
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:35 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:34 GMT
AN-X-Request-Uuid
c618b410-4081-45f0-908f-dbf7e563acf2
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://usersync.gumgum.com/usersync?b=apn&i=630481314781216515
Connection
keep-alive
X-Proxy-Origin
38.132.118.73; 38.132.118.73; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 5B21
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_db53a96b-9455-4d40-85d9-23765280425c&gdpr=&gdpr_consent=&us_privacy=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=67cb9b99-3a57-4146-9a8a-a2de4dfc0a31&ssp=gumgum2
  • https://usersync.gumgum.com/usersync?b=bsw&i=b1d435b5-77d4-4214-8692-93c49c8f540c
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=b1d435b5-77d4-4214-8692-93c49c8f540c
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:37 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=b1d435b5-77d4-4214-8692-93c49c8f540c
Date
Tue, 06 Dec 2022 20:17:36 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame 5B21
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-824a6a55-1bc0-46ba-7fd6-a2b1740cbd21$ip$38.132.118.73
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-824a6a55-1bc0-46ba-7fd6-a2b1740cbd21$ip$38.132.118.73
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:35 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-824a6a55-1bc0-46ba-7fd6-a2b1740cbd21$ip$38.132.118.73
Date
Tue, 06 Dec 2022 20:17:34 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 5B21
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_db53a96b-9455-4d40-85d9-23765280425c&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=MHbgFxllIZAxE2VBBjzy&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVGUQYTHIZ4GY3CJLJAXQRJSKZBEE2T2PE
  • https://usersync.gumgum.com/usersync?b=zem&i=MHbgFxllIZAxE2VBBjzy
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=MHbgFxllIZAxE2VBBjzy
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:36 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:36 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=MHbgFxllIZAxE2VBBjzy
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
92
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 5B21
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1670357855490
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7282882960
  • https://sync.1rx.io/usersync/tradedesk/20b9b72d-4be5-428b-b562-110fee7c8206
  • https://sync.targeting.unrulymedia.com/csync/RX-a2d0274a-909f-4f09-a395-d674db312b81-005?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-a2d0274a-909f-4f09-a395-d674db312b81-005
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-a2d0274a-909f-4f09-a395-d674db312b81-005
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=rhy&i=RX-a2d0274a-909f-4f09-a395-d674db312b81-005
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:37 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Date
Tue, 06 Dec 2022 20:17:37 GMT
Server
Tengine
ETag
RXa2d0274a909f4f09a395d674db312b81005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://usersync.gumgum.com/usersync?b=rhy&i=RX-a2d0274a-909f-4f09-a395-d674db312b81-005
Content-Type
text/html
Connection
keep-alive
usersync
usersync.gumgum.com/ Frame 5B21
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=acZWaNvTdeQY&ev=1&pid=558355
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=acZWaNvTdeQY&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:35 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://usersync.gumgum.com/usersync?b=pln&i=acZWaNvTdeQY&ev=1&pid=558355
content-language
en-US
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-846b69b469-65rl5
expires
-1
cookie-sync
sync.outbrain.com/ Frame 5B21
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28K-SDXojajB2-snY3c5BXNXeVquph3jfgBLSLiArJztDZTJaBVqSUHcRmRnOIX6bt%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_db53a96b-9455-4d40-85d9-23765280425c&obuid=ENC(K-SDXojajB2-snY3c5BXNXeVquph3jfgBLSLiArJztDZTJaBVqSUHcRmRnOIX6bt)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=icco6m5&ttd_tpi=1$CMP
  • https://sync.outbrain.com/cookie-sync?p=ttd&uid=20b9b72d-4be5-428b-b562-110fee7c8206&gdpr=0&gdpr_consent=
0
145 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=ttd&uid=20b9b72d-4be5-428b-b562-110fee7c8206&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
64.202.112.63 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 20:17:37 GMT
Cache-Control
no-cache
X-TraceId
9988037aee485add541f174386572efe
Content-Length
0

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:37 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.outbrain.com/cookie-sync?p=ttd&uid=20b9b72d-4be5-428b-b562-110fee7c8206&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
241
usersync
usersync.gumgum.com/ Frame 5B21
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=bdfaa4cd-4e50-41d2-8850-2d0c32653fac
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=bdfaa4cd-4e50-41d2-8850-2d0c32653fac
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:35 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Tue, 06 Dec 2022 20:17:34 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=bdfaa4cd-4e50-41d2-8850-2d0c32653fac
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 5B21
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-BpyCvmRE2pfBRHSGZZtdsDdDwQVH4yr08C5E~A
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-BpyCvmRE2pfBRHSGZZtdsDdDwQVH4yr08C5E~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:35 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Tue, 06 Dec 2022 20:17:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-BpyCvmRE2pfBRHSGZZtdsDdDwQVH4yr08C5E~A
content-length
0
usersync
usersync.gumgum.com/ Frame 5B21
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=b3e62e8c-aadf-47bc-b1b5-84d2640b9384
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=b3e62e8c-aadf-47bc-b1b5-84d2640b9384
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:35 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=b3e62e8c-aadf-47bc-b1b5-84d2640b9384
Date
Tue, 06 Dec 2022 20:17:35 GMT
Connection
keep-alive
X-CI-RTID
55d6a490-cb91-4b62-b6c9-70a3c08cec07
Content-Length
108
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 5B21
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://usersync.gumgum.com/usersync?b=snc&i=D7B9D9F680BC46E187FAFC0A2559F152
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=snc&i=D7B9D9F680BC46E187FAFC0A2559F152
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:35 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Tue, 06 Dec 2022 20:17:35 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
64308353
location
https://usersync.gumgum.com/usersync?b=snc&i=D7B9D9F680BC46E187FAFC0A2559F152
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
content-length
0
142
match.deepintent.com/usersync/ Frame 5B21
0
222 B
Image
General
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 06 Dec 2022 20:17:34 GMT
server
c
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame 5B21
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=106821f5-3053-473b-bce8-72435f5b3091
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=106821f5-3053-473b-bce8-72435f5b3091
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:37 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=106821f5-3053-473b-bce8-72435f5b3091
access-control-allow-origin
*
date
Tue, 06 Dec 2022 20:17:36 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 5B21
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=761917122711880150
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=761917122711880150
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:37 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=761917122711880150
date
Tue, 06 Dec 2022 20:17:36 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 5B21
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=u_db53a96b-9455-4d40-85d9-23765280425c
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:35 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SCE8SDFHPEDGAA00FNZF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame C6C7
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=2713539e-0a1b-4190-9dfd-efdcecb5be29
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:34 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
46TEA2XXWKTAMXA4MG93
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame C6C7
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=7ead435e-a2cd-4cbf-8876-adb66822613f&ph=c6b01e12-aa62-4ae6-9e10-71346e597c31&r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DF2...
  • https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=84a4f580-d401-4469-aa80-1babf0fe9c82
68 B
279 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=84a4f580-d401-4469-aa80-1babf0fe9c82
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
3.92.113.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-113-255.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:35 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

date
Tue, 06 Dec 2022 20:17:34 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=84a4f580-d401-4469-aa80-1babf0fe9c82
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
v1
match.sharethrough.com/sync/ Frame C6C7
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=20b9b72d-4be5-428b-b562-110fee7c8206&gdpr=0&gdpr_consent=
68 B
279 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=20b9b72d-4be5-428b-b562-110fee7c8206&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
3.92.113.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-113-255.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:35 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:35 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=20b9b72d-4be5-428b-b562-110fee7c8206&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
v1
match.sharethrough.com/sync/ Frame C6C7
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
  • https://ssc-cms.33across.com/ps/?ri=0013300001kQj2HAAS&ru=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DkzFyzzqXEqukMDumpVLB6Eq3%26source_user_id%3D33XUSERID33X
  • https://match.sharethrough.com/sync/v1?source_id=kzFyzzqXEqukMDumpVLB6Eq3&source_user_id=212050011722259
68 B
279 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=kzFyzzqXEqukMDumpVLB6Eq3&source_user_id=212050011722259
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
3.92.113.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-113-255.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:35 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:34 GMT
referrer-policy
unsafe-url
server
33XP013
x-33x-status
100000000008200000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://match.sharethrough.com/sync/v1?source_id=kzFyzzqXEqukMDumpVLB6Eq3&source_user_id=212050011722259
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
v1
match.sharethrough.com/sync/ Frame C6C7
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
  • https://b1sync.zemanta.com/usersync/sharethrough?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=MHbgFxllIZAxE2VBBjzy&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS63LBORRWQLTTNBQXEZLUNBZG65LHNAXGG33NF5ZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS63LBORRWQLTTNBQXEZLUNBZG65LHNAXGG33NF5ZXS3TDF53DCP3FPBRWQYLOM5ST243IMFZGK5DIOJXXKZ3IEZTWI4DSHUYCM43POVZGGZK7NFSD2YJXHEZTKMZQGU4DC...
  • https://match.sharethrough.com/sync/v1?gdpr=0&source_id=a7935305814f8c5e2a34ba54&source_user_id=MHbgFxllIZAxE2VBBjzy
68 B
279 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?gdpr=0&source_id=a7935305814f8c5e2a34ba54&source_user_id=MHbgFxllIZAxE2VBBjzy
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
3.92.113.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-113-255.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:36 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:36 GMT
Content-Type
text/html; charset=utf-8
Location
https://match.sharethrough.com/sync/v1?gdpr=0&source_id=a7935305814f8c5e2a34ba54&source_user_id=MHbgFxllIZAxE2VBBjzy
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
147
Expires
Thu, 01 Dec 1994 16:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A669
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuh6qgrusMSZ5gLTpXGVfaLbRRpt0_dJDDB1aOVDI7b1jK67nv7e5COjNIyECNcSYwBa1hT00WjmnH_JkOG7apKnVr__alrly12olbMi84OtoLzWVxMCXmddCEDM9PIaBEC63uHOLKSIx0YQVDRI9oHVOsS_w1c0-KTEwhxnstlOeKzsQPj4Xak5vzKVfLQ0XkBMS882EDTxefMe073rszJZZD0zfGc-ooqKv6MVKYErJfcMYoG4DPiByssQKBurnkge7U8dnwqbVoKYo-hU4bKaIqDtkm-NCat5wMbxsxxSsqWUPFdooUkAl-EhiQSX4b4E4QrURyjTYiCtWTAFfleau_MUj1i80YfRXC347AgcC65Ew&sai=AMfl-YTbfjDmhr2Qg1mwTz3REc7NXuBfmOIppPx0zqA7-_o68GiqJ_jX36WFxIttGpzCH3b7LbIk4oOSxiZOWFsIvqZkHRNPSiVHCC6qQEIeS-ZOcawNpAXIP82TiQ466J-U1w4sErwukejCUL3nUe2TqdU&sig=Cg0ArKJSzPJFTlD_H1yeEAE&uach_m=[UACH]&adurl=
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
15842465133016810807
tpc.googlesyndication.com/simgad/ Frame A669
43 B
69 B
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/15842465133016810807
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 07:53:21 GMT
x-content-type-options
nosniff
age
563053
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
last-modified
Wed, 30 May 2018 18:01:52 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 30 Nov 2023 07:53:21 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame A669
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/window_focus_fy2021.js
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 00:36:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
70885
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Dec 2022 00:36:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A669
153 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47692
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670243872199174"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Dec 2022 20:17:34 GMT
truncated
/ Frame A669
210 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8194abbf5e7474a91716c57fa1249c78ca5c7abf9563c2a5ed476ba1b6465dba

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/png
crum
dsum-sec.casalemedia.com/ Frame B444
43 B
765 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=316bc75a-6356-4d28-90e2-26d46825b1d2&expiration=1678133853
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:34 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0
usersync
usersync.gumgum.com/ Frame 3C7C
Redirect Chain
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
  • https://usersync.gumgum.com/usersync?b=inm&i=ID5-8ecbq4TvVHhIvZpG6uftSXWbGT0sPgb2CB3elwpomA
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=inm&i=ID5-8ecbq4TvVHhIvZpG6uftSXWbGT0sPgb2CB3elwpomA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 06 Dec 2022 20:17:35 GMT
Expires
0
Pragma
no-cache

Redirect headers

date
Tue, 06 Dec 2022 20:17:34 GMT
location
https://usersync.gumgum.com/usersync?b=inm&i=ID5-8ecbq4TvVHhIvZpG6uftSXWbGT0sPgb2CB3elwpomA
p3p
CP="CAO PSA OUR"
strict-transport-security
max-age=63072000; includeSubDomains; preload
transfer-encoding
chunked
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1FDF
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.221.203.12 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-203-12.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157724
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 06 Dec 2022 20:17:34 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 08 Dec 2022 16:06:18 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame E8E9
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=20b9b72d-4be5-428b-b562-110fee7c8206
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=20b9b72d-4be5-428b-b562-110fee7c8206
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 06 Dec 2022 20:17:35 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Tue, 06 Dec 2022 20:17:34 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=20b9b72d-4be5-428b-b562-110fee7c8206
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame CFC5
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=d460638f-a35f-4400-9851-98d66543df75&gdpr=&gdpr_consent=
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=d460638f-a35f-4400-9851-98d66543df75&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 06 Dec 2022 20:17:35 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Tue, 06 Dec 2022 20:17:35 GMT
Expires
Tue, 06 Dec 2022 20:17:34 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 180 1fd3e2d master ord-pixel-x58 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=d460638f-a35f-4400-9851-98d66543df75&gdpr=&gdpr_consent=
usersync
usersync.gumgum.com/ Frame 53A9
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=atm&i=Y4_jXQAB-6N2IwAo&gdpr=&gdpr_consent=
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=Y4_jXQAB-6N2IwAo&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 06 Dec 2022 20:17:35 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Tue, 06 Dec 2022 20:17:34 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=Y4_jXQAB-6N2IwAo&gdpr=&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-mia11360-MIA
x-timer
S1670357854.384488,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 725F
170 B
188 B
Document
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV9kYjUzYTk2Yi05NDU1LTRkNDAtODVkOS0yMzc2NTI4MDQyNWM=&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 20:17:34 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
usersync
usersync.gumgum.com/ Frame 7643
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY2...
  • https://cs.emxdgt.com/umcheck?apnxid=630481314781216515&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWF...
  • https://usersync.gumgum.com/usersync?b=emx&i=630481314781216515brt53491670357855485780b3
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=emx&i=630481314781216515brt53491670357855485780b3
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 06 Dec 2022 20:17:36 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
0
content-type
text/html
date
Tue, 06 Dec 2022 20:17:35 GMT
location
https://usersync.gumgum.com/usersync?b=emx&i=630481314781216515brt53491670357855485780b3
usersync
usersync.gumgum.com/ Frame F5FF
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Y4.jX8Co5sIAAG38AX8AAAAA
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=Y4.jX8Co5sIAAG38AX8AAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 06 Dec 2022 20:17:35 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Tue, 06 Dec 2022 20:17:35 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=Y4.jX8Co5sIAAG38AX8AAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
4
X-SO-Cluster-ID
0
X-SO-HostName
m-ad130.dc4p.scaleout.jp
X-SO-IP
38.132.118.73
X-SO-Key
Y4.jX8Co5sIAAG38AX8AAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"38.132.118.73","key":"Y4.jX8Co5sIAAG38AX8AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad130"}
X-SO-LB-Hostname
a-tgng40004.dc2p.scaleout.jp
X-SO-Upstream-ID
m-ad130
usersync
usersync.gumgum.com/ Frame E424
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=Y4.jW4WwZUQrKydWgaf8DQAA%26405
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=Y4.jW4WwZUQrKydWgaf8DQAA%26405
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 06 Dec 2022 20:17:35 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7757b4ada96567c9-MIA
content-length
0
date
Tue, 06 Dec 2022 20:17:34 GMT
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=Y4.jW4WwZUQrKydWgaf8DQAA%26405
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mw%2BvOPqChIiW%2FuzPExH5XnnZt9%2Bpiu13mvoi26OpXq0e3o2E80XL2ck9t9Vd3vGkF%2Fn0qenLQ0L7rKjk0qLQAYHTOK4i4QyZpMmbMs1jASQ8gObsnqLGFCuMaR7iTN6TqzjPANg16PcgrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 043A
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=SLlbXMgQTt2RTMWCN2sl&pi=gumgum&tc=1
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=SLlbXMgQTt2RTMWCN2sl&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 06 Dec 2022 20:17:37 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Tue, 06 Dec 2022 20:17:36 GMT Tue, 06 Dec 2022 20:17:36 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=SLlbXMgQTt2RTMWCN2sl&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame B8EB
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.3.115.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-115-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 06 Dec 2022 20:17:35 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 06 Dec 2022 20:17:35 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 4001
28 KB
28 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mail.notateslaapp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 10:24:40 GMT
x-content-type-options
nosniff
age
381174
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Dec 2023 10:24:40 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame ED5C
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNC4dVQ_6GinUPBUaJHuvHqXcH0mne_WqhMkvmPSPhxD3lPNc9lSyg7M5sqbTJpNLwZbPizm6-_r5N12nvzbWIAk1xmWRhw9tlA4K-s88WCIzGN8JzthGiydbeTi-uLVRjuCdHfSOLS09Ft4zEkgO9gK6E7ACxYWmzJZwAmr8gCC1YzYWj6Xfw94onS_1VgOYgdYMV9LpId6Zp1nZg-0gOTg4QZzRMRlRJEsY9Zp6feSgkLE5gs13B4dcKUI_oH8S8zdxpDw6bx9zrj0LCyaRosnMhtgWmyHV5xek6tQZ3ROFq5JzZgEZSpDZU4RDSNE14wQ-aQm3JFh-YZ1hzuNQa73P9YywS8kSeTxHiCeU0YIwg0gk&sai=AMfl-YTFYdR8zUoaJPa31GJmI7tXkdFhbEamyJf6dywVqwvNCziQN6emcdYLX3YUY_ExXz_NG8lleK_kjvYTe26W3-9fnqbE18nYtQteOoyrmvQ5rpJnurPjuHnIwnL9dlRQ2u7FhHVsLNlIqs_2Zn8V1EU&sig=Cg0ArKJSzLLgYRWaINbWEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 06 Dec 2022 20:17:34 GMT
tag
pandg.tapad.com/ Frame EF60
370 B
930 B
Document
General
Full URL
https://pandg.tapad.com/tag?referrer_url=&page_url=https%3A%2F%2Fmail.notateslaapp.com%2F&owner=P%26G&bp_id=cafemedia&initiator=js
Requested by
Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.243.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.243.102.34.bc.googleusercontent.com
Software
/
Resource Hash
415e9c01447088181ce86f7c294179c92cf8abba5a26723f7aec64e7f9a1b439
Security Headers
Name Value
Content-Security-Policy default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org https://sync.mathtag.com
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://mail.notateslaapp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
access-control-max-age
300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store
content-security-policy
default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org https://sync.mathtag.com
content-type
text/html;charset=utf-8
date
Tue, 06 Dec 2022 20:17:35 GMT
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
strict-transport-security
max-age=31536000
via
1.1 google
/
geo.privacymanager.io/
30 B
595 B
Fetch
General
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.151.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-151-21.iad66.r.cloudfront.net
Software
/
Resource Hash
b94047a885ec91143818ebb76251e206a303a492429f67defc1c2e46c10c41c9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 07:47:16 GMT
via
1.1 b3169f8fae0104e39a0a9728b6537e08.cloudfront.net (CloudFront), 1.1 6bcd5dba28bbc19dcd3f4c10e978e8ee.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P4, IAD66-C2
age
45019
x-amzn-requestid
8a542138-c38f-4994-872e-34dccaea89e9
x-amzn-trace-id
Root=1-638ef384-6b9b402a3e11cab369a9dbf2;Sampled=0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
ctr8rH35joEF_Ag=
content-length
30
x-amz-cf-id
4SBtsZfaxLrj1WbDvGwGPcHIjLHlalhDwJ9kducj0KzJ9II6UEsCaw==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.notateslaapp.com%2F&domain=mail.notateslaapp.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=oozYtHxDOEJkbmFDVjA5cWlTaXZ1RXU1ZG53SWF1OTNmbzJJRENxNmY1K0VzSUdmcGYxMDRobThvRFgyRk5BSnV6Z3BUWllKNTExRHpmRmt4RXhJVmZwRGRGdS9nbDZtdmVhQzdRRTlHT3FQV0lsVit4WlNjOG1Za2wval...
356 B
643 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=oozYtHxDOEJkbmFDVjA5cWlTaXZ1RXU1ZG53SWF1OTNmbzJJRENxNmY1K0VzSUdmcGYxMDRobThvRFgyRk5BSnV6Z3BUWllKNTExRHpmRmt4RXhJVmZwRGRGdS9nbDZtdmVhQzdRRTlHT3FQV0lsVit4WlNjOG1Za2wvalZNSUo2WlpqL21JVnUvOWRiRXJJNG1zWXhzWHFTbGpSYWQ3WFU4WGNZN0NidjE0amljQVhtUXFsaWxoNGp6R0lQNjVZR3N1WEdVb1M3bUk5bWkxZVdVRmYzR2poOW1JS3UxOUg5TWtkWFBwOHFDUWc4VlgwS25PVHNMOHB4clNuMDUzWGZlaEZPfA&cppv=2
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
7a1d708a763a13c02895ace61129b114acc93f5602c36557f9b41b1129200212
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:36 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1224182
expires
0

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:35 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=oozYtHxDOEJkbmFDVjA5cWlTaXZ1RXU1ZG53SWF1OTNmbzJJRENxNmY1K0VzSUdmcGYxMDRobThvRFgyRk5BSnV6Z3BUWllKNTExRHpmRmt4RXhJVmZwRGRGdS9nbDZtdmVhQzdRRTlHT3FQV0lsVit4WlNjOG1Za2wvalZNSUo2WlpqL21JVnUvOWRiRXJJNG1zWXhzWHFTbGpSYWQ3WFU4WGNZN0NidjE0amljQVhtUXFsaWxoNGp6R0lQNjVZR3N1WEdVb1M3bUk5bWkxZVdVRmYzR2poOW1JS3UxOUg5TWtkWFBwOHFDUWc4VlgwS25PVHNMOHB4clNuMDUzWGZlaEZPfA&cppv=2
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
490646
content-length
0
expires
0
prebid
id5-sync.com/api/config/
135 B
550 B
XHR
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
1997452496d7eea9fc1ca0c935788f469dfb4a99d494b17af0f0d88792ec3a27
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mail.notateslaapp.com
date
Tue, 06 Dec 2022 20:17:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
rid
match.adsrvr.org/track/
108 B
688 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=iowij76&fmt=json
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
0ffa54315d2b04ea0d18c835aadaa9bdc8721782c4e62c6c33ab3221745612e8

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 20:17:34 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Thu, 05 Jan 2023 20:17:34 GMT
f
fid.agkn.com/
130 B
668 B
XHR
General
Full URL
https://fid.agkn.com/f?apiKey=2215608639&r=https%3A%2F%2Fmail.notateslaapp.com%2F&r=https%3A%2F%2Fwww.notateslaapp.com%2F
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.33.139.122 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-139-122.us-west-2.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
4ec55cf8e82a0128ed039b4ec981c7e962dac55cd41e1728d844d406fcb7bb38

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:35 GMT
server
AAWebServer
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
application/javascript;charset=iso-8859-1
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
130
expires
0
envelope
api.rlcdn.com/api/identity/
0
282 B
XHR
General
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=111
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 20:17:35 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
event
prebid-a.rubiconproject.com/
0
125 B
XHR
General
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.241.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-241-248.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 06 Dec 2022 20:17:35 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012211060024000/ Frame CD34
221 KB
60 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202210130953/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 01 Dec 2022 20:39:09 GMT
age
430706
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61592
x-xss-protection
0
server
sffe
etag
"a2fca7132416d151"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 01 Dec 2023 20:39:09 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame CD34
14 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202210130953/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 01 Dec 2022 20:39:09 GMT
age
430706
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5218
x-xss-protection
0
server
sffe
etag
"abd4378f71571d78"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 01 Dec 2023 20:39:09 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame CD34
94 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202210130953/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 01 Dec 2022 20:39:09 GMT
age
430706
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28809
x-xss-protection
0
server
sffe
etag
"dd6615029de85e23"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 01 Dec 2023 20:39:09 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame CD34
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202210130953/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 01 Dec 2022 20:39:09 GMT
age
430706
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
etag
"403438c4d550ee88"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 01 Dec 2023 20:39:09 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame CD34
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202210130953/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 01 Dec 2022 20:39:09 GMT
age
430706
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12946
x-xss-protection
0
server
sffe
etag
"0bacd3f1ce38a7db"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 01 Dec 2023 20:39:09 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CD34
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202210130953/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 20:39:09 GMT
x-content-type-options
nosniff
server
cafe
age
85106
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 06 Dec 2022 20:39:09 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CD34
295 B
319 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202210130953/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 20:39:09 GMT
x-content-type-options
nosniff
server
cafe
age
85106
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 06 Dec 2022 20:39:09 GMT
truncated
/ Frame CD34
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9979221eec47d0b70c673f5275778141179378f9dc54c317b74d4a32a042638d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/png
14828492229214819266
tpc.googlesyndication.com/simgad/ Frame CD34
46 KB
46 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/14828492229214819266?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qntK6diN12SXYqD1N1Z_zlXziQvPw
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90398d274e093821b066f9bc367d1ddb8e2fa9d18d7660c10cc3704c4d9f519f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 06:21:00 GMT
x-content-type-options
nosniff
age
395795
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46612
x-xss-protection
0
last-modified
Wed, 17 Nov 2021 09:20:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 02 Dec 2023 06:21:00 GMT
l
www.google.com/ads/measurement/ Frame CD34
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSjgmaTr7t-fRHJVB2r6CwEj9tlcso4iOPNOiZSCVOsTM-N7LPs-qnKXllErEGqrLa9URWWkuc4IhnhviqjRKBx_K1x4w
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

adview
securepubads.g.doubleclick.net/pagead/ Frame CD34
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CcNZoXaOPY-L2MeCoqMwPobeMkA_W8uLGbfT5tdiPEdrZHhABIKivqhVgyYaAgNyjxBCgAZyv-6gCyAEC4AIAqAMByAMIqgSBAk_QnnKHS2mI-_SIlIODEVCQ38oYDa33EJ1qLEGRVkDFtUdIDqiXFXGO_e9cc9eCdM52lpOAR_IhC2d2QgHvrMd8x3OnZrXJ-hXtTnE6iUnTKd-3z-hYu77ri3uZVzLtP6vIJmXz09218ns1teESNqqjJQJYGa0P7DtHiVhWjFBp0Tevx1LqUZ10hs0IzRTiuVV3VB7sHTNBNmwBRuRyfp1t9o_lFSH8fvXgFYsCmMDr0FNSNr-HZkNbA0vzmbpKFbuYSDVmGMUAgF1ChHACj4xAVhl8ZIZDFxuSp25HhPDrXEleG9LYHCxKVmmcHTiQ4R8_p5JQK_NT6JpPsgFKp8T4wASX0-DgnwTgBAGSBQQIBBgBkgUECAUYBKAGAoAHzNCE1wGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCrkUHSCA8IgGEQARgdMgKKAjoCgEDyCBthZHgtc3Vic3luLTQ0NTI0ODMxOTkzMDk5NTCACgPICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItODUwMTY3NDQzMDkwOTA4MhjA4BA&sigh=Rs9VaFSjPPg&uach_m=[UACH]&cid=CAQSPADq26N9Xvvgcg4ISVjrbLkB2UF3NcOW6OPAiP3VuRE_nk6l1A3YzjWNpbFd89NgoWOXUPtZi0ux9aO0_BgBIBM
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

auction
prebid-server.rubiconproject.com/openrtb2/
278 B
470 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.89.34.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-89-34-248.compute-1.amazonaws.com
Software
/
Resource Hash
91e96c9a4a33660bc34f7720d20255c237192f1d299e873cd17619e15001a98b

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:35 GMT
content-encoding
gzip
x-prebid
pbs-java/1.105.0
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
232
expires
0
bid-request
a.teads.tv/hb/
16 B
393 B
XHR
General
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.200.33 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-33.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:35 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Tue, 06 Dec 2022 20:17:35 GMT
pbjs
htlb.casalemedia.com/openrtb/
38 B
513 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=185763&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22386b017f4d309b75%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.notateslaapp.com%2F%3F%23PD%3Adesktop%23HVP%3A0%23Source%3Adirect%23Browser%3AChrome%23Topic%3AAuto%23Topic%3ATech%23MCMP%3Aiabc_1%23Sens%3Aalc%23Sens%3Aast%23Sens%3Acbd%23Sens%3Aconl%23Sens%3Acosm%23Sens%3Adat%23Sens%3Adlu%23Sens%3Adrg%23Sens%3Agamc%23Sens%3Agamv%23Sens%3Agrq%23Sens%3Apol%23Sens%3Arel%23Sens%3Asst%23Sens%3Assr%23Sens%3Asrh%23Sens%3Aske%23Sens%3Atob%23Sens%3Awtl%23vp%3A0%23AFOI_2020%3ATrue%23CNST_2021%3ATrue%23DDIG_21%3ATrue%23DEOI_2021%3ATrue%23DSVR_2021%3ATrue%23EXHFCE_2021%3ATrue%23FBSL_2022%3ATrue%23GCREF%3ATrue%23GLDM_2021%3ATrue%23HRSHW_2022%3ATrue%23MSFTA_2022%3ATrue%23NSTLE_22%3ATrue%23SF_RN_122019%3ATrue%23TGNAF_21%3ATrue%23TRGT_022020%3ATrue%23TYTA_22%3ATrue%23VITFM_21%3ATrue%22%2C%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22cafemedia.com%22%2C%22segment%22%3A%5B%7B%22id%22%3A%221%22%7D%5D%2C%22ext%22%3A%7B%22segtax%22%3A6%7D%7D%5D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A6%2C%22msi%22%3A6%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.18.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fmail.notateslaapp.com%2F%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A1%2C%22dms%22%3Atrue%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22%2F18190176%2FAdThrive_Content_3%2F6086f736fa0c1f0c8270ab14%22%2C%22adunitcode%22%3A%22AdThrive_Content_3_desktop%22%2C%22divId%22%3A%22AdThrive_Content_3_desktop%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2238732bf0cd0b48ba%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22185763%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22185763%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22185763%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22185763%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22185763%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A468%2C%22h%22%3A60%2C%22ext%22%3A%7B%22siteID%22%3A%22185763%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22185763%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A1%2C%22h%22%3A1%2C%22ext%22%3A%7B%22siteID%22%3A%22185763%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A300%2C%22ext%22%3A%7B%22siteID%22%3A%22185763%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A552%2C%22h%22%3A334%2C%22ext%22%3A%7B%22siteID%22%3A%22185763%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F18190176%2FAdThrive_Content_3%2F6086f736fa0c1f0c8270ab14%22%2C%22gpid%22%3A%22%2F18190176%2FAdThrive_Content_3%2F6086f736fa0c1f0c8270ab14%22%2C%22tid%22%3A%226143e7dd-ccfc-4110-802c-833ec11e605a%22%2C%22sid%22%3A%225_4%22%7D%2C%22bidfloor%22%3A0.3847%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22cafemedia.com%22%2C%22sid%22%3A%226086f736fa0c1f0c8270ab14%22%2C%22hp%22%3A1%2C%22rid%22%3A%222d97a44f-9e26-4279-8595-c11298856b4e%22%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%7D%5D%7D%5D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
566c4e04c98a4dda7a170a1212ea1bed5efa8b778181f0733798fcf12b62380c

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ok8I0djtnHZwicUk0VmV57URrQjH1nJ5SqQF71%2FeSStejq7vRbF6725xGYWwwh%2BS1jNyOJ05%2FCVhcFkBE4CNZXLJvK%2BkqbjNUbLDeeJwhE7r4u0nVqMgMu0%2BKcdMS%2BqTw4txLyWW"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7757b4b32971b3bf-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38
expires
0
bid
krk.kargo.com/api/v2/
2 B
656 B
XHR
General
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%2264aa31a5-eca6-4058-bd8c-7b39543aa4ad%22%2C%22requestCount%22%3A6%2C%22timeout%22%3A2800%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1670357855146%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%22392211d099c09f83%22%3A%22_mfu14jCkaN%22%7D%2C%22bidSizes%22%3A%7B%22392211d099c09f83%22%3A%5B%5B300%2C250%5D%2C%5B320%2C50%5D%2C%5B336%2C280%5D%2C%5B300%2C50%5D%2C%5B320%2C100%5D%2C%5B468%2C60%5D%2C%5B250%2C250%5D%2C%5B1%2C1%5D%2C%5B300%2C300%5D%2C%5B552%2C334%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_mfu14jCkaN%22%7D%2C%22auctionId%22%3A%2209a8d80d-3cf6-4298-adca-e625abc50d67%22%2C%22floorData%22%3A%7B%22skipped%22%3Afalse%2C%22skipRate%22%3A10%2C%22modelVersion%22%3A%22cw-cafemedia%402022-12-05-20%22%2C%22modelWeight%22%3A70%2C%22modelTimestamp%22%3A1670270400%2C%22location%22%3A%22setConfig%22%2C%22floorProvider%22%3A%22rubicon%22%7D%2C%22userId%22%3A%7B%22pubcid%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%7D%2C%22userIdAsEids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%2C%22atype%22%3A1%7D%5D%7D%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22data%22%3A%7B%22adserver%22%3A%7B%22name%22%3A%22gam%22%2C%22adslot%22%3A%22%2F18190176%2FAdThrive_Content_3%2F6086f736fa0c1f0c8270ab14%22%7D%2C%22pbadslot%22%3A%22%2F18190176%2FAdThrive_Content_3%2F6086f736fa0c1f0c8270ab14%22%7D%2C%22tid%22%3A%226143e7dd-ccfc-4110-802c-833ec11e605a%22%2C%22gpid%22%3A%22%2F18190176%2FAdThrive_Content_3%2F6086f736fa0c1f0c8270ab14%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B320%2C50%5D%2C%5B336%2C280%5D%2C%5B300%2C50%5D%2C%5B320%2C100%5D%2C%5B468%2C60%5D%2C%5B250%2C250%5D%2C%5B1%2C1%5D%2C%5B300%2C300%5D%2C%5B552%2C334%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22AdThrive_Content_3_desktop%22%2C%22transactionId%22%3A%226143e7dd-ccfc-4110-802c-833ec11e605a%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B320%2C50%5D%2C%5B336%2C280%5D%2C%5B300%2C50%5D%2C%5B320%2C100%5D%2C%5B468%2C60%5D%2C%5B250%2C250%5D%2C%5B1%2C1%5D%2C%5B300%2C300%5D%2C%5B552%2C334%5D%5D%2C%22bidId%22%3A%22392211d099c09f83%22%2C%22bidderRequestId%22%3A%22391a4c182e248bde%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22userId.init.gdpr%22%3A%5B0.09999942779541016%5D%2C%22userId.mod.init%22%3A%5B0.6999998092651367%2C1.6000003814697266%2C0.20000076293945312%2C0%2C3.6999998092651367%2C0.09999942779541016%2C0.8000001907348633%5D%2C%22userId.mods.connectId.init%22%3A%5B0.6999998092651367%5D%2C%22userId.mods.criteo.init%22%3A%5B1.6000003814697266%5D%2C%22userId.mods.id5Id.init%22%3A%5B0.20000076293945312%5D%2C%22userId.mods.identityLink.init%22%3A%5B0%5D%2C%22userId.mods.sharedId.init%22%3A%5B3.6999998092651367%5D%2C%22userId.mods.unifiedId.init%22%3A%5B0.09999942779541016%5D%2C%22userId.mods.fabrickId.init%22%3A%5B0.8000001907348633%5D%2C%22userId.init.modules%22%3A%5B9.5%5D%2C%22userId.callbacks.pending%22%3A%5B6269.800000190735%5D%2C%22userId.mod.callback%22%3A%5B86.89999961853027%5D%2C%22userId.mods.sharedId.callback%22%3A%5B86.89999961853027%5D%2C%22requestBids.usp%22%3A0.10000038146972656%2C%22requestBids.priceFloors%22%3A4.699999809265137%2C%22requestBids.userId%22%3A0.8000001907348633%2C%22requestBids.validate%22%3A2.1000003814697266%2C%22requestBids.makeRequests%22%3A14.5%2C%22adapter.client.validate%22%3A0%2C%22adapters.client.kargo.validate%22%3A0%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22cafemedia.com%22%2C%22segment%22%3A%5B%7B%22id%22%3A%221%22%7D%5D%2C%22ext%22%3A%7B%22segtax%22%3A6%7D%7D%5D%7D%7D%7D%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22cafemedia.com%22%2C%22sid%22%3A%226086f736fa0c1f0c8270ab14%22%2C%22hp%22%3A1%2C%22rid%22%3A%222d97a44f-9e26-4279-8595-c11298856b4e%22%7D%5D%7D%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%2C%22usp%22%3A%221---%22%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.notateslaapp.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.108.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-108-184.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:35 GMT
Content-Encoding
gzip
X-Accel-Expires
0
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://mail.notateslaapp.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
26
Expires
Thu, 01 Jan 1970 00:00:00 UTC
cdb
bidder.criteo.com/
18 B
318 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.18.0&cb=51631194027&lsavail=1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 20:17:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
auction
tlx.3lift.com/header/
19 B
741 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.18.0&referrer=https%3A%2F%2Fwww.notateslaapp.com%2F&tmax=2800&us_privacy=1---
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.146.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-146-96.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:35 GMT
accept-ch
sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile
x-auction-status
12
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
arj
cafemedia-d.openx.net/w/1.0/
190 B
199 B
XHR
General
Full URL
https://cafemedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.notateslaapp.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=6143e7dd-ccfc-4110-802c-833ec11e605a&nocache=1670357855200&scsm=cafemedia.com%2F6%3A1&us_privacy=1---&pubcid=996b3fe4-cfc2-4673-b5fd-f5099e120d17&schain=1.0%2C1!cafemedia.com%2C6086f736fa0c1f0c8270ab14%2C1%2C2d97a44f-9e26-4279-8595-c11298856b4e%2C%2C&aus=300x250%2C320x50%2C336x280%2C300x50%2C320x100%2C468x60%2C250x250%2C1x1%2C300x300%2C552x334&divids=AdThrive_Content_3_desktop&aucs=%252F18190176%252FAdThrive_Content_3%252F6086f736fa0c1f0c8270ab14&auid=538699866&tps=c2Vucz1hbGMsYXN0LGNiZCxjb25sLGNvc20sZGF0LGRsdSxkcmcsZ2FtYyxnYW12LGdycSxwb2wscmVsLHNzdCxzc3Isc3JoLHNrZSx0b2Isd3RsJmJ1Y2tldD1iZXRhMTpvdnJkJmhpX2F1PQ%3D%3D&aumfs=370
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
9114affd6fd3a142b6305f368e4fe63b8bc7fc980f421e6b1916523588c0e26c

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:35 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
176
expires
Mon, 26 Jul 1997 05:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/
62 B
283 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d00177771bcae21c6941d30023&pos=8a9694d00177771bcae220463a710058&cmd=bid&sens=alc%2Cast%2Ccbd%2Cconl%2Ccosm%2Cdat%2Cdlu%2Cdrg%2Cgamc%2Cgamv%2Cgrq%2Cpol%2Crel%2Csst%2Cssr%2Csrh%2Cske%2Ctob%2Cwtl&secure=1&us_privacy=1---
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
04a298d28880bc4516f2b3ef8116b41828d8ccfe778863c20f82a27e6ad0b0e1

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 20:17:35 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
content-length
62
translator
hbopenbid.pubmatic.com/
0
63 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mail.notateslaapp.com
date
Tue, 06 Dec 2022 20:17:35 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/
752 B
810 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9262&site_id=180726&zone_id=881402&size_id=15&alt_size_ids=1%2C14%2C16%2C43%2C44%2C48%2C117%2C221&us_privacy=1---&rp_schain=1.0,1!cafemedia.com,6086f736fa0c1f0c8270ab14,1,2d97a44f-9e26-4279-8595-c11298856b4e,,&eid_pubcid.org=996b3fe4-cfc2-4673-b5fd-f5099e120d17%5E1&rf=https%3A%2F%2Fwww.notateslaapp.com%2F&tg_i.iab=1&tg_i.site_code=AFOI_2020%2CCNST_2021%2CDDIG_21%2CDEOI_2021%2CDSVR_2021%2CEXHFCE_2021%2CFBSL_2022%2CGCREF%2CGLDM_2021%2CHRSHW_2022%2CMSFTA_2022%2CNSTLE_22%2CSF_RN_122019%2CTGNAF_21%2CTRGT_022020%2CTYTA_22%2CVITFM_21&tg_i.site_id=6086f736fa0c1f0c8270ab14&tg_i.sens=alc%2Cast%2Ccbd%2Cconl%2Ccosm%2Cdat%2Cdlu%2Cdrg%2Cgamc%2Cgamv%2Cgrq%2Cpol%2Crel%2Csst%2Cssr%2Csrh%2Cske%2Ctob%2Cwtl&tg_i.verticals=Auto%2CTech&tg_i.pmp_elig=true&tg_i.mcmp=iabc_1&tg_i.refresh=false&tg_i.vp=0&tg_i.pbadslot=%2F18190176%2FAdThrive_Content_3%2F6086f736fa0c1f0c8270ab14&tk_flint=pbjs_lite_v7.18.0&x_source.tid=6143e7dd-ccfc-4110-802c-833ec11e605a&l_pb_bid_id=4048ba29b383379c&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.37&rp_maxbids=1&p_gpid=%2F18190176%2FAdThrive_Content_3%2F6086f736fa0c1f0c8270ab14&slots=1&rand=0.4454102332677623
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6222e776c65a28ac9a76ae249b606d68f8ebd9208770096d6a96424940779b56

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:35 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
752
expires
Wed, 17 Sep 1975 21:32:10 GMT
bidRequest
c2shb.pubgw.yahoo.com/
66 B
97 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
19793f437b7f46c152b6a93410a36862b31ee37fb227ac1f3c550df7b0b78aef

Request headers

Referer
https://mail.notateslaapp.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 06 Dec 2022 20:17:35 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
content-length
66
prebid
ib.adnxs.com/ut/v3/
140 B
991 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.153 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
5208049b95006ae7341b880ce9c336675b0e6c6f8f819b12b6713a26f290abab
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:35 GMT
AN-X-Request-Uuid
0df70e58-31e1-4aa8-9f25-b24a9aa13f37
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mail.notateslaapp.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
38.132.118.73; 38.132.118.73; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
btlr.sharethrough.com/universal/
570 B
919 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.56.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-56-171.compute-1.amazonaws.com
Software
/
Resource Hash
6e9a84878126cc4ab35940902c40584d48c819b3e097cdf8add764600bc07fa3

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 06 Dec 2022 20:17:35 GMT
content-encoding
gzip
x-openrtb-version
2.5
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://mail.notateslaapp.com
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
373
v1
btlr.sharethrough.com/universal/
0
263 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.56.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-56-171.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:35 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/
831 B
1023 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.56.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-56-171.compute-1.amazonaws.com
Software
/
Resource Hash
052c9f85a31270fda1d91498bc43786bbf7f4727745df2832543a3e111d75b80

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 06 Dec 2022 20:17:35 GMT
content-encoding
gzip
x-openrtb-version
2.5
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://mail.notateslaapp.com
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
477
cafemedia
direct.adsrvr.org/bid/bidder/
0
405 B
XHR
General
Full URL
https://direct.adsrvr.org/bid/bidder/cafemedia
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.250.166.129 , United States, ASN26459 (TTD-ASN-01, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 20:17:34 GMT
x-openrtb-version
2.3
server
Kestrel
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
/
colossusssp.com/
2 B
248 B
XHR
General
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.111.123 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:35 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
event
prebid-a.rubiconproject.com/
0
125 B
XHR
General
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.241.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-241-248.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 06 Dec 2022 20:17:35 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
ecm3
s.amazon-adsystem.com/ Frame D5E6
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LBCNXQNN-11-M5LE
  • https://s.amazon-adsystem.com/ecm3?id=LBCNXQNN-11-M5LE&ex=d-rubiconproject.com&status=ok
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=LBCNXQNN-11-M5LE&ex=d-rubiconproject.com&status=ok
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:35 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QNMS57AAS4TTYKQJA14P
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LBCNXQNN-11-M5LE&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
2dd9fa24169fa04536d533da131679f8
Expires
0
event
prebid-a.rubiconproject.com/
0
125 B
XHR
General
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.241.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-241-248.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 06 Dec 2022 20:17:35 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.notateslaapp.com%2F&domain=mail.notateslaapp.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://mail.notateslaapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 06 Dec 2022 20:17:35 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
418783
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
event
prebid-a.rubiconproject.com/ Frame
0
0
Preflight
General
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.241.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-241-248.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mail.notateslaapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Tue, 06 Dec 2022 20:17:35 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://mail.notateslaapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://mail.notateslaapp.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 06 Dec 2022 20:17:35 GMT
server
ATS/9.1.10.25
event
prebid-a.rubiconproject.com/ Frame
0
0
Preflight
General
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.241.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-241-248.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mail.notateslaapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Tue, 06 Dec 2022 20:17:35 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ Frame
0
0
Preflight
General
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.241.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-241-248.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mail.notateslaapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Tue, 06 Dec 2022 20:17:35 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9515
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 20:39:09 GMT
x-content-type-options
nosniff
server
cafe
age
85106
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 06 Dec 2022 20:39:09 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9515
295 B
319 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 20:39:09 GMT
x-content-type-options
nosniff
server
cafe
age
85106
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 06 Dec 2022 20:39:09 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4B01
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvVFSM97JvTSEDOfnfizB0tFb_OjYVfpiMtfhPS6v2ZoEnMTZEF7rJDGX6HCKGuv9s6rK9RckGZTZL8TgcUgsLMZfAs6tPBdiLu0ulGn2w3nqWzqQ3Nhjoa07tiTQD4qkjnyWdh09kdIA2F8NfbC1pzqhJ22dEZ18PRGcFe_MeJ7ZCegHWU0jbwtj9n5dF-2kog7PhclNGl09V76CDO-H0vV0pNiAjVCPSReE5NulDeFVRR5rwkUVPUJp2yyQ_cVTo8AnY8qjmxE5mqc18gKgw-YUUG5Oq2piNTngMoNwo5yYosaWbQu_7i3SV3l5ML4e9pI1QmkzWdG1kwVaIaeiBTJBP21IGZrUwn1B5YrvyfZXv323lx&sai=AMfl-YQ4YZw3runtXBYowYcwNZIpRmUR06FWmPPPiQnZzUKrEDTCHuzxoNm2i6f1MoT57SuU0CAzr-DeWTu3GR6WXBI8_3QsZwAPH09wi64rE0EqzMRiErddNdSG5LSUJnS-3ETitc7VVMH5DJFLSUuvED4&sig=Cg0ArKJSzMh9wbkFCx28EAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 06 Dec 2022 20:17:35 GMT
event
prebid-a.rubiconproject.com/
0
125 B
XHR
General
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.241.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-241-248.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 06 Dec 2022 20:17:35 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ Frame
0
0
Preflight
General
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.241.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-241-248.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mail.notateslaapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Tue, 06 Dec 2022 20:17:35 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/
0
125 B
XHR
General
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.241.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-241-248.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 06 Dec 2022 20:17:35 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ Frame
0
0
Preflight
General
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.241.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-241-248.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mail.notateslaapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Tue, 06 Dec 2022 20:17:35 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
pixel
cm.g.doubleclick.net/ Frame D5E6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJDTlhRTk4tMTEtTTVMRQ==
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJDTlhRTk4tMTEtTTVMRQ==
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJDTlhRTk4tMTEtTTVMRQ==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
aax-eu.amazon-adsystem.com/s/ Frame D5E6
43 B
855 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:37 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
S1ED2A1CKYWRVE17QKC3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame D5E6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=20b9b72d-4be5-428b-b562-110fee7c8206&gdpr=0&gdpr_consent=&expires=30
42 B
701 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=20b9b72d-4be5-428b-b562-110fee7c8206&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
2dd9fa24169fa04536d533da131679f8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:35 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=20b9b72d-4be5-428b-b562-110fee7c8206&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
ecm3
s.amazon-adsystem.com/ Frame D5E6
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=S6-SaocuQNSRgWa_-OCKog&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=S6-SaocuQNSRgWa_-OCKog
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=S6-SaocuQNSRgWa_-OCKog
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:37 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Z2KGTS50NRRG0BAP9VHW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=S6-SaocuQNSRgWa_-OCKog
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
2dd9fa24169fa04536d533da131679f8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame D5E6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBCNXQNN-11-M5LE
0
141 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBCNXQNN-11-M5LE
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:36 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 511DD88A8D464E2494B022CE80A1691E Ref B: MIAEDGE1419 Ref C: 2022-12-06T20:17:36Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXvLn6xGeq+J8GyK6iogA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBCNXQNN-11-M5LE
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame D5E6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzlkNDVjNmZmZWU3MTRiOGJkZjE4YWZiMGExMjA5YTI2ZGRjNjc3OA
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzlkNDVjNmZmZWU3MTRiOGJkZjE4YWZiMGExMjA5YTI2ZGRjNjc3OA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzlkNDVjNmZmZWU3MTRiOGJkZjE4YWZiMGExMjA5YTI2ZGRjNjc3OA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
2dd9fa24169fa04536d533da131679f8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame D5E6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBWMSQu1jUvXYy0lofKc51Q&google_cver=1
42 B
701 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBWMSQu1jUvXYy0lofKc51Q&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBWMSQu1jUvXYy0lofKc51Q&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame D5E6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/pgQohhlk1ZFYVcLC99GzJMn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Awges7lE2oLBs9VSSXVDvTEiagcX5QjANxGOdQ--~A
42 B
701 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Awges7lE2oLBs9VSSXVDvTEiagcX5QjANxGOdQ--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
2dd9fa24169fa04536d533da131679f8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 06 Dec 2022 20:17:36 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Awges7lE2oLBs9VSSXVDvTEiagcX5QjANxGOdQ--~A
content-length
0
view
securepubads.g.doubleclick.net/pcs/ Frame A669
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu6CoXsjnDZ2NfyF3K61j-g2nOVRKnrhXSII82SStI9wC1r3_eQ7PK1BFOOkBXc-76jGECx3VPv34sLQOVVQKbvOpTivo1bzFFymfFukAqTHaxqJTMpkTns46roEa19uenvzwwX8URgR8aMS5Oh1aw5xGC0JvlYJuN65RBgO7gwxNc3XYd1AkQSvpAxz1B_KdtGXIli5S8LZgpo0W-bUkJDjzco9Gr2LsPNTuczEqNjiMWJXZXD2B4NxcoFbYiS5O2rjLS3Kuz_q7XLd82D_-wo9swMSxU593BP-VAM7w_TRV5NwYCvkqTD3wJg3IR_LQBkKOWD83uYtbZyDVgp-tRgvEgRAYZLZd9scGJq58uRWhbvKWCI&sai=AMfl-YRssz_m5vbkC_E2x-bFCHnZFrvpx8COO2noe7hwJ804sLWnEKGEE1cW0sukef6s65q7ZygjK5lu-NyGt2iAE5gdPh1rGJGg87rBguavBYCjwKQfF4WHZmi0uCxCaq0EjwfA8JA3emECWTOmBLV223M&sig=Cg0ArKJSzJymt1w5RlnSEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 06 Dec 2022 20:17:35 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 4001
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Server
2607:f8b0:4006:80d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Redirect headers

date
Tue, 06 Dec 2022 20:17:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4001
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 20:39:09 GMT
x-content-type-options
nosniff
server
cafe
age
85106
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 06 Dec 2022 20:39:09 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4001
295 B
319 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 20:39:09 GMT
x-content-type-options
nosniff
server
cafe
age
85106
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 06 Dec 2022 20:39:09 GMT
v1
lb.eu-1-id5-sync.com/lb/
33 B
408 B
XHR
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
72fa64c36ef0a408d1dec7be4cbba69a47d1ea84c0f0f1183f68147f2c9aaaf7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mail.notateslaapp.com
date
Tue, 06 Dec 2022 20:17:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
auction
prebid-server.rubiconproject.com/openrtb2/
368 B
526 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.89.34.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-89-34-248.compute-1.amazonaws.com
Software
/
Resource Hash
2f6098ed38a8b32237d8136b5c58a475c9a8c3fe76913f1c32fe8f466106e419

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:38 GMT
content-encoding
gzip
x-prebid
pbs-java/1.105.0
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
288
expires
0
bid-request
a.teads.tv/hb/
16 B
393 B
XHR
General
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.200.33 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-33.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:36 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Tue, 06 Dec 2022 20:17:36 GMT
pbjs
htlb.casalemedia.com/openrtb/
38 B
504 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=404600&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2243566c025d83d6e1%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.notateslaapp.com%2F%3F%23PD%3Adesktop%23HVP%3A60%23Source%3Adirect%23Browser%3AChrome%23Topic%3AAuto%23Topic%3ATech%23MCMP%3Aiabc_1%23Sens%3Aalc%23Sens%3Aast%23Sens%3Acbd%23Sens%3Aconl%23Sens%3Acosm%23Sens%3Adat%23Sens%3Adlu%23Sens%3Adrg%23Sens%3Agamc%23Sens%3Agamv%23Sens%3Agrq%23Sens%3Apol%23Sens%3Arel%23Sens%3Asst%23Sens%3Assr%23Sens%3Asrh%23Sens%3Aske%23Sens%3Atob%23Sens%3Awtl%23vp%3A0%23AFOI_2020%3ATrue%23CNST_2021%3ATrue%23DDIG_21%3ATrue%23DEOI_2021%3ATrue%23DSVR_2021%3ATrue%23EXHFCE_2021%3ATrue%23FBSL_2022%3ATrue%23GCREF%3ATrue%23GLDM_2021%3ATrue%23HRSHW_2022%3ATrue%23MSFTA_2022%3ATrue%23NSTLE_22%3ATrue%23SF_RN_122019%3ATrue%23TGNAF_21%3ATrue%23TRGT_022020%3ATrue%23TYTA_22%3ATrue%23VITFM_21%3ATrue%22%2C%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22cafemedia.com%22%2C%22segment%22%3A%5B%7B%22id%22%3A%221%22%7D%5D%2C%22ext%22%3A%7B%22segtax%22%3A6%7D%7D%5D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A6%2C%22msi%22%3A6%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.18.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fmail.notateslaapp.com%2F%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A1%2C%22dms%22%3Atrue%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22%2F18190176%2FAdThrive_Content_4%2F6086f736fa0c1f0c8270ab14%22%2C%22adunitcode%22%3A%22AdThrive_Content_4_desktop%22%2C%22divId%22%3A%22AdThrive_Content_4_desktop%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2243622ab6043f7008%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22404600%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22185764%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22404600%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22185764%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22404600%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22185764%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22404600%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22185764%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22404600%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A468%2C%22h%22%3A60%2C%22ext%22%3A%7B%22siteID%22%3A%22404600%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22404600%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A1%2C%22h%22%3A1%2C%22ext%22%3A%7B%22siteID%22%3A%22404600%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A300%2C%22ext%22%3A%7B%22siteID%22%3A%22404600%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A552%2C%22h%22%3A334%2C%22ext%22%3A%7B%22siteID%22%3A%22404600%22%2C%22fl%22%3A%22p%22%7D%7D%5D%2C%22pos%22%3A1%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F18190176%2FAdThrive_Content_4%2F6086f736fa0c1f0c8270ab14%22%2C%22gpid%22%3A%22%2F18190176%2FAdThrive_Content_4%2F6086f736fa0c1f0c8270ab14%22%2C%22tid%22%3A%22027ea6ce-c0d3-41d5-9a20-c7d8e712cb82%22%2C%22sid%22%3A%226_4%22%7D%2C%22bidfloor%22%3A0.603%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22cafemedia.com%22%2C%22sid%22%3A%226086f736fa0c1f0c8270ab14%22%2C%22hp%22%3A1%2C%22rid%22%3A%22f8ac33f9-162a-4aa6-85cf-fe6c1befb563%22%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%7D%5D%7D%5D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f098f180db08d59ee2029f821403108c082447af23564ebf07aeec1d2ed4c59a

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qpSamFj0YcFKkpYWvB8UJW1xk0zrotmJFtASvj6FpqPoEc5dI2CIZ4LJEmpu3eMmvWCndDeQMVRTJKa8kx6BKctdsYuOmMY5b9qNBDghBriAWj9bbjU3E5vSc1ebeWLBKEp2yJMU"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7757b4b8a833b3bf-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38
expires
0
bid
krk.kargo.com/api/v2/
2 B
656 B
XHR
General
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%2264aa31a5-eca6-4058-bd8c-7b39543aa4ad%22%2C%22requestCount%22%3A7%2C%22timeout%22%3A2800%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1670357856088%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%22445854e82e5d3bb6%22%3A%22_mfu14jCkaN%22%7D%2C%22bidSizes%22%3A%7B%22445854e82e5d3bb6%22%3A%5B%5B300%2C250%5D%2C%5B320%2C50%5D%2C%5B336%2C280%5D%2C%5B300%2C50%5D%2C%5B320%2C100%5D%2C%5B468%2C60%5D%2C%5B250%2C250%5D%2C%5B1%2C1%5D%2C%5B300%2C300%5D%2C%5B552%2C334%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_mfu14jCkaN%22%7D%2C%22auctionId%22%3A%223ed4e24a-bd79-4180-aaa0-827c56637dd3%22%2C%22floorData%22%3A%7B%22skipped%22%3Afalse%2C%22skipRate%22%3A10%2C%22modelVersion%22%3A%22mlcp-3p0-cafemedia%402022-12-05-20%22%2C%22modelWeight%22%3A5%2C%22modelTimestamp%22%3A1670270400%2C%22location%22%3A%22setConfig%22%2C%22floorProvider%22%3A%22rubicon%22%7D%2C%22userId%22%3A%7B%22pubcid%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%7D%2C%22userIdAsEids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%2C%22atype%22%3A1%7D%5D%7D%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22data%22%3A%7B%22pos%22%3A%22atf%22%2C%22adserver%22%3A%7B%22name%22%3A%22gam%22%2C%22adslot%22%3A%22%2F18190176%2FAdThrive_Content_4%2F6086f736fa0c1f0c8270ab14%22%7D%2C%22pbadslot%22%3A%22%2F18190176%2FAdThrive_Content_4%2F6086f736fa0c1f0c8270ab14%22%7D%2C%22tid%22%3A%22027ea6ce-c0d3-41d5-9a20-c7d8e712cb82%22%2C%22gpid%22%3A%22%2F18190176%2FAdThrive_Content_4%2F6086f736fa0c1f0c8270ab14%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B320%2C50%5D%2C%5B336%2C280%5D%2C%5B300%2C50%5D%2C%5B320%2C100%5D%2C%5B468%2C60%5D%2C%5B250%2C250%5D%2C%5B1%2C1%5D%2C%5B300%2C300%5D%2C%5B552%2C334%5D%5D%2C%22pos%22%3A1%7D%7D%2C%22adUnitCode%22%3A%22AdThrive_Content_4_desktop%22%2C%22transactionId%22%3A%22027ea6ce-c0d3-41d5-9a20-c7d8e712cb82%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B320%2C50%5D%2C%5B336%2C280%5D%2C%5B300%2C50%5D%2C%5B320%2C100%5D%2C%5B468%2C60%5D%2C%5B250%2C250%5D%2C%5B1%2C1%5D%2C%5B300%2C300%5D%2C%5B552%2C334%5D%5D%2C%22bidId%22%3A%22445854e82e5d3bb6%22%2C%22bidderRequestId%22%3A%22444dd6e679ee0d5%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22userId.init.gdpr%22%3A%5B0.09999942779541016%5D%2C%22userId.mod.init%22%3A%5B0.6999998092651367%2C1.6000003814697266%2C0.20000076293945312%2C0%2C3.6999998092651367%2C0.09999942779541016%2C0.8000001907348633%5D%2C%22userId.mods.connectId.init%22%3A%5B0.6999998092651367%5D%2C%22userId.mods.criteo.init%22%3A%5B1.6000003814697266%5D%2C%22userId.mods.id5Id.init%22%3A%5B0.20000076293945312%5D%2C%22userId.mods.identityLink.init%22%3A%5B0%5D%2C%22userId.mods.sharedId.init%22%3A%5B3.6999998092651367%5D%2C%22userId.mods.unifiedId.init%22%3A%5B0.09999942779541016%5D%2C%22userId.mods.fabrickId.init%22%3A%5B0.8000001907348633%5D%2C%22userId.init.modules%22%3A%5B9.5%5D%2C%22userId.callbacks.pending%22%3A%5B6269.800000190735%5D%2C%22userId.mod.callback%22%3A%5B86.89999961853027%2C971.8999996185303%2C877.6999998092651%2C1052.6999998092651%5D%2C%22userId.mods.sharedId.callback%22%3A%5B86.89999961853027%5D%2C%22userId.mods.identityLink.callback%22%3A%5B971.8999996185303%5D%2C%22userId.mods.fabrickId.callback%22%3A%5B877.6999998092651%5D%2C%22userId.mods.unifiedId.callback%22%3A%5B1052.6999998092651%5D%2C%22requestBids.usp%22%3A0.10000038146972656%2C%22requestBids.priceFloors%22%3A1.4000005722045898%2C%22requestBids.userId%22%3A0.5999994277954102%2C%22requestBids.validate%22%3A10.5%2C%22requestBids.makeRequests%22%3A8.699999809265137%2C%22adapter.client.validate%22%3A0%2C%22adapters.client.kargo.validate%22%3A0%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22cafemedia.com%22%2C%22segment%22%3A%5B%7B%22id%22%3A%221%22%7D%5D%2C%22ext%22%3A%7B%22segtax%22%3A6%7D%7D%5D%7D%7D%7D%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22cafemedia.com%22%2C%22sid%22%3A%226086f736fa0c1f0c8270ab14%22%2C%22hp%22%3A1%2C%22rid%22%3A%22f8ac33f9-162a-4aa6-85cf-fe6c1befb563%22%7D%5D%7D%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%2C%22usp%22%3A%221---%22%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.notateslaapp.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.108.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-108-184.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:36 GMT
Content-Encoding
gzip
X-Accel-Expires
0
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://mail.notateslaapp.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
26
Expires
Thu, 01 Jan 1970 00:00:00 UTC
cdb
bidder.criteo.com/
18 B
318 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.18.0&cb=14154123522&lsavail=1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 20:17:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
auction
tlx.3lift.com/header/
19 B
741 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.18.0&referrer=https%3A%2F%2Fwww.notateslaapp.com%2F&tmax=2800&us_privacy=1---
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.146.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-146-96.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:36 GMT
accept-ch
sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness
x-auction-status
12
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
arj
cafemedia-d.openx.net/w/1.0/
190 B
199 B
XHR
General
Full URL
https://cafemedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.notateslaapp.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=027ea6ce-c0d3-41d5-9a20-c7d8e712cb82&nocache=1670357856118&scsm=cafemedia.com%2F6%3A1&us_privacy=1---&pubcid=996b3fe4-cfc2-4673-b5fd-f5099e120d17&schain=1.0%2C1!cafemedia.com%2C6086f736fa0c1f0c8270ab14%2C1%2Cf8ac33f9-162a-4aa6-85cf-fe6c1befb563%2C%2C&aus=300x250%2C320x50%2C336x280%2C300x50%2C320x100%2C468x60%2C250x250%2C1x1%2C300x300%2C552x334&divids=AdThrive_Content_4_desktop&aucs=%252F18190176%252FAdThrive_Content_4%252F6086f736fa0c1f0c8270ab14&auid=538699867&tps=c2Vucz1hbGMsYXN0LGNiZCxjb25sLGNvc20sZGF0LGRsdSxkcmcsZ2FtYyxnYW12LGdycSxwb2wscmVsLHNzdCxzc3Isc3JoLHNrZSx0b2Isd3RsJmJ1Y2tldD1iZXRhMTpvdnJkJmhpX2F1PQ%3D%3D&aumfs=580
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
bca908071ba629f3bccb9c09c55e524561113fe41be5be8a274c489e4bcd6285

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:36 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
176
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/
0
63 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mail.notateslaapp.com
date
Tue, 06 Dec 2022 20:17:35 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/
764 B
822 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9262&site_id=180726&zone_id=881404&size_id=15&alt_size_ids=1%2C14%2C16%2C43%2C44%2C48%2C117%2C221&p_pos=atf&us_privacy=1---&rp_schain=1.0,1!cafemedia.com,6086f736fa0c1f0c8270ab14,1,f8ac33f9-162a-4aa6-85cf-fe6c1befb563,,&eid_pubcid.org=996b3fe4-cfc2-4673-b5fd-f5099e120d17%5E1&rf=https%3A%2F%2Fwww.notateslaapp.com%2F&tg_i.iab=1&tg_i.site_code=AFOI_2020%2CCNST_2021%2CDDIG_21%2CDEOI_2021%2CDSVR_2021%2CEXHFCE_2021%2CFBSL_2022%2CGCREF%2CGLDM_2021%2CHRSHW_2022%2CMSFTA_2022%2CNSTLE_22%2CSF_RN_122019%2CTGNAF_21%2CTRGT_022020%2CTYTA_22%2CVITFM_21&tg_i.site_id=6086f736fa0c1f0c8270ab14&tg_i.sens=alc%2Cast%2Ccbd%2Cconl%2Ccosm%2Cdat%2Cdlu%2Cdrg%2Cgamc%2Cgamv%2Cgrq%2Cpol%2Crel%2Csst%2Cssr%2Csrh%2Cske%2Ctob%2Cwtl&tg_i.verticals=Auto%2CTech&tg_i.pmp_elig=true&tg_i.mcmp=iabc_1&tg_i.refresh=false&tg_i.vp=0&tg_i.pos=atf&tg_i.pbadslot=%2F18190176%2FAdThrive_Content_4%2F6086f736fa0c1f0c8270ab14&tk_flint=pbjs_lite_v7.18.0&x_source.tid=027ea6ce-c0d3-41d5-9a20-c7d8e712cb82&l_pb_bid_id=45524127b1219078&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.58&rp_maxbids=1&p_gpid=%2F18190176%2FAdThrive_Content_4%2F6086f736fa0c1f0c8270ab14&slots=1&rand=0.8272339487048794
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7476ed66b92beb7ba971c5f81a2b5ddd8941b2251acbf69926fe3e21c9765791

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:36 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
764
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/
140 B
991 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.153 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
25c63e8a39aa7cb92376296daea574876c8eb7c48755d2759d69376482e56c8a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:36 GMT
AN-X-Request-Uuid
9e62cfac-d152-4699-bb3b-a94a83a8eb6e
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mail.notateslaapp.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
38.132.118.73; 38.132.118.73; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
btlr.sharethrough.com/universal/
0
263 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.56.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-56-171.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:36 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/
0
263 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.56.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-56-171.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:36 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/
0
263 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.56.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-56-171.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:36 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
cafemedia
direct.adsrvr.org/bid/bidder/
0
405 B
XHR
General
Full URL
https://direct.adsrvr.org/bid/bidder/cafemedia
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.250.166.129 , United States, ASN26459 (TTD-ASN-01, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 20:17:35 GMT
x-openrtb-version
2.3
server
Kestrel
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
/
colossusssp.com/
2 B
248 B
XHR
General
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.111.123 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:36 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=mail.notateslaapp.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
29 KB
13 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1113482156589776&correlator=2248685174221043&eid=31070873%2C31071149&output=ldjh&gdfp_req=1&vrg=2022120101&ptt=17&impl=fifs&us_privacy=1---&tfcd=0&iu_parts=18190176%3A22569774571%2CAdThrive_Content_3%2C6086f736fa0c1f0c8270ab14&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C320x50%7C336x280%7C300x50%7C320x100%7C468x60%7C250x250%7C1x1%7C300x300%7C552x334&fluid=height&ifi=7&adks=2301462890&didk=1178037044&sfv=1-0-40&fsbs=1&prev_scp=location%3DContent%26sequence%3D3%26id%3DAdThrive_Content_3_desktop%26lazy%3Dfalse%26refresh%3D00%26nref%3D0%26inf_scroll%3D1%26amznbid%3Dlhm9s0%26amznp%3D16d9pts%26amzniid%3DJMS_M_gltwboNF4A3RsGqe0AAAGE6RYWlQEAAAJYAQBOL0EgICAgICAgICAgICBOL0EgICAgICAgICAgICDtvkkS%26amznsz%3D300x250%26flag_slot%3Dfv%253A0%2Chbf%253A0&eri=5&cust_params=flag%3Dtarget%253Aes2018%252Cadsmnche%253A466%252Cpmp_elig%253A1%252Cclson%253Afalse%252CclsBranch%253A%252CclsBucket%253A%252Clmdv%253A1.13.0%252Cidp%253Ash%252Crf%253A0%26siteId%3D6086f736fa0c1f0c8270ab14%26organizationId%3D6233884d998a8b7088d720e4%26siteName%3DTesla%2520Software%2520Updates%26verticals%3DAuto%252CTech%26abgroup%3Dwvtls%253Aon%252Ctpcapi%253Aon%252Camzn_hold_load%253Aoff%252Cflr%253Arubi%252Cflrdt%253Anone%252Cclsins_ss%253Atrue%252Cebho%253Ayieldmo_ebda%252Cloglevel%253Aoff%252Cidho%253Aoff%252Clzhb%253Aon%252Clzcvp%253A2%252Clzbpvp%253A0.75%252Ctripleliftdr%253Aboth%252Cmagnitedr%253Aclient%252Cpbs2s_appnexus%253Aoff%252Cpbs2s_grid%253Aon%252Cpbs2s_gumgum%253Aoff%252Cpbs2s_openx%253Aoff%252Cadt%253A0%252Cito_ds%253A2800%252C3pho%253Anone%252Cvebho%253Amedianet_ebda%252Ccbt%253A0s%252Cvast_to%253A10s%252Cproto%253Aall%252Cpbm%253Aon%252CreqTo%253A10%252Cvadv%253Aon%252Csmhd100%253Aoff%252Csmad300%253Aon%252Cdcsll%253Aoff%252Cjwb%253Aon%252Cs2sbuff%253A300%252Ccoldr%253Aboth%252Crmos1%253Aoff%252Csocon%253A0%252Cdco%253Arelaxed%252Cmxrpog%253A5%252Cdajto%253Aoff%252Cvpred_1%253A90%252Ccrtvmon%253Aoff%252Cpba%253Anone%252Camzn_hold_disp%253Aoff%252Cbmetrics%253Aon%252Cconfiant%253Aprod%252Ccnfep%253Aon%252Crefvidflr%253A1%252Csocbe%253Asovpct2%252Clogcls%253Aoff%252Crebuildslot%253Aon%252Cupl%253Aoff%252Csekho%253Aoff%252Csospp%253Aon%252Crmosnv1%253Aoff%26bucket%3Dbeta1%253Aovrd%26sens%3Dalc%252Cast%252Ccbd%252Cconl%252Ccosm%252Cdat%252Cdlu%252Cdrg%252Cgamc%252Cgamv%252Cgrq%252Cpol%252Crel%252Csst%252Cssr%252Csrh%252Cske%252Ctob%252Cwtl%26domain%3Dmail.notateslaapp.com%26plugin%3Dadthrive-ads-1.0.43-manual%26hi_au%3Dod%252Com%26vpwxvph%3D1600x1200%26ri%3D38%26pvk%3D01GKMHC4ACP2NW24G3NES42JG8%26sess%3D01GKMHC4AC8WZPTG7R81MC0H70%26branch%3Db1d93de%26deployment%3Dade-454%253Apr2851%253Abeta1%253Ab1d93de%253Aexp%26hbho%3Dconversant%252Cnativo%26vbho%3Dtelaria%26gptv%3D2022120101%26connection%3Dniet%253A4g%252Cdl%253A9.9%26fpv%3D1%26mcmp%3Diabc_1%26site_code%3DAFOI_2020%252CCNST_2021%252CDDIG_21%252CDEOI_2021%252CDSVR_2021%252CEXHFCE_2021%252CFBSL_2022%252CGCREF%252CGLDM_2021%252CHRSHW_2022%252CMSFTA_2022%252CNSTLE_22%252CSF_RN_122019%252CTGNAF_21%252CTRGT_022020%252CTYTA_22%252CVITFM_21%26marmalade%3Dtrue&sc=1&cookie=ID%3De62bfd75286d4a2b%3AT%3D1670357852%3AS%3DALNI_MbSa04HuTLtbY88nOYthFcT--Ucmw&gpic=UID%3D00000577a16016cd%3AT%3D1670357852%3ART%3D1670357852%3AS%3DALNI_Mbd4xPtJQ67_8GMrAXmZnHbaXvf7Q&abxe=1&dt=1670357856243&dlt=1670357846833&idt=1993&adxs=430&adys=4749&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fmail.notateslaapp.com%2F&frm=20&vis=1&psz=660x7075&msz=660x250&fws=0&ohw=0&psts=AMjMPc1mjJ2mvMkpawzY4PTaCwJKkPvjbHbPz3rZTKLnfAiLGNtVeFLrcnlhoqpdpwjKJW4PkDbft7NgKwaJbo-UczwWYS0U7aCbmQ%2CAMjMPc0ejTN65aBuLIOuiXOjG3gy6i82jUGYxYarG_YFVH4VNOmmACxGijThxBqFTT74alCKYjv9QnQAyAs4vAvdPV8-jT8WthuZtQ%2CAMjMPc1Tp5EryoFxCaJBS4deUs4WaxITftYRGcsdqhNRjBwsfw_Y-q3FpIaayMrKpY1J9FWNyg58hnUHrUt4D7H95EAFXFXUhk_Kdw&ga_vid=355545597.1670357848&ga_sid=1670357851&ga_hid=1721253892&ga_fc=true&cbidsp=CuwDCAESEQoIdHJpcGxfc3MQlAggAjgCEg0KBGdyaWQQlAggAjgCEhMKCmJyaWdodHJvbGwQlwggAjgCEhAKB3B1Ym1fc3MQmwggAjgCEhAKB3lpZWxkbW8QnQggAjgCEhEKCDMzYWNyb3NzEJ8IIAI4AhIPCgZ1bnJ1bHkQowggAjgCEg8KBmNvbF9zcxCjCCACOAISDAoFdGVhZHMQkAYgAhIJCgJpeBCPBiACEgkKAml4EI8GIAISCQoCaXgQjwYgAhIJCgJpeBCQBiACEgwKBWthcmdvEIsGIAISDQoGY3JpdGVvEIMGIAISEQoKdHJpcGxlbGlmdBCVBiACEgwKBW9wZW54EKMGIAISDgoHdmVyaXpvbhCtBiACEg8KCHB1Ym1hdGljENIGIAISDgoHcnViaWNvbhCEBCACEg8KCHlhaG9vc3NwEMQDIAISDwoIYXBwbmV4dXMQyAYgAhITCgxzaGFyZXRocm91Z2gQpAcgAhITCgxzaGFyZXRocm91Z2gQpAcgAhITCgxzaGFyZXRocm91Z2gQpAcgAhIKCgN0dGQQoQcgAhIPCghjb2xvc3N1cxChByACGAIiJDYxNDNlN2RkLWNjZmMtNDExMC04MDJjLTgzM2VjMTFlNjA1YSoECAMgAEoAQMQT
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1627605b7f342fd2db444aa3a64e98e47ddfebf2e21e3d42ede13853029e5491
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:36 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12810
x-xss-protection
0
google-lineitem-id
5139771563
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138234767358
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame EF60
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=bf73b27f-b0e3-4b52-be1d-6c53fcb39798&gdpr=&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=20b9b72d-4be5-428b-b562-110fee7c8206&ttd_puid=bf73b27f-b0e3-4b52-be1d-6c53fcb39798
95 B
759 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=20b9b72d-4be5-428b-b562-110fee7c8206&ttd_puid=bf73b27f-b0e3-4b52-be1d-6c53fcb39798
Requested by
Host: pandg.tapad.com
URL: https://pandg.tapad.com/tag?referrer_url=&page_url=https%3A%2F%2Fmail.notateslaapp.com%2F&owner=P%26G&bp_id=cafemedia&initiator=js
Protocol
H2
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pandg.tapad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:36 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:36 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=20b9b72d-4be5-428b-b562-110fee7c8206&ttd_puid=bf73b27f-b0e3-4b52-be1d-6c53fcb39798
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
347
receive
pixel.tapad.com/idsync/ex/ Frame EF60
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=10072&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3D2040%26partner_device_id%3D%5BMM_UUID%5D&gdpr=&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2040&partner_device_id=d460638f-a35f-4400-9851-98d66543df75&gdpr=&gdpr_consent=
95 B
424 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=2040&partner_device_id=d460638f-a35f-4400-9851-98d66543df75&gdpr=&gdpr_consent=
Requested by
Host: pandg.tapad.com
URL: https://pandg.tapad.com/tag?referrer_url=&page_url=https%3A%2F%2Fmail.notateslaapp.com%2F&owner=P%26G&bp_id=cafemedia&initiator=js
Protocol
H2
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pandg.tapad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:36 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

Date
Tue, 06 Dec 2022 20:17:36 GMT
Server
MT3 180 1fd3e2d master ord-pixel-x18 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=2040&partner_device_id=d460638f-a35f-4400-9851-98d66543df75&gdpr=&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 06 Dec 2022 20:17:35 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame ED5C
42 B
497 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss5K6hPfx_b9AELeVXWJzN7y4A30heuklY00w1MNhrQsvcIxj7tcjOX3ZG9NCD7UU2Am-pS5KqpgN8Jd3c3z1CVIt7RGmFt08hMZIKfUw5Re1hJsM_Z&sig=Cg0ArKJSzFnJqTJBxCt-EAE&id=lidar2&mcvt=1648&p=1155,800,1156,801&mtos=1648,1648,1648,1648,1648&tos=1648,0,0,0,0&v=20221205&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2228329560&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670357852385&rpt=2225&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
29 KB
13 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1113482156589776&correlator=2621823778650491&eid=31070873%2C31071149&output=ldjh&gdfp_req=1&vrg=2022120101&ptt=17&impl=fifs&us_privacy=1---&tfcd=0&iu_parts=18190176%3A22569774571%2CAdThrive_Content_2%2C6086f736fa0c1f0c8270ab14&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C320x50%7C336x280%7C300x50%7C320x100%7C468x60%7C250x250%7C1x1%7C300x300%7C552x334&fluid=height&ifi=8&adks=1290911891&didk=1429691398&sfv=1-0-40&fsbs=1&prev_scp=location%3DContent%26sequence%3D2%26id%3DAdThrive_Content_2_desktop%26lazy%3Dfalse%26refresh%3D00%26nref%3D0%26inf_scroll%3D1%26amznbid%3D2%26amznp%3D2%26flag_slot%3Dfv%253A0%2Chbf%253A0&eri=5&cust_params=flag%3Dtarget%253Aes2018%252Cadsmnche%253A466%252Cpmp_elig%253A1%252Cclson%253Afalse%252CclsBranch%253A%252CclsBucket%253A%252Clmdv%253A1.13.0%252Cidp%253Ash%252Crf%253A0%26siteId%3D6086f736fa0c1f0c8270ab14%26organizationId%3D6233884d998a8b7088d720e4%26siteName%3DTesla%2520Software%2520Updates%26verticals%3DAuto%252CTech%26abgroup%3Dwvtls%253Aon%252Ctpcapi%253Aon%252Camzn_hold_load%253Aoff%252Cflr%253Arubi%252Cflrdt%253Anone%252Cclsins_ss%253Atrue%252Cebho%253Ayieldmo_ebda%252Cloglevel%253Aoff%252Cidho%253Aoff%252Clzhb%253Aon%252Clzcvp%253A2%252Clzbpvp%253A0.75%252Ctripleliftdr%253Aboth%252Cmagnitedr%253Aclient%252Cpbs2s_appnexus%253Aoff%252Cpbs2s_grid%253Aon%252Cpbs2s_gumgum%253Aoff%252Cpbs2s_openx%253Aoff%252Cadt%253A0%252Cito_ds%253A2800%252C3pho%253Anone%252Cvebho%253Amedianet_ebda%252Ccbt%253A0s%252Cvast_to%253A10s%252Cproto%253Aall%252Cpbm%253Aon%252CreqTo%253A10%252Cvadv%253Aon%252Csmhd100%253Aoff%252Csmad300%253Aon%252Cdcsll%253Aoff%252Cjwb%253Aon%252Cs2sbuff%253A300%252Ccoldr%253Aboth%252Crmos1%253Aoff%252Csocon%253A0%252Cdco%253Arelaxed%252Cmxrpog%253A5%252Cdajto%253Aoff%252Cvpred_1%253A90%252Ccrtvmon%253Aoff%252Cpba%253Anone%252Camzn_hold_disp%253Aoff%252Cbmetrics%253Aon%252Cconfiant%253Aprod%252Ccnfep%253Aon%252Crefvidflr%253A1%252Csocbe%253Asovpct2%252Clogcls%253Aoff%252Crebuildslot%253Aon%252Cupl%253Aoff%252Csekho%253Aoff%252Csospp%253Aon%252Crmosnv1%253Aoff%26bucket%3Dbeta1%253Aovrd%26sens%3Dalc%252Cast%252Ccbd%252Cconl%252Ccosm%252Cdat%252Cdlu%252Cdrg%252Cgamc%252Cgamv%252Cgrq%252Cpol%252Crel%252Csst%252Cssr%252Csrh%252Cske%252Ctob%252Cwtl%26domain%3Dmail.notateslaapp.com%26plugin%3Dadthrive-ads-1.0.43-manual%26hi_au%3Dod%252Com%26vpwxvph%3D1600x1200%26ri%3D38%26pvk%3D01GKMHC4ACP2NW24G3NES42JG8%26sess%3D01GKMHC4AC8WZPTG7R81MC0H70%26branch%3Db1d93de%26deployment%3Dade-454%253Apr2851%253Abeta1%253Ab1d93de%253Aexp%26hbho%3Dconversant%252Cnativo%26vbho%3Dtelaria%26gptv%3D2022120101%26connection%3Dniet%253A4g%252Cdl%253A9.9%26fpv%3D1%26mcmp%3Diabc_1%26site_code%3DAFOI_2020%252CCNST_2021%252CDDIG_21%252CDEOI_2021%252CDSVR_2021%252CEXHFCE_2021%252CFBSL_2022%252CGCREF%252CGLDM_2021%252CHRSHW_2022%252CMSFTA_2022%252CNSTLE_22%252CSF_RN_122019%252CTGNAF_21%252CTRGT_022020%252CTYTA_22%252CVITFM_21%26marmalade%3Dtrue&sc=1&cookie=ID%3De62bfd75286d4a2b%3AT%3D1670357852%3AS%3DALNI_MbSa04HuTLtbY88nOYthFcT--Ucmw&gpic=UID%3D00000577a16016cd%3AT%3D1670357852%3ART%3D1670357852%3AS%3DALNI_Mbd4xPtJQ67_8GMrAXmZnHbaXvf7Q&abxe=1&dt=1670357856638&dlt=1670357846833&idt=1993&adxs=430&adys=3241&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fmail.notateslaapp.com%2F&frm=20&vis=1&psz=660x7075&msz=660x250&fws=0&ohw=0&psts=AMjMPc1mjJ2mvMkpawzY4PTaCwJKkPvjbHbPz3rZTKLnfAiLGNtVeFLrcnlhoqpdpwjKJW4PkDbft7NgKwaJbo-UczwWYS0U7aCbmQ%2CAMjMPc0ejTN65aBuLIOuiXOjG3gy6i82jUGYxYarG_YFVH4VNOmmACxGijThxBqFTT74alCKYjv9QnQAyAs4vAvdPV8-jT8WthuZtQ%2CAMjMPc1Tp5EryoFxCaJBS4deUs4WaxITftYRGcsdqhNRjBwsfw_Y-q3FpIaayMrKpY1J9FWNyg58hnUHrUt4D7H95EAFXFXUhk_Kdw&ga_vid=355545597.1670357848&ga_sid=1670357851&ga_hid=1721253892&ga_fc=true&cbidsp=CoEECAESEQoIdHJpcGxfc3MQ7hggAjgCEg0KBGdyaWQQ7hggAjgCEhMKCmJyaWdodHJvbGwQ7hggAjgCEhAKB3B1Ym1fc3MQ7hggAjgCEhAKB3lpZWxkbW8Q7hggAjgCEhEKCDMzYWNyb3NzEO4YIAI4AhIPCgZ1bnJ1bHkQ7hggAjgCEg8KBmNvbF9zcxDuGCACOAISDAoFdGVhZHMQ_QwgAhIJCgJpeBD8DCACEgkKAml4EPwMIAISCQoCaXgQ_AwgAhIJCgJpeBD8DCACEgwKBWthcmdvEPgMIAISDQoGY3JpdGVvEO4MIAISEQoKdHJpcGxlbGlmdBD7DCACEgwKBW9wZW54EIINIAISDgoHdmVyaXpvbhCIDSACEg8KCHB1Ym1hdGljEIkNIAISDgoHcnViaWNvbhD-DCACEg8KCHlhaG9vc3NwEPsMIAISDwoIYXBwbmV4dXMQ8gwgAhITCgxzaGFyZXRocm91Z2gQxg0gAhITCgxzaGFyZXRocm91Z2gQxg0gAhITCgxzaGFyZXRocm91Z2gQxg0gAhITCgxzaGFyZXRocm91Z2gQxg0gAhIKCgN0dGQQuw0gAhIPCghjb2xvc3N1cxC1DSACGAIiJGRkODg3ZmNiLTRiN2YtNGM4OC04ZWFmLTA1MzcwZjk5MTk0ZSoECAMgAEoAQMQT
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
702fe0aa745cb73668e86594a701e271e79f4a9bfafb472915ba400751df76b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12812
x-xss-protection
0
google-lineitem-id
5139771563
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138234767358
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=oozYtHxDOEJkbmFDVjA5cWlTaXZ1RXU1ZG53SWF1OTNmbzJJRENxNmY1K0VzSUdmcGYxMDRobThvRFgyRk5BSnV6Z3BUWllKNTExRHpmRmt4RXhJVmZwRGRGdS9nbDZtdmVhQzdRRTlHT3FQV0lsVit4WlNjOG1Za2wvalZNSUo2WlpqL21JVnUvOWRiRXJJNG1zWXhzWHFTbGpSYWQ3WFU4WGNZN0NidjE0amljQVhtUXFsaWxoNGp6R0lQNjVZR3N1WEdVb1M3bUk5bWkxZVdVRmYzR2poOW1JS3UxOUg5TWtkWFBwOHFDUWc4VlgwS25PVHNMOHB4clNuMDUzWGZlaEZPfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 06 Dec 2022 20:17:36 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
527361
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
activeview
pagead2.googlesyndication.com/pcs/ Frame 4B01
42 B
108 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst-k8pWFyeP528npf13cnM4tUjJc85g5YdlYFeSvIUMbShMK_zcxvM_i-8_MDqGgGXTpyfAcOX_0LZEUGeyTgenTfKqgWBEVYv4hbJY_onsZaLVgD_t&sig=Cg0ArKJSzAM9uGGgqSQJEAE&id=lidar2&mcvt=1247&p=510,1260,511,1261&mtos=1247,1247,1247,1247,1247&tos=1247,0,0,0,0&v=20221205&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1631033190&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670357852989&rpt=2408&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event
prebid-a.rubiconproject.com/
0
125 B
XHR
General
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.241.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-241-248.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 06 Dec 2022 20:17:37 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ Frame
0
0
Preflight
General
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.241.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-241-248.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mail.notateslaapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Tue, 06 Dec 2022 20:17:36 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
usync.js
eus.rubiconproject.com/ Frame B8EB
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.3.115.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-115-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
646602d51b516d8e5462483f63a38e99d9960d569f04e1b67ed84a0cb748188a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 20:17:37 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Dec 2022 04:10:43 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=28406
Connection
keep-alive
Content-Length
10066
Expires
Wed, 07 Dec 2022 04:11:03 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame CD34
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Server
2607:f8b0:4006:80d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Redirect headers

date
Tue, 06 Dec 2022 20:17:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
367.json
id5-sync.com/g/v2/
456 B
1 KB
XHR
General
Full URL
https://id5-sync.com/g/v2/367.json
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
34e76594fcd8cad9f9ecb3e024cef6b2c29aae9af3c9184bf6a0c786e54e1713
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 20:17:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://mail.notateslaapp.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
14828492229214819266
tpc.googlesyndication.com/simgad/ Frame CD34
46 KB
46 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/14828492229214819266?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qntK6diN12SXYqD1N1Z_zlXziQvPw
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90398d274e093821b066f9bc367d1ddb8e2fa9d18d7660c10cc3704c4d9f519f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 06:21:00 GMT
x-content-type-options
nosniff
age
395797
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46612
x-xss-protection
0
last-modified
Wed, 17 Nov 2021 09:20:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 02 Dec 2023 06:21:00 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CD34
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 20:39:09 GMT
x-content-type-options
nosniff
server
cafe
age
85108
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 06 Dec 2022 20:39:09 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CD34
295 B
319 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 20:39:09 GMT
x-content-type-options
nosniff
server
cafe
age
85108
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 06 Dec 2022 20:39:09 GMT
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://sync.colossusssp.com/pbs.gif?gdpr=&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dcolossus%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3...
  • https://prebid-server.rubiconproject.com/setuid?bidder=colossus&gdpr=&gdpr_consent=&us_privacy=1---&account=&f=i&uid=[UID]
86 B
791 B
Image
General
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=colossus&gdpr=&gdpr_consent=&us_privacy=1---&account=&f=i&uid=[UID]
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Server
3.89.34.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-89-34-248.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Tue, 06 Dec 2022 20:17:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:42 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
Location
https://prebid-server.rubiconproject.com/setuid?bidder=colossus&gdpr=&gdpr_consent=&us_privacy=1---&account=&f=i&uid=[UID]
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame 2570
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst4Hfsu-0h2SfVrKLwoAlKB2WzJJU3X3HsMwHBGqXmBQUG37xorMOG-vtECxu7BSypvDxxaAeRJgv9elsjO2pzy0w1jWZX3lB9ERtYlqyYGtMG7oLHZEC0NI2DMUs4g2AE-ib7T_Cpn43M2Oyyiso1qun4GfCjmcvKw39hyvAA_M8JoAfkbc4rR8VtSmduR8nM-JNwhq46e-P2sYR8snlcmtD10HiZT73muNPUnP6sqKqokYA_P7wImPLDyseeKEf8mltf8HJLlqNkNM8Ir6BlfuOYuzRV6mLUL-xHfxI5q0-QMfYvV8u9fF8xG9rxl4RVfxOfvqhssJyVjMmcC48paEewjWc-pUQliP78tUEEEGj_gdQ&sai=AMfl-YT7MD-StiX3YNftGc1D7YPS1iP9TdyvliLwTKItprgAX-7Gby48jGzYWnMzmXQOtaC1JeVj0SmDP-TKABHHv2tEtyzJRRoYdE6pTsdBNmvcOWJj3YbmF_HTsoUqYXXCgA&sig=Cg0ArKJSzBgvDAZY7_mIEAE&uach_m=[UACH]&adurl=
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
15842465133016810807
tpc.googlesyndication.com/simgad/ Frame 2570
43 B
69 B
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/15842465133016810807
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 07:53:21 GMT
x-content-type-options
nosniff
age
563056
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
last-modified
Wed, 30 May 2018 18:01:52 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 30 Nov 2023 07:53:21 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame 2570
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/window_focus_fy2021.js
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 00:36:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
70888
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Dec 2022 00:36:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2570
153 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47692
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670243872199174"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Dec 2022 20:17:37 GMT
l
www.google.com/ads/measurement/ Frame 2570
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSH7pobDWjFhVC6RqtCiwUfM-3AlM-J8Y30wDoAcC6DikAuwYiURAVMHzqU80BoafqWC-2vsQU_5l-uc6CMQzghBsfsRg
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

auction
prebid-server.rubiconproject.com/openrtb2/
279 B
469 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.89.34.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-89-34-248.compute-1.amazonaws.com
Software
/
Resource Hash
24605a615fda7af9470b768813803fa1c321e30ed8d69fc96b0ae2aa11e0484d

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:37 GMT
content-encoding
gzip
x-prebid
pbs-java/1.105.0
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
231
expires
0
bid-request
a.teads.tv/hb/
16 B
393 B
XHR
General
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.200.33 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-33.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:37 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Tue, 06 Dec 2022 20:17:37 GMT
pbjs
htlb.casalemedia.com/openrtb/
38 B
506 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=404596&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22484389b9c46517f6%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.notateslaapp.com%2F%3F%23PD%3Adesktop%23HVP%3A0%23Source%3Adirect%23Browser%3AChrome%23Topic%3AAuto%23Topic%3ATech%23MCMP%3Aiabc_1%23Sens%3Aalc%23Sens%3Aast%23Sens%3Acbd%23Sens%3Aconl%23Sens%3Acosm%23Sens%3Adat%23Sens%3Adlu%23Sens%3Adrg%23Sens%3Agamc%23Sens%3Agamv%23Sens%3Agrq%23Sens%3Apol%23Sens%3Arel%23Sens%3Asst%23Sens%3Assr%23Sens%3Asrh%23Sens%3Aske%23Sens%3Atob%23Sens%3Awtl%23vp%3A0%23AFOI_2020%3ATrue%23CNST_2021%3ATrue%23DDIG_21%3ATrue%23DEOI_2021%3ATrue%23DSVR_2021%3ATrue%23EXHFCE_2021%3ATrue%23FBSL_2022%3ATrue%23GCREF%3ATrue%23GLDM_2021%3ATrue%23HRSHW_2022%3ATrue%23MSFTA_2022%3ATrue%23NSTLE_22%3ATrue%23SF_RN_122019%3ATrue%23TGNAF_21%3ATrue%23TRGT_022020%3ATrue%23TYTA_22%3ATrue%23VITFM_21%3ATrue%22%2C%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22cafemedia.com%22%2C%22segment%22%3A%5B%7B%22id%22%3A%221%22%7D%5D%2C%22ext%22%3A%7B%22segtax%22%3A6%7D%7D%5D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A6%2C%22msi%22%3A6%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.18.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fmail.notateslaapp.com%2F%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A1%2C%22dms%22%3Atrue%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22%2F18190176%2FAdThrive_Below_Post_1%2F6086f736fa0c1f0c8270ab14%22%2C%22adunitcode%22%3A%22AdThrive_Below_Post_1_desktop%22%2C%22divId%22%3A%22AdThrive_Below_Post_1_desktop%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22485d9a6cc82a7074%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22404596%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22185759%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22404596%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22404596%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22404596%22%7D%7D%2C%7B%22w%22%3A468%2C%22h%22%3A60%2C%22ext%22%3A%7B%22siteID%22%3A%22404596%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22404596%22%7D%7D%2C%7B%22w%22%3A1%2C%22h%22%3A1%2C%22ext%22%3A%7B%22siteID%22%3A%22404596%22%7D%7D%5D%2C%22pos%22%3A1%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F18190176%2FAdThrive_Below_Post_1%2F6086f736fa0c1f0c8270ab14%22%2C%22gpid%22%3A%22%2F18190176%2FAdThrive_Below_Post_1%2F6086f736fa0c1f0c8270ab14%22%2C%22tid%22%3A%220737ee27-c782-4413-acc3-8ddddc74161a%22%2C%22sid%22%3A%221_2%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22cafemedia.com%22%2C%22sid%22%3A%226086f736fa0c1f0c8270ab14%22%2C%22hp%22%3A1%2C%22rid%22%3A%22f8ac33f9-162a-4aa6-85cf-fe6c1befb563%22%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%7D%5D%7D%5D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6ba55ab927f6d4a909ab2b23117028fb5215e47875b1d06a25e957ca313a1f9

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mSFemDqCZ2lM9UT4l52EGaNc5u3daP8poDGxhUt0A6z6D9QdNsq8Aln1DMKqAx9jA%2BuSe11juKk9XbsV5swJ0KiIp68qwGtEBBNHIEA%2FYwaYUN1nlw1szZ%2BDRWTcu8NdR4BHnzyn"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7757b4bf4fa0b3bf-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38
expires
0
bid
krk.kargo.com/api/v2/
2 B
656 B
XHR
General
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%2264aa31a5-eca6-4058-bd8c-7b39543aa4ad%22%2C%22requestCount%22%3A8%2C%22timeout%22%3A2800%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1670357857132%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%2248888717265a80a2%22%3A%22_mfu14jCkaN%22%7D%2C%22bidSizes%22%3A%7B%2248888717265a80a2%22%3A%5B%5B300%2C250%5D%2C%5B320%2C50%5D%2C%5B336%2C280%5D%2C%5B320%2C100%5D%2C%5B468%2C60%5D%2C%5B250%2C250%5D%2C%5B1%2C1%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_mfu14jCkaN%22%7D%2C%22auctionId%22%3A%228ca91320-20c5-4cec-a37f-94b26654769d%22%2C%22floorData%22%3A%7B%22skipped%22%3Atrue%2C%22skipRate%22%3A10%2C%22modelVersion%22%3A%22cw-cafemedia%402022-12-05-20%22%2C%22modelWeight%22%3A70%2C%22modelTimestamp%22%3A1670270400%2C%22location%22%3A%22setConfig%22%2C%22floorProvider%22%3A%22rubicon%22%7D%2C%22userId%22%3A%7B%22pubcid%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%7D%2C%22userIdAsEids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%2C%22atype%22%3A1%7D%5D%7D%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22data%22%3A%7B%22pos%22%3A%22atf%22%2C%22adserver%22%3A%7B%22name%22%3A%22gam%22%2C%22adslot%22%3A%22%2F18190176%2FAdThrive_Below_Post_1%2F6086f736fa0c1f0c8270ab14%22%7D%2C%22pbadslot%22%3A%22%2F18190176%2FAdThrive_Below_Post_1%2F6086f736fa0c1f0c8270ab14%22%7D%2C%22tid%22%3A%220737ee27-c782-4413-acc3-8ddddc74161a%22%2C%22gpid%22%3A%22%2F18190176%2FAdThrive_Below_Post_1%2F6086f736fa0c1f0c8270ab14%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B320%2C50%5D%2C%5B336%2C280%5D%2C%5B320%2C100%5D%2C%5B468%2C60%5D%2C%5B250%2C250%5D%2C%5B1%2C1%5D%5D%2C%22pos%22%3A1%7D%7D%2C%22adUnitCode%22%3A%22AdThrive_Below_Post_1_desktop%22%2C%22transactionId%22%3A%220737ee27-c782-4413-acc3-8ddddc74161a%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B320%2C50%5D%2C%5B336%2C280%5D%2C%5B320%2C100%5D%2C%5B468%2C60%5D%2C%5B250%2C250%5D%2C%5B1%2C1%5D%5D%2C%22bidId%22%3A%2248888717265a80a2%22%2C%22bidderRequestId%22%3A%224872e6d34c607807%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22userId.init.gdpr%22%3A%5B0.09999942779541016%5D%2C%22userId.mod.init%22%3A%5B0.6999998092651367%2C1.6000003814697266%2C0.20000076293945312%2C0%2C3.6999998092651367%2C0.09999942779541016%2C0.8000001907348633%5D%2C%22userId.mods.connectId.init%22%3A%5B0.6999998092651367%5D%2C%22userId.mods.criteo.init%22%3A%5B1.6000003814697266%5D%2C%22userId.mods.id5Id.init%22%3A%5B0.20000076293945312%5D%2C%22userId.mods.identityLink.init%22%3A%5B0%5D%2C%22userId.mods.sharedId.init%22%3A%5B3.6999998092651367%5D%2C%22userId.mods.unifiedId.init%22%3A%5B0.09999942779541016%5D%2C%22userId.mods.fabrickId.init%22%3A%5B0.8000001907348633%5D%2C%22userId.init.modules%22%3A%5B9.5%5D%2C%22userId.callbacks.pending%22%3A%5B6269.800000190735%5D%2C%22userId.mod.callback%22%3A%5B86.89999961853027%2C971.8999996185303%2C877.6999998092651%2C1052.6999998092651%5D%2C%22userId.mods.sharedId.callback%22%3A%5B86.89999961853027%5D%2C%22userId.mods.identityLink.callback%22%3A%5B971.8999996185303%5D%2C%22userId.mods.fabrickId.callback%22%3A%5B877.6999998092651%5D%2C%22userId.mods.unifiedId.callback%22%3A%5B1052.6999998092651%5D%2C%22requestBids.usp%22%3A0.09999942779541016%2C%22requestBids.priceFloors%22%3A2%2C%22requestBids.userId%22%3A0.6000003814697266%2C%22requestBids.validate%22%3A2.5%2C%22requestBids.makeRequests%22%3A9.800000190734863%2C%22adapter.client.validate%22%3A0.10000038146972656%2C%22adapters.client.kargo.validate%22%3A0.10000038146972656%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22cafemedia.com%22%2C%22segment%22%3A%5B%7B%22id%22%3A%221%22%7D%5D%2C%22ext%22%3A%7B%22segtax%22%3A6%7D%7D%5D%7D%7D%7D%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22cafemedia.com%22%2C%22sid%22%3A%226086f736fa0c1f0c8270ab14%22%2C%22hp%22%3A1%2C%22rid%22%3A%22f8ac33f9-162a-4aa6-85cf-fe6c1befb563%22%7D%5D%7D%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%2C%22usp%22%3A%221---%22%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.notateslaapp.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.108.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-108-184.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:37 GMT
Content-Encoding
gzip
X-Accel-Expires
0
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://mail.notateslaapp.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
26
Expires
Thu, 01 Jan 1970 00:00:00 UTC
cdb
bidder.criteo.com/
18 B
318 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.18.0&cb=58282523791&lsavail=1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 20:17:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
auction
tlx.3lift.com/header/
19 B
741 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.18.0&referrer=https%3A%2F%2Fwww.notateslaapp.com%2F&tmax=2800&us_privacy=1---
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.146.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-146-96.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:37 GMT
accept-ch
sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness
x-auction-status
12
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
arj
cafemedia-d.openx.net/w/1.0/
190 B
199 B
XHR
General
Full URL
https://cafemedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.notateslaapp.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=0737ee27-c782-4413-acc3-8ddddc74161a&nocache=1670357857161&scsm=cafemedia.com%2F6%3A1&us_privacy=1---&pubcid=996b3fe4-cfc2-4673-b5fd-f5099e120d17&schain=1.0%2C1!cafemedia.com%2C6086f736fa0c1f0c8270ab14%2C1%2Cf8ac33f9-162a-4aa6-85cf-fe6c1befb563%2C%2C&aus=300x250%2C320x50%2C336x280%2C320x100%2C468x60%2C250x250%2C1x1&divids=AdThrive_Below_Post_1_desktop&aucs=%252F18190176%252FAdThrive_Below_Post_1%252F6086f736fa0c1f0c8270ab14&auid=538699862&tps=c2Vucz1hbGMsYXN0LGNiZCxjb25sLGNvc20sZGF0LGRsdSxkcmcsZ2FtYyxnYW12LGdycSxwb2wscmVsLHNzdCxzc3Isc3JoLHNrZSx0b2Isd3RsJmJ1Y2tldD1iZXRhMTpvdnJkJmhpX2F1PQ%3D%3D
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
c4e32c5372861f11185b57c491aacac964b320c83a7c3831cb2c638daa8ab81f

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:37 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
176
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/
0
63 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mail.notateslaapp.com
date
Tue, 06 Dec 2022 20:17:37 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/
20 KB
8 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9262&site_id=180726&zone_id=881394&size_id=15&alt_size_ids=1%2C14%2C16%2C43%2C117%2C221&p_pos=atf&us_privacy=1---&rp_schain=1.0,1!cafemedia.com,6086f736fa0c1f0c8270ab14,1,f8ac33f9-162a-4aa6-85cf-fe6c1befb563,,&eid_pubcid.org=996b3fe4-cfc2-4673-b5fd-f5099e120d17%5E1&rf=https%3A%2F%2Fwww.notateslaapp.com%2F&tg_i.iab=1&tg_i.site_code=AFOI_2020%2CCNST_2021%2CDDIG_21%2CDEOI_2021%2CDSVR_2021%2CEXHFCE_2021%2CFBSL_2022%2CGCREF%2CGLDM_2021%2CHRSHW_2022%2CMSFTA_2022%2CNSTLE_22%2CSF_RN_122019%2CTGNAF_21%2CTRGT_022020%2CTYTA_22%2CVITFM_21&tg_i.site_id=6086f736fa0c1f0c8270ab14&tg_i.sens=alc%2Cast%2Ccbd%2Cconl%2Ccosm%2Cdat%2Cdlu%2Cdrg%2Cgamc%2Cgamv%2Cgrq%2Cpol%2Crel%2Csst%2Cssr%2Csrh%2Cske%2Ctob%2Cwtl&tg_i.verticals=Auto%2CTech&tg_i.pmp_elig=true&tg_i.mcmp=iabc_1&tg_i.refresh=false&tg_i.vp=0&tg_i.pos=atf&tg_i.pbadslot=%2F18190176%2FAdThrive_Below_Post_1%2F6086f736fa0c1f0c8270ab14&tk_flint=pbjs_lite_v7.18.0&x_source.tid=0737ee27-c782-4413-acc3-8ddddc74161a&l_pb_bid_id=49868f64bbe1f0be&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F18190176%2FAdThrive_Below_Post_1%2F6086f736fa0c1f0c8270ab14&slots=1&rand=0.7669458970536183
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1f388e527f3c8a1030ab89bfdba9df23abd1b93f7070089d22968db8fdf8c6b8

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:37 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/
140 B
991 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.153 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
f648e51a4e7c84e4bccec40b87eade9ff8fdd6e4e9975263ea5dfde9c19b1b52
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:37 GMT
AN-X-Request-Uuid
8de33cbe-821d-4440-ba7b-d0f7d7db23b6
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mail.notateslaapp.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
38.132.118.73; 38.132.118.73; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
btlr.sharethrough.com/universal/
0
263 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.56.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-56-171.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:37 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/
0
263 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.56.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-56-171.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:37 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/
0
263 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.56.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-56-171.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:37 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
cafemedia
direct.adsrvr.org/bid/bidder/
0
405 B
XHR
General
Full URL
https://direct.adsrvr.org/bid/bidder/cafemedia
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.250.166.129 , United States, ASN26459 (TTD-ASN-01, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 20:17:36 GMT
x-openrtb-version
2.3
server
Kestrel
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
/
colossusssp.com/
2 B
248 B
XHR
General
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.111.123 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:37 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
truncated
/ Frame 2570
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6679dacee12b82125421209763f795ddf21d8acbf5cb9094e01e3efa0c821d8d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame FFB8
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss3f7bZjJEHOWM7Yk3O9HB9xG9GI2A_6j6CW4te9amOhkOjbvA073gv3iT7AIOUoI6hnzA5m_uLSNq_FSMSt55b4_r5yBtuArwkP4gBgXHTNj0ma1eBU10qIKjFtJ3oeJGHaqvP53Q5CL8wCOWj6DgXQfZyUe9OiIjUmKfy31f2OImaya2D1Cva7V_0cfAWTSOlzdh8bf6M0BqQ4twrsdLlAe199Y2p8M3hwcbS1T9TTx-t5IJrVd0erdrUC8MZvsBhvyRtvU8u0uZ73uQCoGgzcqfyAw7yl4rqOScYiCvxDID0BuyCrFl_7aPr4W3up8p4uVTJHPyPHxGxi9aP1Kx-QWnNTCsrVgmDJmQVn1Y8oeoNnQ&sai=AMfl-YTQRddFNT_mD40DTllnY72uA-kqwIFxSJXrFYImskKLLnYcDK6EFLvR4cdULIaMelhfemyS4eZxsJ_iBGDUSpNnDNx_cu83zD7NNpInuxoGLmMOsZYEVpA796Fnl4YMog&sig=Cg0ArKJSzKPQe6i0zUDuEAE&uach_m=[UACH]&adurl=
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
15842465133016810807
tpc.googlesyndication.com/simgad/ Frame FFB8
43 B
69 B
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/15842465133016810807
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 07:53:21 GMT
x-content-type-options
nosniff
age
563056
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
last-modified
Wed, 30 May 2018 18:01:52 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 30 Nov 2023 07:53:21 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame FFB8
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/window_focus_fy2021.js
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 00:36:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
70888
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Dec 2022 00:36:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FFB8
153 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47692
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670243872199174"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Dec 2022 20:17:37 GMT
l
www.google.com/ads/measurement/ Frame FFB8
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSkyRWQqahoPByhc9SD76Tfos3v2hAQFwWwpq45-gdCBYBFBUkNkjNmSqb0C0KWBiqY_h9YkwTuO3nHDhufWWpQhIkcjA
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

truncated
/ Frame FFB8
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63c09fdceddb600e6fbc240eafc1270be6e1735ec87086af1a643b4f6d4adcb4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/png
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=mail.notateslaapp.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
usersync
usersync.gumgum.com/ Frame B8EB
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LBCNXQNN-11-M5LE
  • https://usersync.gumgum.com/usersync?b=mag&i=LBCNXQNN-11-M5LE
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LBCNXQNN-11-M5LE
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:37 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LBCNXQNN-11-M5LE
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
2dd9fa24169fa04536d533da131679f8
Expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame 2570
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuh_JaMPMfxyNqVjWIn9wJXzG29KOoQ7kRGMbDpmhpljCg1SvVxGj3lq36jSCF3hLb338W28ZkfOKqVcJcli68tiin2ZX1Ise0d0fRrmAUzgFycY1WWsra5k7UAcd-D6a4s_pCMZKGZx18ouf21uMBJuq8iqBqiUdUWKL3yNQZKSOERcHRfJWJ-FaSSBpGVHquv4ETRxT6G0uZqX33QsFKC02lcPI0sYnQFJcohWXCzvH62YnjIC3ItHT_fhBPrOd14AHhlolXMivAuPjbcv8sJbPLu6dzqzcOui8h4oIWe5dKFFj1QE3QMkuBXdQRGxuB5ktXui5l9Zgg9qB0nvlVEHbzxkgylyn4xpz2CjI-A3PSW-7jA&sai=AMfl-YRf15tFX-YJ4rXLWag2L5J3j_FEwZ2gbDRV4M-ag9VP_EN7PneoG8Q0eWr2qrcob1jYukonazdAv323Lx7yO_qOJuwR6OyweLAp4iFHI_tVUAqtd6USke1yCTKz9o7WHw&sig=Cg0ArKJSzLzmM0sJ2YHIEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 06 Dec 2022 20:17:37 GMT
ads
securepubads.g.doubleclick.net/gampad/
22 KB
10 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1113482156589776&correlator=1829992647621185&eid=31070873%2C31071149&output=ldjh&gdfp_req=1&vrg=2022120101&ptt=17&impl=fifs&us_privacy=1---&tfcd=0&iu_parts=18190176%3A22569774571%2CAdThrive_Below_Post_1%2C6086f736fa0c1f0c8270ab14&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C320x50%7C336x280%7C320x100%7C468x60%7C250x250%7C1x1&fluid=height&ifi=9&adks=2876429743&didk=105913396&sfv=1-0-40&fsbs=1&prev_scp=location%3DBelow_Post%26sequence%3D1%26id%3DAdThrive_Below_Post_1_desktop%26ATF%3Dtrue%26lazy%3Dtrue%26inf_scroll%3D1%26refresh%3D00%26nref%3D0%26amznbid%3D2%26amznp%3D2%26flag_slot%3Dfv%253As%2Chbf%253A0%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D320x50%26hb_pb_rubicon%3D6.30%26hb_adid_rubicon%3D514967b44f463f2f%26hb_adomain%3Duhc.com%26hb_format%3Dbanner%26hb_size%3D320x50%26hb_pb%3D6.30%26hb_adid%3D514967b44f463f2f%26hb_bidder%3Drubicon&eri=5&cust_params=flag%3Dtarget%253Aes2018%252Cadsmnche%253A466%252Cpmp_elig%253A1%252Cclson%253Afalse%252CclsBranch%253A%252CclsBucket%253A%252Clmdv%253A1.13.0%252Cidp%253Ash%252Crf%253A0%26siteId%3D6086f736fa0c1f0c8270ab14%26organizationId%3D6233884d998a8b7088d720e4%26siteName%3DTesla%2520Software%2520Updates%26verticals%3DAuto%252CTech%26abgroup%3Dwvtls%253Aon%252Ctpcapi%253Aon%252Camzn_hold_load%253Aoff%252Cflr%253Arubi%252Cflrdt%253Anone%252Cclsins_ss%253Atrue%252Cebho%253Ayieldmo_ebda%252Cloglevel%253Aoff%252Cidho%253Aoff%252Clzhb%253Aon%252Clzcvp%253A2%252Clzbpvp%253A0.75%252Ctripleliftdr%253Aboth%252Cmagnitedr%253Aclient%252Cpbs2s_appnexus%253Aoff%252Cpbs2s_grid%253Aon%252Cpbs2s_gumgum%253Aoff%252Cpbs2s_openx%253Aoff%252Cadt%253A0%252Cito_ds%253A2800%252C3pho%253Anone%252Cvebho%253Amedianet_ebda%252Ccbt%253A0s%252Cvast_to%253A10s%252Cproto%253Aall%252Cpbm%253Aon%252CreqTo%253A10%252Cvadv%253Aon%252Csmhd100%253Aoff%252Csmad300%253Aon%252Cdcsll%253Aoff%252Cjwb%253Aon%252Cs2sbuff%253A300%252Ccoldr%253Aboth%252Crmos1%253Aoff%252Csocon%253A0%252Cdco%253Arelaxed%252Cmxrpog%253A5%252Cdajto%253Aoff%252Cvpred_1%253A90%252Ccrtvmon%253Aoff%252Cpba%253Anone%252Camzn_hold_disp%253Aoff%252Cbmetrics%253Aon%252Cconfiant%253Aprod%252Ccnfep%253Aon%252Crefvidflr%253A1%252Csocbe%253Asovpct2%252Clogcls%253Aoff%252Crebuildslot%253Aon%252Cupl%253Aoff%252Csekho%253Aoff%252Csospp%253Aon%252Crmosnv1%253Aoff%26bucket%3Dbeta1%253Aovrd%26sens%3Dalc%252Cast%252Ccbd%252Cconl%252Ccosm%252Cdat%252Cdlu%252Cdrg%252Cgamc%252Cgamv%252Cgrq%252Cpol%252Crel%252Csst%252Cssr%252Csrh%252Cske%252Ctob%252Cwtl%26domain%3Dmail.notateslaapp.com%26plugin%3Dadthrive-ads-1.0.43-manual%26hi_au%3Dod%252Com%26vpwxvph%3D1600x1200%26ri%3D38%26pvk%3D01GKMHC4ACP2NW24G3NES42JG8%26sess%3D01GKMHC4AC8WZPTG7R81MC0H70%26branch%3Db1d93de%26deployment%3Dade-454%253Apr2851%253Abeta1%253Ab1d93de%253Aexp%26hbho%3Dconversant%252Cnativo%26vbho%3Dtelaria%26gptv%3D2022120101%26connection%3Dniet%253A4g%252Cdl%253A9.9%26fpv%3D1%26mcmp%3Diabc_1%26site_code%3DAFOI_2020%252CCNST_2021%252CDDIG_21%252CDEOI_2021%252CDSVR_2021%252CEXHFCE_2021%252CFBSL_2022%252CGCREF%252CGLDM_2021%252CHRSHW_2022%252CMSFTA_2022%252CNSTLE_22%252CSF_RN_122019%252CTGNAF_21%252CTRGT_022020%252CTYTA_22%252CVITFM_21%26marmalade%3Dtrue&sc=1&cookie=ID%3De62bfd75286d4a2b%3AT%3D1670357852%3AS%3DALNI_MbSa04HuTLtbY88nOYthFcT--Ucmw&gpic=UID%3D00000577a16016cd%3AT%3D1670357852%3ART%3D1670357852%3AS%3DALNI_Mbd4xPtJQ67_8GMrAXmZnHbaXvf7Q&abxe=1&dt=1670357857751&dlt=1670357846833&idt=1993&adxs=430&adys=7200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fmail.notateslaapp.com%2F&frm=20&vis=1&psz=660x609&msz=660x250&fws=0&ohw=0&psts=AMjMPc1mjJ2mvMkpawzY4PTaCwJKkPvjbHbPz3rZTKLnfAiLGNtVeFLrcnlhoqpdpwjKJW4PkDbft7NgKwaJbo-UczwWYS0U7aCbmQ%2CAMjMPc0ejTN65aBuLIOuiXOjG3gy6i82jUGYxYarG_YFVH4VNOmmACxGijThxBqFTT74alCKYjv9QnQAyAs4vAvdPV8-jT8WthuZtQ%2CAMjMPc1Tp5EryoFxCaJBS4deUs4WaxITftYRGcsdqhNRjBwsfw_Y-q3FpIaayMrKpY1J9FWNyg58hnUHrUt4D7H95EAFXFXUhk_Kdw%2CAMjMPc0nPVCHjSLdnf-6VSWJOKk5avE2Va28iPTnHXZ44ywoHp-MSNK--g6IpRx2AZZTWrC_lGnLfecDtjovHT6ZGDTko7enOku7Kg%2CAMjMPc0hthzr3NYibb930e5TMb9HDOht4EDQ2XSZ0UTrYI_UX5R8rGqnmaQWZlT_732tQeQp8Nt427VV0_HlqkJDzust2tKzxXUzMw&ga_vid=355545597.1670357848&ga_sid=1670357851&ga_hid=1721253892&ga_fc=true&cbidsp=Ct0ECAESEQoIdHJpcGxfc3MQ9wIgAjgCEg0KBGdyaWQQ9wIgAjgCEhMKCmJyaWdodHJvbGwQ9wIgAjgCEhAKB3B1Ym1fc3MQ9wIgAjgCEhAKB3lpZWxkbW8Q9wIgAjgCEhEKCDMzYWNyb3NzEPcCIAI4AhIPCgZ1bnJ1bHkQ9wIgAjgCEg8KBmNvbF9zcxD3AiACOAISDAoFdGVhZHMQzgIgAhIJCgJpeBDTAiACEgkKAml4ENMCIAISDAoFa2FyZ28QqQIgAhINCgZjcml0ZW8QvwIgAhIRCgp0cmlwbGVsaWZ0EMcCIAISDAoFb3BlbngQkwIgAhIPCghwdWJtYXRpYxCMAiACErUBCgdydWJpY29uEN8CGqQBChA1MTQ5NjdiNDRmNDYzZjJmEMCXhAMaA1VTRCIJaGJfYmlkZGVyIgdoYl9hZGlkIgVoYl9wYiIHaGJfc2l6ZSIJaGJfZm9ybWF0IgpoYl9hZG9tYWluIg9oYl9hZGlkX3J1Ymljb24iDWhiX3BiX3J1Ymljb24iD2hiX3NpemVfcnViaWNvbiIRaGJfZm9ybWF0X3J1Ymljb24oAToFCMACEDIgARIPCghhcHBuZXh1cxC9AiACEhMKDHNoYXJldGhyb3VnaBDAAiACEhMKDHNoYXJldGhyb3VnaBDAAiACEhMKDHNoYXJldGhyb3VnaBDAAiACEgoKA3R0ZBC9AiACEg8KCGNvbG9zc3VzELwCIAIYAiIkMDczN2VlMjctYzc4Mi00NDEzLWFjYzMtOGRkZGRjNzQxNjFhKgQIAyAASgBAxBM.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2e9089d4560e7ece4ae0bb6c6dfcc5a760aa50729da005b1eabcf2ed67f3cce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9777
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9515
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssRmiRMKle1CVTE-6sy3m-IUMzSTkxigjmOMWGAQU6bEtWqbgWgbhY77DoRlfBc2XnvaTXFOXiarC4o0oHpL_Zywhh800KhDfK4aXr72YuhivZ6mc4eVSI05yociIRgFmcSKtMZPDfBGsOIQxpx0phoTmUw2iO_i2k&sai=AMfl-YS8WNhJ6qsxbdilGnX8_bPGVowXiwjohd2bTiagzvR5HG9WXZ1WAwAyVKShQEXP7ByMBr7iXerDsbqc26lAr7cdtGmD17Kt8LFd_St07ZcYzSgPA4ZEnTaFLce7duNZsOJgwRTlxmKTFj0eikk&sig=Cg0ArKJSzKkWul05ZBYSEAE&cid=CAQSSwDq26N95xnz3Vli8jd_YZX4lPGKbuupF37elhPulqTEg0rNPGRtKGMwAVppvvD1MWgp1D94IwYbMaHYrmqpBXPaZ9sDNS4oMq7vDhgBIBM&id=ampim&o=315,105&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1180&mtos=0,0,0,1180,1180&tos=0,0,0,1180,0&tfs=3931&tls=5111&g=100&h=100&tt=5111&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame FFB8
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsugbmQhjBNTllTy3akySKtp8dDgOfmEJXqzXDtSdGmF0G7hqMOuaxVGOXzYdSqekVuN0beOLYlSXdx_gNdndCcLeK0TSuiOorIRjxZ7p2KGN0V5KUGnkMmwoC75XAskPqAWJu8fZ9vaJdTXOpa_O1-frWXLTKOz2zbgrxftwu83CwM0sODTeOECWFnUF5fbLnCIruI9nPaK-EaUCwLYklUMBYpoq5KKHWVLlkWKzRtqlYD8qw5vkdsOnZLU19hJdORIUqQH-fK4LDANlQ2nYMmQ7Rk6FlwWcczvve80RrkxWKF9OGm6TgpUutmp1_4nC9iFFPzQs2LjPD4T--WthK18iX0cncTb_aLSQg1AuBF58qjZVT2p&sai=AMfl-YSs7Bu3GZ6SQeCEi4q9PKYFpyBm-WJWfxG6gQa-2BmN-u52h3yHyKCjvSKHHPXIRVG_pvpbZ0nWQQW4hqpnu_uXY2_JalIeytiiouYft1EsaRjUg8rJKfyHnydBFgZLTw&sig=Cg0ArKJSzLCZ0eaRmVj8EAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 06 Dec 2022 20:17:38 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4001
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuWuhXUXFKKIlMIvgrkbSF2cZgmjRiYowFM41p60hdXHecEL-V-5L_rnb-KSYkGq1rhKvrANJKHeQsdlKi6PN6vujHJsuOJ6dVVOc8qZRRFdKWzENsYpHHPRBnhz44AXikGnOPVzbtbDgHSVXSmFBqHEWBPvQp2wkQ7rbBn2vqqoZJy7yeGW0o67hSRoD5smbGRuYTfXPh15fM6Kxg03rL5dc2LZRV-aFPJeNptvPPWR5D_boenDxBZrSF9QNclrQP40kRc8gT89FQ96Q0OB_EVZnq3lAbC_aQI2-J7YpCQuED-5o4J7q79nfwOQwCc4JYkMPYfKwwqhKI19MrXkwmJldg7utza41OVRQ9SJREQdmRS3hqa01iGlNFsdX1TbxugaTaryw_ifbhUxdDxowmUaO2PpVLqP3Z9SrDzLKaqeSEUq4qINyEXbE4qg1oHaH4FRhN_qlxRiyAchERO-SASf77w0tpON8w4R8NY5I6uRyuWxCJeUnJuHEZgRiM3fwtqSBEfbfeLLNsuUnf89ra5C5UX3m34qpnimvcC0r_Bmegebn52VyibpWYOv8Nvf-GsPUXPd57TwhYiHA98nCcy9dniV79V9Z9RbnR3pdQJxctHySUA6_jzIdfOoFO6mfoVkqPIaNKSFNKJsjeXUzsIyxvYA22S46kqfqJi-nHZBchETFTmAMBQnXHQnF2RXL6ECMgNnOTyEwS1MtC7luLuqdN1g_G88_BhdafozIywh2rNM3nfjfqRW1zZNbU7ohteHxPJg-BheNVjjCTwlUICamcww7idEKXRzXdutqpCNVhXwQlxT7Kxhrce4zoxMk9T3ePPaR7tLgToci52-HSDy19AHx2tZ2Sjz-UPo3priWAd0qv0mPqTxUfER9Qj5hTt8mMDBAI8M-c6GlC0iy3Y5dWI6h4TVf66Du4bSAsHuk1CfaUEviFmsXi564TatobWV2D3EtivVfLW7OBqb46dNR8Izke5iJErBzwsgOlNh-oT07rRVNcCxbr_HZ3aH42lF5GUJl5ZaGYPwQVtYsHIb8w2D3gHg53jh29CXgktukiDlEyjkJvleAPoiG5SxJA&sai=AMfl-YSb_d0PDIvFZo02DqOEljcWtINrXVM2EH586vwo1qfjst56bRUSjkfFs262G9s08WTMB6IdtnFmhq4auU4MN2mUlROyUxJn2ucn8k0kQuPQ7KINAjPLXB025AISN46IA0GHu63vZFE6l6Ph&sig=Cg0ArKJSzBr2monXmVFMEAE&cid=CAQSPADq26N9_RGkHfqEiVw2hkledM0Le23qWUnyqmi_zVirmDBQz2NbqDPh8b2ZgLg1JJdVcQPM_4vTs0-sVRgBIBM&id=ampim&o=240,917&d=120,240&ss=1600,1200&bs=1600,1200&mcvt=1050&mtos=0,0,1050,1050,1050&tos=0,0,1050,0,0&tfs=3100&tls=4150&g=100&h=100&tt=4150&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=mail.notateslaapp.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
29 KB
13 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1113482156589776&correlator=3246375354319195&eid=31070873%2C31071149&output=ldjh&gdfp_req=1&vrg=2022120101&ptt=17&impl=fifs&us_privacy=1---&tfcd=0&iu_parts=18190176%3A22569774571%2CAdThrive_Content_4%2C6086f736fa0c1f0c8270ab14&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C320x50%7C336x280%7C300x50%7C320x100%7C468x60%7C250x250%7C1x1%7C300x300%7C552x334&fluid=height&ifi=10&adks=978145740&didk=2049825692&sfv=1-0-40&fsbs=1&prev_scp=location%3DContent%26sequence%3D4%26id%3DAdThrive_Content_4_desktop%26lazy%3Dtrue%26inf_scroll%3D1%26refresh%3D00%26nref%3D0%26amznbid%3D2%26amznp%3D2%26flag_slot%3Dfv%253A2%2Chbf%253A0&eri=5&cust_params=flag%3Dtarget%253Aes2018%252Cadsmnche%253A466%252Cpmp_elig%253A1%252Cclson%253Afalse%252CclsBranch%253A%252CclsBucket%253A%252Clmdv%253A1.13.0%252Cidp%253Ash%252Crf%253A0%26siteId%3D6086f736fa0c1f0c8270ab14%26organizationId%3D6233884d998a8b7088d720e4%26siteName%3DTesla%2520Software%2520Updates%26verticals%3DAuto%252CTech%26abgroup%3Dwvtls%253Aon%252Ctpcapi%253Aon%252Camzn_hold_load%253Aoff%252Cflr%253Arubi%252Cflrdt%253Anone%252Cclsins_ss%253Atrue%252Cebho%253Ayieldmo_ebda%252Cloglevel%253Aoff%252Cidho%253Aoff%252Clzhb%253Aon%252Clzcvp%253A2%252Clzbpvp%253A0.75%252Ctripleliftdr%253Aboth%252Cmagnitedr%253Aclient%252Cpbs2s_appnexus%253Aoff%252Cpbs2s_grid%253Aon%252Cpbs2s_gumgum%253Aoff%252Cpbs2s_openx%253Aoff%252Cadt%253A0%252Cito_ds%253A2800%252C3pho%253Anone%252Cvebho%253Amedianet_ebda%252Ccbt%253A0s%252Cvast_to%253A10s%252Cproto%253Aall%252Cpbm%253Aon%252CreqTo%253A10%252Cvadv%253Aon%252Csmhd100%253Aoff%252Csmad300%253Aon%252Cdcsll%253Aoff%252Cjwb%253Aon%252Cs2sbuff%253A300%252Ccoldr%253Aboth%252Crmos1%253Aoff%252Csocon%253A0%252Cdco%253Arelaxed%252Cmxrpog%253A5%252Cdajto%253Aoff%252Cvpred_1%253A90%252Ccrtvmon%253Aoff%252Cpba%253Anone%252Camzn_hold_disp%253Aoff%252Cbmetrics%253Aon%252Cconfiant%253Aprod%252Ccnfep%253Aon%252Crefvidflr%253A1%252Csocbe%253Asovpct2%252Clogcls%253Aoff%252Crebuildslot%253Aon%252Cupl%253Aoff%252Csekho%253Aoff%252Csospp%253Aon%252Crmosnv1%253Aoff%26bucket%3Dbeta1%253Aovrd%26sens%3Dalc%252Cast%252Ccbd%252Cconl%252Ccosm%252Cdat%252Cdlu%252Cdrg%252Cgamc%252Cgamv%252Cgrq%252Cpol%252Crel%252Csst%252Cssr%252Csrh%252Cske%252Ctob%252Cwtl%26domain%3Dmail.notateslaapp.com%26plugin%3Dadthrive-ads-1.0.43-manual%26hi_au%3Dod%252Com%26vpwxvph%3D1600x1200%26ri%3D38%26pvk%3D01GKMHC4ACP2NW24G3NES42JG8%26sess%3D01GKMHC4AC8WZPTG7R81MC0H70%26branch%3Db1d93de%26deployment%3Dade-454%253Apr2851%253Abeta1%253Ab1d93de%253Aexp%26hbho%3Dconversant%252Cnativo%26vbho%3Dtelaria%26gptv%3D2022120101%26connection%3Dniet%253A4g%252Cdl%253A9.9%26fpv%3D1%26mcmp%3Diabc_1%26site_code%3DAFOI_2020%252CCNST_2021%252CDDIG_21%252CDEOI_2021%252CDSVR_2021%252CEXHFCE_2021%252CFBSL_2022%252CGCREF%252CGLDM_2021%252CHRSHW_2022%252CMSFTA_2022%252CNSTLE_22%252CSF_RN_122019%252CTGNAF_21%252CTRGT_022020%252CTYTA_22%252CVITFM_21%26marmalade%3Dtrue&sc=1&cookie=ID%3De62bfd75286d4a2b%3AT%3D1670357852%3AS%3DALNI_MbSa04HuTLtbY88nOYthFcT--Ucmw&gpic=UID%3D00000577a16016cd%3AT%3D1670357852%3ART%3D1670357852%3AS%3DALNI_Mbd4xPtJQ67_8GMrAXmZnHbaXvf7Q&abxe=1&dt=1670357858722&dlt=1670357846833&idt=1993&adxs=430&adys=6497&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=6&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fmail.notateslaapp.com%2F&frm=20&vis=1&psz=660x7075&msz=660x250&fws=0&ohw=0&psts=AMjMPc1mjJ2mvMkpawzY4PTaCwJKkPvjbHbPz3rZTKLnfAiLGNtVeFLrcnlhoqpdpwjKJW4PkDbft7NgKwaJbo-UczwWYS0U7aCbmQ%2CAMjMPc0ejTN65aBuLIOuiXOjG3gy6i82jUGYxYarG_YFVH4VNOmmACxGijThxBqFTT74alCKYjv9QnQAyAs4vAvdPV8-jT8WthuZtQ%2CAMjMPc1Tp5EryoFxCaJBS4deUs4WaxITftYRGcsdqhNRjBwsfw_Y-q3FpIaayMrKpY1J9FWNyg58hnUHrUt4D7H95EAFXFXUhk_Kdw%2CAMjMPc0nPVCHjSLdnf-6VSWJOKk5avE2Va28iPTnHXZ44ywoHp-MSNK--g6IpRx2AZZTWrC_lGnLfecDtjovHT6ZGDTko7enOku7Kg%2CAMjMPc0hthzr3NYibb930e5TMb9HDOht4EDQ2XSZ0UTrYI_UX5R8rGqnmaQWZlT_732tQeQp8Nt427VV0_HlqkJDzust2tKzxXUzMw&ga_vid=355545597.1670357848&ga_sid=1670357851&ga_hid=1721253892&ga_fc=true&cbidsp=CvcDCAESEQoIdHJpcGxfc3MQ9BMgAjgCEg0KBGdyaWQQ9BMgAjgCEhMKCmJyaWdodHJvbGwQ9BMgAjgCEhAKB3B1Ym1fc3MQ9BMgAjgCEhAKB3lpZWxkbW8Q9BMgAjgCEhEKCDMzYWNyb3NzEPQTIAI4AhIPCgZ1bnJ1bHkQ8RMgAjgCEg8KBmNvbF9zcxDxEyACOAISDAoFdGVhZHMQ_AcgAhIJCgJpeBD2ByACEgkKAml4EPYHIAISCQoCaXgQ9gcgAhIJCgJpeBD2ByACEgkKAml4EPYHIAISCQoCaXgQ9gcgAhIJCgJpeBD2ByACEgkKAml4EPYHIAISDAoFa2FyZ28Q8AcgAhINCgZjcml0ZW8Q6QcgAhIRCgp0cmlwbGVsaWZ0EOAHIAISDAoFb3BlbngQ5AcgAhIPCghwdWJtYXRpYxDkByACEg4KB3J1Ymljb24Q4wcgAhIPCghhcHBuZXh1cxDjByACEhMKDHNoYXJldGhyb3VnaBCyCCACEhMKDHNoYXJldGhyb3VnaBCyCCACEhMKDHNoYXJldGhyb3VnaBCyCCACEgoKA3R0ZBCwCCACEg8KCGNvbG9zc3VzELAIIAIYAiIkMDI3ZWE2Y2UtYzBkMy00MWQ1LTlhMjAtYzdkOGU3MTJjYjgyKgQIAyAASgBAxBM.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e85eb299ab524fe79fa27ae644cf8e50c840719e968c77ff35b9b22d7c4ae7dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12810
x-xss-protection
0
google-lineitem-id
5139771563
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138248453531
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
event
prebid-a.rubiconproject.com/
0
125 B
XHR
General
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.241.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-241-248.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 06 Dec 2022 20:17:39 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ Frame
0
0
Preflight
General
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.241.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-241-248.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mail.notateslaapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Tue, 06 Dec 2022 20:17:39 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/
0
125 B
XHR
General
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.241.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-241-248.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 06 Dec 2022 20:17:39 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ Frame
0
0
Preflight
General
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.241.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-241-248.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mail.notateslaapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Tue, 06 Dec 2022 20:17:39 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/
0
125 B
XHR
General
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.241.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-241-248.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 06 Dec 2022 20:17:40 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ Frame
0
0
Preflight
General
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.241.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-241-248.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mail.notateslaapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Tue, 06 Dec 2022 20:17:40 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/
0
125 B
XHR
General
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.241.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-241-248.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 06 Dec 2022 20:17:41 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ Frame
0
0
Preflight
General
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.241.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-241-248.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mail.notateslaapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Tue, 06 Dec 2022 20:17:41 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 235C
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.221.203.12 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-203-12.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://mail.notateslaapp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157716
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 06 Dec 2022 20:17:42 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 08 Dec 2022 16:06:18 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1-...
  • https://sync.targeting.unrulymedia.com/csync/RX-a2d0274a-909f-4f09-a395-d674db312b81-005?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%...
  • https://prebid-server.rubiconproject.com/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=1---&account=&f=i&uid=RX-a2d0274a-909f-4f09-a395-d674db312b81-005
86 B
901 B
Image
General
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=1---&account=&f=i&uid=RX-a2d0274a-909f-4f09-a395-d674db312b81-005
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Server
3.89.34.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-89-34-248.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Tue, 06 Dec 2022 20:17:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
expires
0

Redirect headers

Date
Tue, 06 Dec 2022 20:17:42 GMT
Server
Tengine
ETag
RXa2d0274a909f4f09a395d674db312b81005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://prebid-server.rubiconproject.com/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=1---&account=&f=i&uid=RX-a2d0274a-909f-4f09-a395-d674db312b81-005
Content-Type
text/html
Connection
keep-alive
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/rubiconprebidserver?gdpr=&euconsent=&us_privacy=1---&url=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dbrightroll%26gdpr%3D%26gdpr_consent%3D%2...
  • https://prebid-server.rubiconproject.com/setuid?bidder=brightroll&gdpr=&gdpr_consent=&us_privacy=1---&account=&f=i&uid=y-IMBadR5E2oK60JNU2KMNQh9TMMoyC.IcHnWQvh6hRPCQ9FsDjVV7dQ--~A
86 B
1 KB
Image
General
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=brightroll&gdpr=&gdpr_consent=&us_privacy=1---&account=&f=i&uid=y-IMBadR5E2oK60JNU2KMNQh9TMMoyC.IcHnWQvh6hRPCQ9FsDjVV7dQ--~A
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Server
3.89.34.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-89-34-248.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Tue, 06 Dec 2022 20:17:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
expires
0

Redirect headers

date
Tue, 06 Dec 2022 20:17:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://prebid-server.rubiconproject.com/setuid?bidder=brightroll&gdpr=&gdpr_consent=&us_privacy=1---&account=&f=i&uid=y-IMBadR5E2oK60JNU2KMNQh9TMMoyC.IcHnWQvh6hRPCQ9FsDjVV7dQ--~A
content-length
0
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dconversant%26gdpr%3D%26gdpr_consent%3D%26us_pr...
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=1b8565b089151620&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dcon...
  • https://prebid-server.rubiconproject.com/setuid?bidder=conversant&gdpr=&gdpr_consent=&us_privacy=1---&account=&f=i&uid=AAABxP7F2w1RCwN4-IgnAAAAAAA&expiration=1670444264&is_secure=true
86 B
1 KB
Image
General
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=conversant&gdpr=&gdpr_consent=&us_privacy=1---&account=&f=i&uid=AAABxP7F2w1RCwN4-IgnAAAAAAA&expiration=1670444264&is_secure=true
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Server
3.89.34.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-89-34-248.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Tue, 06 Dec 2022 20:17:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
expires
0

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:44 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://prebid-server.rubiconproject.com/setuid?bidder=conversant&gdpr=&gdpr_consent=&us_privacy=1---&account=&f=i&uid=AAABxP7F2w1RCwN4-IgnAAAAAAA&expiration=1670444264&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=1---&redirectUri=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D...
  • https://prebid-server.rubiconproject.com/setuid?bidder=yieldmo&account=&f=i&uid=gc5be86089e62789db8b&gdpr=&gdpr_consent=&us_privacy=1---
86 B
1 KB
Image
General
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=yieldmo&account=&f=i&uid=gc5be86089e62789db8b&gdpr=&gdpr_consent=&us_privacy=1---
Requested by
Host: mail.notateslaapp.com
URL: https://mail.notateslaapp.com/
Protocol
H2
Server
3.89.34.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-89-34-248.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Tue, 06 Dec 2022 20:17:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
expires
0

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:44 GMT
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://prebid-server.rubiconproject.com/setuid?bidder=yieldmo&account=&f=i&uid=gc5be86089e62789db8b&gdpr=&gdpr_consent=&us_privacy=1---
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
sync
eb2.3lift.com/ Frame 5945
1 KB
2 KB
Document
General
Full URL
https://eb2.3lift.com/sync?us_privacy=1---&
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
331960c478cb980624cdd4781e1cd57d8b4d1590034153d0c9b223a5299ed8b0

Request headers

Referer
https://mail.notateslaapp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1324
content-type
text/html; charset=utf-8
date
Tue, 06 Dec 2022 20:17:44 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pd
us-u.openx.net/w/1.0/ Frame 128C
711 B
467 B
Document
General
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=6585c845-3352-4cde-9ab7-778c3d7b7585&gdpr=0&us_privacy=1---
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
7c223edc3992be2228ac26b845ad904ea5c3dcce8dde45e7c4039d43e31dffe2

Request headers

Referer
https://mail.notateslaapp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
448
content-type
text/html
date
Tue, 06 Dec 2022 20:17:44 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
syncframe
gum.criteo.com/ Frame 1D52
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=criteoPrebidAdapter&topUrl=www.notateslaapp.com&us_privacy=1---
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
d495b605d874fff6c44230b7a0fcea83f8939d7b8c852a68e1673d9569ef9100
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mail.notateslaapp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 20:17:43 GMT
server
Kestrel
server-processing-duration-in-ticks
463108
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame E6A1
1 KB
2 KB
Document
General
Full URL
https://eb2.3lift.com/sync?us_privacy=1---&
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
331960c478cb980624cdd4781e1cd57d8b4d1590034153d0c9b223a5299ed8b0

Request headers

Referer
https://mail.notateslaapp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1324
content-type
text/html; charset=utf-8
date
Tue, 06 Dec 2022 20:17:44 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F6D0
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157347&us_privacy=1---
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.221.203.12 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-203-12.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://mail.notateslaapp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157714
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 06 Dec 2022 20:17:44 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 08 Dec 2022 16:06:18 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 3507
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.3.115.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-115-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://mail.notateslaapp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 06 Dec 2022 20:17:44 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
usersync.html
cdn.undertone.com/js/ Frame ADA7
9 KB
3 KB
Document
General
Full URL
https://cdn.undertone.com/js/usersync.html?ccpa=1---
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2191:fc00:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
629d62adfad8d2674fb6b83a8ba85e3d76dd9f0e63a7a51b5753d0ea223af396

Request headers

Referer
https://mail.notateslaapp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
42489
content-encoding
gzip
content-type
text/html
date
Tue, 06 Dec 2022 08:29:37 GMT
etag
W/"5622b32305c47b2be916a6c424eed515"
last-modified
Mon, 07 Nov 2022 14:19:07 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 71f1cca040033ebffc591cf9392d1528.cloudfront.net (CloudFront)
x-amz-cf-id
xVpOJcQ73hy2bOpWiytKAQhY9ZAI8MXpOgfOInSSyIo36gMxsjpnQw==
x-amz-cf-pop
IAD89-C1
x-amz-replication-status
COMPLETED
x-amz-version-id
FcgX1qjTYQoJcn.Q.j6.Q9icc5uN_Nnv
x-cache
Hit from cloudfront
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B705
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157347&us_privacy=1---
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.221.203.12 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-203-12.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://mail.notateslaapp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157714
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 06 Dec 2022 20:17:44 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 08 Dec 2022 16:06:18 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 6883
3 KB
1 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://mail.notateslaapp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
203
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7757b4f0a9a52286-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 06 Dec 2022 20:17:45 GMT
expires
Wed, 07 Dec 2022 00:17:45 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 4CDE
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.221.202.212 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-202-212.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mail.notateslaapp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 06 Dec 2022 20:17:45 GMT
ETag
"623de86a-cf34"
Expires
Wed, 07 Dec 2022 20:17:47 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 56CE
3 KB
2 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://mail.notateslaapp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
203
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7757b4f0a9ab2286-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 06 Dec 2022 20:17:45 GMT
expires
Wed, 07 Dec 2022 00:17:45 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid&us_privacy=1---
  • https://stags.bluekai.com/site/92145?id=b1d435b5-77d4-4214-8692-93c49c8f540c&redir=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D452%26ssp%3Dthemediagrid%26user_id%3D&limit=1
  • https://x.bidswitch.net/sync?dsp_id=452&ssp=themediagrid&user_id=
43 B
235 B
Image
General
Full URL
https://x.bidswitch.net/sync?dsp_id=452&ssp=themediagrid&user_id=
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 20:17:46 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:46 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
location
https://x.bidswitch.net/sync?dsp_id=452&ssp=themediagrid&user_id=
cache-control
max-age=0, no-cache, no-store
content-length
0
bk-server
3cf3
expires
Thu, 01 Dec 1994 16:00:00 GMT
155.gif
id5-sync.com/k/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=u_db53a96b-9455-4d40-85d9-23765280425c&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F434%2F8%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
  • https://id5-sync.com/c/441/434/8/2.gif?puid=8205d9cc-310c-4610-a63c-359c41781615&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F7%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/441/108/7/3.gif?puid=bf73b27f-b0e3-4b52-be1d-6c53fcb39798&gdpr=0&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-8ecbq4TvVHhIvZpG6uftSXWbGT0sPgb2CB3elwpomA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F6%2F4.gif%3Fpuid%3D...
  • https://id5-sync.com/cq/441/124/6/4.gif?puid=106821f5-3053-473b-bce8-72435f5b3091&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=20b9b72d-4be5-428b-b562-110fee7c8206&ttl=%%TTL%%
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F203%2F4%2F6.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/441/203/4/6.gif?puid=978fb9bb-8505-4b8e-83fb-878977f26f9c&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-8ecbq4TvVHhIvZpG6uftSXWbGT0sPgb2CB3elwpomA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F3%2F3%2F7.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/441/3/3/7.gif?puid=d460638f-a35f-4400-9851-98d66543df75&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F429%2F2%2F8.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/441/429/2/8.gif?puid=85DC2051-57CB-4AF5-8B38-9847A0099E99&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/441/2/1/9.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/441/2/1/9.gif?puid=630481314781216515&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
  • https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAA5dE7HH0cAAB-zaSXqQA
43 B
2 KB
Image
General
Full URL
https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAA5dE7HH0cAAB-zaSXqQA
Protocol
HTTP/1.1
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Tue, 06 Dec 2022 20:17:49 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"

Redirect headers

location
https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAA5dE7HH0cAAB-zaSXqQA
Date
Tue, 06 Dec 2022 20:17:50 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
ibs:dpid=903&dpuuid=20b9b72d-4be5-428b-b562-110fee7c8206
dpm.demdex.net/
Redirect Chain
  • https://match.adsrvr.org/track/usersync?us_privacy=1---&gdpr=0&gdpr_consent=undefined&ust=image
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=20b9b72d-4be5-428b-b562-110fee7c8206&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=20b9b72d-4be5-428b-b562-110fee7c8206&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=20b9b72d-4be5-428b-b562-110fee7c8206
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=903&dpuuid=20b9b72d-4be5-428b-b562-110fee7c8206
Protocol
HTTP/1.1
Server
54.149.113.230 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-113-230.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v041-074787a83.edge-usw2.demdex.com 4 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
6EuXl3vTTDQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:46 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dpm.demdex.net/ibs:dpid=903&dpuuid=20b9b72d-4be5-428b-b562-110fee7c8206
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
189
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://stx-match.dotomi.com/match/bounce/current?networkId=44410&version=1&nuid=2713539e-0a1b-4190-9dfd-efdcecb5be29&gdpr=0&gdpr_consent=
  • https://stx-match.dotomi.com/match/bounce/current?DotomiTest=7c1aa1afff940516&is_secure=true&networkId=44410&version=1&nuid=2713539e-0a1b-4190-9dfd-efdcecb5be29&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=XXFNqX2gk1rVb6Jw3xJ26afL&source_user_id=AAAHwrOir2IMdwMtFdFbAAAAAAA&expiration=1670444265&nuid=2713539e-0a1b-4190-9dfd-efdcecb5be29&is_secure=true&g...
68 B
280 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=XXFNqX2gk1rVb6Jw3xJ26afL&source_user_id=AAAHwrOir2IMdwMtFdFbAAAAAAA&expiration=1670444265&nuid=2713539e-0a1b-4190-9dfd-efdcecb5be29&is_secure=true&gdpr_consent=&gdpr=0
Protocol
H2
Server
3.92.113.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-113-255.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:45 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:45 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://match.sharethrough.com/sync/v1?source_id=XXFNqX2gk1rVb6Jw3xJ26afL&source_user_id=AAAHwrOir2IMdwMtFdFbAAAAAAA&expiration=1670444265&nuid=2713539e-0a1b-4190-9dfd-efdcecb5be29&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ed3ac098b3062d8146bb87e4d9926d4e1ff9cb6266da66b9878f55eeebd558db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11155
x-xss-protection
0
rum
cloudflareinsights.com/cdn-cgi/ Frame
0
0
Preflight
General
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mail.notateslaapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://mail.notateslaapp.com
access-control-max-age
86400
cf-ray
7757b4f0abf62275-MIA
content-encoding
gzip
content-type
text/plain
date
Tue, 06 Dec 2022 20:17:45 GMT
server
cloudflare
vary
Origin
x-content-type-options
nosniff
x-frame-options
DENY
rum
cloudflareinsights.com/cdn-cgi/ Frame
0
0
Preflight
General
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mail.notateslaapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://mail.notateslaapp.com
access-control-max-age
86400
cf-ray
7757b4f0abfe2275-MIA
content-encoding
gzip
content-type
text/plain
date
Tue, 06 Dec 2022 20:17:45 GMT
server
cloudflare
vary
Origin
x-content-type-options
nosniff
x-frame-options
DENY
rum
cloudflareinsights.com/cdn-cgi/
0
37 B
XHR
General
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
content-type
application/json

Response headers

date
Tue, 06 Dec 2022 20:17:45 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://mail.notateslaapp.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
7757b4f1be0e2275-MIA
rum
cloudflareinsights.com/cdn-cgi/
0
37 B
XHR
General
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
content-type
application/json

Response headers

date
Tue, 06 Dec 2022 20:17:45 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://mail.notateslaapp.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
7757b4f1be132275-MIA
rum
cloudflareinsights.com/cdn-cgi/
0
37 B
XHR
General
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
content-type
application/json

Response headers

date
Tue, 06 Dec 2022 20:17:45 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://mail.notateslaapp.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
7757b4f1be112275-MIA
rum
cloudflareinsights.com/cdn-cgi/ Frame
0
0
Preflight
General
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mail.notateslaapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://mail.notateslaapp.com
access-control-max-age
86400
cf-ray
7757b4f0ac002275-MIA
content-encoding
gzip
content-type
text/plain
date
Tue, 06 Dec 2022 20:17:45 GMT
server
cloudflare
vary
Origin
x-content-type-options
nosniff
x-frame-options
DENY
setuid
ib.adnxs.com/prebid/ Frame 5945
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=3483547462859989278829
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.153 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:45 GMT
AN-X-Request-Uuid
ffdbdaf2-cc62-4bcf-9049-ee898145f446
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
38.132.118.73; 38.132.118.73; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 5945
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=3483547462859989278829
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.153 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:45 GMT
AN-X-Request-Uuid
77e76fb3-43c1-4295-b265-a801a72e5966
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
38.132.118.73; 38.132.118.73; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 5945
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=MHbgFxllIZAxE2VBBjzy&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5JVEGEZ2GPBWGY...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=MHbgFxllIZAxE2VBBjzy
37 B
355 B
Image
General
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=MHbgFxllIZAxE2VBBjzy
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 06 Dec 2022 20:17:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:46 GMT
Content-Type
text/html; charset=utf-8
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=MHbgFxllIZAxE2VBBjzy
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 5945
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-824a6a55-1bc0-46ba-7fd6-a2b1740cbd21$ip$38.132.118.73&dongle=4430
37 B
355 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=2319&xuid=0-824a6a55-1bc0-46ba-7fd6-a2b1740cbd21$ip$38.132.118.73&dongle=4430
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 06 Dec 2022 20:17:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2319&xuid=0-824a6a55-1bc0-46ba-7fd6-a2b1740cbd21$ip$38.132.118.73&dongle=4430
Date
Tue, 06 Dec 2022 20:17:45 GMT
Connection
keep-alive
Content-Length
139
Content-Type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame 5945
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3690&xuid=d460638f-a35f-4400-9851-98d66543df75&dongle=3995&gdpr=0&gdpr_consent=
37 B
355 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=3690&xuid=d460638f-a35f-4400-9851-98d66543df75&dongle=3995&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 06 Dec 2022 20:17:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Tue, 06 Dec 2022 20:17:45 GMT
Server
MT3 180 1fd3e2d master ord-pixel-x11 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://eb2.3lift.com/xuid?mid=3690&xuid=d460638f-a35f-4400-9851-98d66543df75&dongle=3995&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 06 Dec 2022 20:17:44 GMT
xuid
eb2.3lift.com/ Frame 5945
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/trl
  • https://match.prod.bidr.io/cookie-sync/trl?_bee_ppp=1
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AAFOTE7HH0cAAB-TUbb8zw&dongle=bzwx
37 B
355 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=7255&xuid=AAFOTE7HH0cAAB-TUbb8zw&dongle=bzwx
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 06 Dec 2022 20:17:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=7255&xuid=AAFOTE7HH0cAAB-TUbb8zw&dongle=bzwx
Date
Tue, 06 Dec 2022 20:17:45 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame 5945
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=83&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3646&xuid=5083f967-d1e7-4042-bde6-612d6aebdf91-638fa369-5553&dongle=1fa5&gdpr=0&gdpr_consent=
37 B
355 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=3646&xuid=5083f967-d1e7-4042-bde6-612d6aebdf91-638fa369-5553&dongle=1fa5&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 06 Dec 2022 20:17:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:45 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://eb2.3lift.com/xuid?mid=3646&xuid=5083f967-d1e7-4042-bde6-612d6aebdf91-638fa369-5553&dongle=1fa5&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
xuid
eb2.3lift.com/ Frame 5945
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3702&xuid=b3e62e8c-aadf-47bc-b1b5-84d2640b9384&dongle=d54f&gdpr=0&gdpr_consent=
37 B
355 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=3702&xuid=b3e62e8c-aadf-47bc-b1b5-84d2640b9384&dongle=d54f&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 06 Dec 2022 20:17:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=3702&xuid=b3e62e8c-aadf-47bc-b1b5-84d2640b9384&dongle=d54f&gdpr=0&gdpr_consent=
Date
Tue, 06 Dec 2022 20:17:45 GMT
Connection
keep-alive
X-CI-RTID
f5b7fb28-5678-4423-a438-4f2babb385c3
Content-Length
149
Content-Type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame 5945
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?st=TRIPLELIFT&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6019%26xuid%3D_wfivefivec_%26dongle%3D465e%26gdpr=0%26gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&st=TRIPLELIFT&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6019%26xuid%3D_wfivefivec_%26dongle%3D465e%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=6019&xuid=GolBg5zi1P2EnT5&dongle=465e&gdpr=0&gdpr_consent=
37 B
355 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=6019&xuid=GolBg5zi1P2EnT5&dongle=465e&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 06 Dec 2022 20:17:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:45 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-08d378e5934974e48@us-east-1b@dxedge-app-us-east-1-prod-asg
Location
https://eb2.3lift.com/xuid?mid=6019&xuid=GolBg5zi1P2EnT5&dongle=465e&gdpr=0&gdpr_consent=
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 5945
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3657&xuid=Y4_jXQAB-6N2IwAo&dongle=3c0a&gdpr=0&gdpr_consent=
37 B
355 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=3657&xuid=Y4_jXQAB-6N2IwAo&dongle=3c0a&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 06 Dec 2022 20:17:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

x-served-by
cache-mia11360-MIA
pragma
no-cache
date
Tue, 06 Dec 2022 20:17:45 GMT
via
1.1 varnish
server
Varnish
x-timer
S1670357865.258274,VS0,VE0
x-cache
HIT
location
https://eb2.3lift.com/xuid?mid=3657&xuid=Y4_jXQAB-6N2IwAo&dongle=3c0a&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1721253892&t=event&ni=0&_s=1&dl=https%3A%2F%2Fmail.notateslaapp.com%2F&ul=en-us&de=UTF-8&dt=Tesla%20News%2C%20Latest%20Software%20Updates%2C%20Tesla%20Rumors%20and%20Tips&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll&ea=10%25%20Scroll&_u=aDDAAUABAAAAACAAI~&jid=527160436&gjid=202391764&cid=355545597.1670357848&tid=UA-145811549-1&_gid=1002999196.1670357848&_r=1&gtm=2wgbu0N44BWRL&z=1629793780
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N44BWRL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 06 Dec 2022 19:46:25 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
1880
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 06 Dec 2022 21:46:25 GMT
usync.js
eus.rubiconproject.com/ Frame 3507
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.3.115.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-115-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
646602d51b516d8e5462483f63a38e99d9960d569f04e1b67ed84a0cb748188a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 20:17:45 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Dec 2022 04:10:43 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=28398
Connection
keep-alive
Content-Length
10066
Expires
Wed, 07 Dec 2022 04:11:03 GMT
setuid
ib.adnxs.com/prebid/ Frame E6A1
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=3483547462859989278829
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.153 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:45 GMT
AN-X-Request-Uuid
ecea67ae-f129-43d5-a005-498403a2ff07
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
38.132.118.73; 38.132.118.73; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame E6A1
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=3483547462859989278829
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.153 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:45 GMT
AN-X-Request-Uuid
75edf84f-9c50-499a-b123-48479f0b2197
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
38.132.118.73; 38.132.118.73; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
xuid
eb2.3lift.com/ Frame E6A1
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=MHbgFxllIZAxE2VBBjzy&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5JVEGEZ2GPBWGY...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=MHbgFxllIZAxE2VBBjzy
37 B
355 B
Image
General
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=MHbgFxllIZAxE2VBBjzy
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 06 Dec 2022 20:17:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:46 GMT
Content-Type
text/html; charset=utf-8
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=MHbgFxllIZAxE2VBBjzy
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
xuid
eb2.3lift.com/ Frame E6A1
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-824a6a55-1bc0-46ba-7fd6-a2b1740cbd21$ip$38.132.118.73&dongle=4430
37 B
355 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=2319&xuid=0-824a6a55-1bc0-46ba-7fd6-a2b1740cbd21$ip$38.132.118.73&dongle=4430
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 06 Dec 2022 20:17:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2319&xuid=0-824a6a55-1bc0-46ba-7fd6-a2b1740cbd21$ip$38.132.118.73&dongle=4430
Date
Tue, 06 Dec 2022 20:17:45 GMT
Connection
keep-alive
Content-Length
139
Content-Type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame E6A1
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3690&xuid=d460638f-a35f-4400-9851-98d66543df75&dongle=3995&gdpr=0&gdpr_consent=
37 B
355 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=3690&xuid=d460638f-a35f-4400-9851-98d66543df75&dongle=3995&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 06 Dec 2022 20:17:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Tue, 06 Dec 2022 20:17:45 GMT
Server
MT3 180 1fd3e2d master ord-pixel-x14 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://eb2.3lift.com/xuid?mid=3690&xuid=d460638f-a35f-4400-9851-98d66543df75&dongle=3995&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 06 Dec 2022 20:17:44 GMT
xuid
eb2.3lift.com/ Frame E6A1
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/trl
  • https://match.prod.bidr.io/cookie-sync/trl?_bee_ppp=1
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AAA5dE7HH0cAAB-zaSXqQA&dongle=bzwx
37 B
355 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=7255&xuid=AAA5dE7HH0cAAB-zaSXqQA&dongle=bzwx
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 06 Dec 2022 20:17:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=7255&xuid=AAA5dE7HH0cAAB-zaSXqQA&dongle=bzwx
Date
Tue, 06 Dec 2022 20:17:45 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame E6A1
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=5083f967-d1e7-4042-bde6-612d6aebdf91-638fa369-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=5083f967-d1e7-4042-bde6-612d6aebdf91-638fa369-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=5083f967-d1e7-4042-bde6-612d6aebdf91-638fa369-5553&partner_url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3646%26xuid%3D5083...
  • https://eb2.3lift.com/xuid?mid=3646&xuid=5083f967-d1e7-4042-bde6-612d6aebdf91-638fa369-5553&dongle=1fa5&gdpr=0&gdpr_consent=
37 B
355 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=3646&xuid=5083f967-d1e7-4042-bde6-612d6aebdf91-638fa369-5553&dongle=1fa5&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 06 Dec 2022 20:17:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Tue, 06 Dec 2022 20:17:46 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://eb2.3lift.com/xuid?mid=3646&xuid=5083f967-d1e7-4042-bde6-612d6aebdf91-638fa369-5553&dongle=1fa5&gdpr=0&gdpr_consent=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
xuid
eb2.3lift.com/ Frame E6A1
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3702&xuid=b3e62e8c-aadf-47bc-b1b5-84d2640b9384&dongle=d54f&gdpr=0&gdpr_consent=
37 B
355 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=3702&xuid=b3e62e8c-aadf-47bc-b1b5-84d2640b9384&dongle=d54f&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 06 Dec 2022 20:17:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=3702&xuid=b3e62e8c-aadf-47bc-b1b5-84d2640b9384&dongle=d54f&gdpr=0&gdpr_consent=
Date
Tue, 06 Dec 2022 20:17:45 GMT
Connection
keep-alive
X-CI-RTID
026840cf-95aa-45a5-a248-456ad651852c
Content-Length
149
Content-Type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame E6A1
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?st=TRIPLELIFT&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6019%26xuid%3D_wfivefivec_%26dongle%3D465e%26gdpr=0%26gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&st=TRIPLELIFT&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6019%26xuid%3D_wfivefivec_%26dongle%3D465e%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=6019&xuid=GolBg5zi1P2EnT5&dongle=465e&gdpr=0&gdpr_consent=
37 B
355 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=6019&xuid=GolBg5zi1P2EnT5&dongle=465e&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 06 Dec 2022 20:17:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:45 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-0a7ec57519fac3ec7@us-east-1e@dxedge-app-us-east-1-prod-asg
Location
https://eb2.3lift.com/xuid?mid=6019&xuid=GolBg5zi1P2EnT5&dongle=465e&gdpr=0&gdpr_consent=
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame E6A1
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3657&xuid=Y4_jXQAB-6N2IwAo&dongle=3c0a&gdpr=0&gdpr_consent=
37 B
355 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=3657&xuid=Y4_jXQAB-6N2IwAo&dongle=3c0a&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 06 Dec 2022 20:17:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

x-served-by
cache-mia11360-MIA
pragma
no-cache
date
Tue, 06 Dec 2022 20:17:45 GMT
via
1.1 varnish
server
Varnish
x-timer
S1670357866.586163,VS0,VE0
x-cache
HIT
location
https://eb2.3lift.com/xuid?mid=3657&xuid=Y4_jXQAB-6N2IwAo&dongle=3c0a&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
receive
pixel.tapad.com/idsync/ex/ Frame 128C
95 B
122 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=4cb97341-3d42-4403-a5ca-a537c9b9ffe6
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=6585c845-3352-4cde-9ab7-778c3d7b7585&gdpr=0&us_privacy=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:45 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
sync
ups.analytics.yahoo.com/ups/58294/ Frame 128C
0
322 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=64038334-be2f-43cd-bc0c-fceb6d96ca83
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=6585c845-3352-4cde-9ab7-778c3d7b7585&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.45.33.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-33-138.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:45 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
p.adsymptotic.com/d/px/ Frame 128C
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D
  • https://id.rlcdn.com/464246.gif?partner_uid=1f017fdb-ab02-4fe4-b052-bd12c3ae5f32
  • https://id.rlcdn.com/1000.gif?memo=CPaqHBIvCisIARCUaxokMWYwMTdmZGItYWIwMi00ZmU0LWIwNTItYmQxMmMzYWU1ZjMyEAAaDQjqxr6cBhIFCOgHEABCAEoA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=55634096390b79c6ca4da3339630deab606e0dd81ef1df54c4a573598917a0c1791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=55634096390b79c6ca4da3339630deab606e0dd81ef1df54c4a573598917a0c1791426b5417dce21&rand=04720388
  • https://p.adsymptotic.com/d/px/?_pid=10339&_psign=f79776ac7a290c8b1b2a94bd7ad5f0ce&_puuid=55634096390b79c6ca4da3339630deab606e0dd81ef1df54c4a573598917a0c1791426b5417dce21&_pu
43 B
96 B
Image
General
Full URL
https://p.adsymptotic.com/d/px/?_pid=10339&_psign=f79776ac7a290c8b1b2a94bd7ad5f0ce&_puuid=55634096390b79c6ca4da3339630deab606e0dd81ef1df54c4a573598917a0c1791426b5417dce21&_pu
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=6585c845-3352-4cde-9ab7-778c3d7b7585&gdpr=0&us_privacy=1---
Protocol
H2
Server
104.18.99.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Tue, 06 Dec 2022 20:17:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7757b4fdbf2967da-MIA
content-length
43
content-type
image/gif

Redirect headers

date
Tue, 06 Dec 2022 20:17:46 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: AC382B3C8A2245C3B4D0927EC46CE842 Ref B: MIAEDGE1419 Ref C: 2022-12-06T20:17:46Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://p.adsymptotic.com/d/px/?_pid=10339&_psign=f79776ac7a290c8b1b2a94bd7ad5f0ce&_puuid=55634096390b79c6ca4da3339630deab606e0dd81ef1df54c4a573598917a0c1791426b5417dce21&_pu
x-li-proto
http/2
content-length
0
x-li-uuid
AAXvLn9OsvyT0M6ZtQUBWw==
sd
us-u.openx.net/w/1.0/ Frame 128C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=630481314781216515
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=630481314781216515
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=6585c845-3352-4cde-9ab7-778c3d7b7585&gdpr=0&us_privacy=1---
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:45 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:45 GMT
AN-X-Request-Uuid
d73bcedb-ae26-45db-9f14-33ffe5e5fbd8
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=630481314781216515
Connection
keep-alive
X-Proxy-Origin
38.132.118.73; 38.132.118.73; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 128C
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=12117cc0-7aef-c27e-2f25-bf769206f50a
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=6585c845-3352-4cde-9ab7-778c3d7b7585&gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:45 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
H5MM55WP31RTNHWKCZ4P
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 128C
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=8494657214754093260&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8494657214754093260&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=6585c845-3352-4cde-9ab7-778c3d7b7585&gdpr=0&us_privacy=1---
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:46 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8494657214754093260&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 06 Dec 2022 20:17:46 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Dec 2022 20:17:45 GMT
sid
mug.criteo.com/ Frame 1D52
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=criteoPrebidAdapter&domain=www.notateslaapp.com&sn=ChromeSyncframe&so=0&topUrl=www.notateslaapp.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=e-3iuXxLTUtlVUp4QnZGaXFTeklWQ1AzTElXam13MEN2WVNNdUdQVjdXTjN4eGtVdWJkYTRUZloybzJDYks0VXdrcXdNMTdKK2tJMFVydUpUbThhSWNOdGZqb2IxRzZ6ZUlUNWlkWTA1cGpxeTNtZmd3d2l6WElXZXE4ZW...
457 B
665 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=e-3iuXxLTUtlVUp4QnZGaXFTeklWQ1AzTElXam13MEN2WVNNdUdQVjdXTjN4eGtVdWJkYTRUZloybzJDYks0VXdrcXdNMTdKK2tJMFVydUpUbThhSWNOdGZqb2IxRzZ6ZUlUNWlkWTA1cGpxeTNtZmd3d2l6WElXZXE4ZW5lRlRmSGJKbXhLb01wblVHdEZvRDFQRkhhV1QwTy91YURURVJYR3B2U3FkSnlWYjMzM2tWYi90K2FydHpRM0NxY0VqWnM2cnpGa1YrNGhnVVlibzEzbVFWOXJTcFprTjJYeitITDhVczVWWk1KZUVJa1hEVVo0T3dPSHJVa2haRFJodzJaQnZySElGQWg1U1Zzd1lwTUlBSUNzSVkySVJtVGJPUE9CZ21aSWw0b1dmcHhUbz18&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
be5aeaceef0ff6cadd7bbd776cbadc5f308b40fbcf4d94539f75b9d7ffea7842
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:45 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2674978
expires
0

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:44 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=e-3iuXxLTUtlVUp4QnZGaXFTeklWQ1AzTElXam13MEN2WVNNdUdQVjdXTjN4eGtVdWJkYTRUZloybzJDYks0VXdrcXdNMTdKK2tJMFVydUpUbThhSWNOdGZqb2IxRzZ6ZUlUNWlkWTA1cGpxeTNtZmd3d2l6WElXZXE4ZW5lRlRmSGJKbXhLb01wblVHdEZvRDFQRkhhV1QwTy91YURURVJYR3B2U3FkSnlWYjMzM2tWYi90K2FydHpRM0NxY0VqWnM2cnpGa1YrNGhnVVlibzEzbVFWOXJTcFprTjJYeitITDhVczVWWk1KZUVJa1hEVVo0T3dPSHJVa2haRFJodzJaQnZySElGQWg1U1Zzd1lwTUlBSUNzSVkySVJtVGJPUE9CZ21aSWw0b1dmcHhUbz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
301704
content-length
0
expires
0
usermatch
ssum-sec.casalemedia.com/ Frame B6CC
1 KB
1 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7aa16eac704fce3c8f9b201760894130868594faad7d789424685679335dced7

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7757b4f77cdc67c9-MIA
content-encoding
br
content-type
text/html
date
Tue, 06 Dec 2022 20:17:46 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FtPVOpEo3SUhVaAss1f6saRMGAhlBfk9Oikwbdwu7F5ZaXsADDg%2BUDu4QUCeVYEt3OTE%2F3k3klAvLrtIoY%2Byx11IYmjgu1RPqoXaujqZTwrVPX7vf2omqPkG3%2BJRTqS9a%2FQ5r5csxBGHSA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame CE0B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.3.115.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-115-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 06 Dec 2022 20:17:46 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 06 Dec 2022 20:17:46 GMT
location
https://eus.rubiconproject.com/usync.html?p=12776
server
AkamaiGHost
sync
usr.undertone.com/userPixel/ Frame ADA7
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID
  • https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=630481314781216515
0
234 B
Image
General
Full URL
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=630481314781216515
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Server
13.32.151.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-151-6.iad66.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:45 GMT
via
1.1 d4c915561282ddbdd32f1872279fb546.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
IAD66-C2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
ZjeViLSvm98GHgQliC5xC285hBGFVVYmgnau2aO-zg85hgQQzKy7FQ==

Redirect headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:45 GMT
AN-X-Request-Uuid
909a5edf-42d6-4890-99ab-098c86d145f0
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=630481314781216515
Connection
keep-alive
X-Proxy-Origin
38.132.118.73; 38.132.118.73; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
usr.undertone.com/userPixel/ Frame ADA7
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=01aa679a-66ea-45e7-85ae-22260d991eb8
0
349 B
Image
General
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=01aa679a-66ea-45e7-85ae-22260d991eb8
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Server
13.32.151.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-151-6.iad66.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:45 GMT
via
1.1 d4c915561282ddbdd32f1872279fb546.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
IAD66-C2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
bsyfcEBD1_FdPv0-XM1f4900uVBYcg1euKmDv3rbkASQlLjGXw6X6g==

Redirect headers

date
Tue, 06 Dec 2022 20:17:45 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=01aa679a-66ea-45e7-85ae-22260d991eb8
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
usr.undertone.com/userPixel/ Frame ADA7
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-s7lcvRxE2uEGCUAGobSfwSAhiSEPBZ23~A
0
234 B
Image
General
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-s7lcvRxE2uEGCUAGobSfwSAhiSEPBZ23~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Server
13.32.151.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-151-6.iad66.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:45 GMT
via
1.1 d4c915561282ddbdd32f1872279fb546.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
IAD66-C2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
zAY5pwtjZNTsK0WOVies-3lP_XYXFam-0KJKzVHd5TcNrbAt8oMu9w==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-s7lcvRxE2uEGCUAGobSfwSAhiSEPBZ23~A
date
Tue, 06 Dec 2022 20:17:45 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
usr.undertone.com/userPixel/ Frame ADA7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usr.undertone.com/userPixel/sync?partnerId=46&uid=20b9b72d-4be5-428b-b562-110fee7c8206&ttl=1672949865
0
350 B
Image
General
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=46&uid=20b9b72d-4be5-428b-b562-110fee7c8206&ttl=1672949865
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Server
13.32.151.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-151-6.iad66.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:45 GMT
via
1.1 d4c915561282ddbdd32f1872279fb546.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
IAD66-C2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
LYxkLGjqfy68S0rl9zkyGMnHk5ThDMgN2ZiVJXlLRqZ04Bx4SQg3xQ==

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:45 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://usr.undertone.com/userPixel/sync?partnerId=46&uid=20b9b72d-4be5-428b-b562-110fee7c8206&ttl=1672949865
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
249
sync
usr.undertone.com/userPixel/ Frame ADA7
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LBCNXQNN-11-M5LE
0
336 B
Image
General
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LBCNXQNN-11-M5LE
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Server
13.32.151.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-151-6.iad66.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:46 GMT
via
1.1 d4c915561282ddbdd32f1872279fb546.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
IAD66-C2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
2PYQx2B-mCVdrT4AI5y66gVzoiW2l9uzxIBAXqhXTRt4e4C-YdeHuw==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LBCNXQNN-11-M5LE
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
2dd9fa24169fa04536d533da131679f8
Expires
0
sync
usr.undertone.com/userPixel/ Frame ADA7
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBE48uPn9gdwyEyL-cd3UEE&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:AEE418221A054D9EAD31DEEC64DB2D92
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D85DC2051-57CB-4AF5-8B38-9847A0099E99
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=85DC2051-57CB-4AF5-8B38-9847A0099E99
0
350 B
Image
General
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=85DC2051-57CB-4AF5-8B38-9847A0099E99
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Server
13.32.151.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-151-6.iad66.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:46 GMT
via
1.1 d4c915561282ddbdd32f1872279fb546.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
IAD66-C2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
mbLvMugM7MGvi_GQWkRh0LrwNj2_AC7mjyPD2zwI-AKs5gHwpa39Uw==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=85DC2051-57CB-4AF5-8B38-9847A0099E99
date
Tue, 06 Dec 2022 20:17:45 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
usr.undertone.com/userPixel/ Frame ADA7
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=5083f967-d1e7-4042-bde6-612d6aebdf91-638fa369-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=5083f967-d1e7-4042-bde6-612d6aebdf91-638fa369-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=5083f967-d1e7-4042-bde6-612d6aebdf91-638fa369-5553&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerI...
  • https://usr.undertone.com/userPixel/sync?partnerId=54&uid=5083f967-d1e7-4042-bde6-612d6aebdf91-638fa369-5553
0
359 B
Image
General
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=54&uid=5083f967-d1e7-4042-bde6-612d6aebdf91-638fa369-5553
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Server
13.32.151.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-151-6.iad66.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:46 GMT
via
1.1 d4c915561282ddbdd32f1872279fb546.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
IAD66-C2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
BxkbwlOadbLz3ofFkzBzEWMb90t8k5xEciLZAbrUy7GnRMtZ0cBGKw==

Redirect headers

date
Tue, 06 Dec 2022 20:17:46 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://usr.undertone.com/userPixel/sync?partnerId=54&uid=5083f967-d1e7-4042-bde6-612d6aebdf91-638fa369-5553
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
usr.undertone.com/userPixel/ Frame ADA7
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58545/occ
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-YnyEjuRE2uGNVr39QPMXwoHzPuk7JIvFaiKrHO4-~A
0
360 B
Image
General
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-YnyEjuRE2uGNVr39QPMXwoHzPuk7JIvFaiKrHO4-~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Server
13.32.151.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-151-6.iad66.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:46 GMT
via
1.1 d4c915561282ddbdd32f1872279fb546.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
IAD66-C2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
1
content-length
0
x-amz-cf-id
4RCtn_tMTEyMR0ZWPLgHBurP2eEbrg-IETPu4JNg4VeLHdOEWn50ug==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-YnyEjuRE2uGNVr39QPMXwoHzPuk7JIvFaiKrHO4-~A
date
Tue, 06 Dec 2022 20:17:45 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
t.gif
cw.addthis.com/ Frame ADA7
0
427 B
Image
General
Full URL
https://cw.addthis.com/t.gif?pid=46&pdid=117bc498e1524209a47a03c49fc8ab99
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.28.127 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-28-127.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:46 GMT
cache-control
max-age=0, no-cache, no-store
expires
Tue, 06 Dec 2022 20:17:46 GMT
demconf.jpg
dpm.demdex.net/ Frame ADA7
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=152416&dpuuid=119fxh304rxmr016n27iw03vd
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=119fxh304rxmr016n27iw03vd
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=119fxh304rxmr016n27iw03vd
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
HTTP/1.1
Server
54.149.113.230 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-113-230.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-0fa5da88e.edge-usw2.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
se+MgPTbS8g=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-1-v041-0196d0924.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
gcDfAnvhQZQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=119fxh304rxmr016n27iw03vd
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
15597
tags.bluekai.com/site/ Frame ADA7
62 B
368 B
Image
General
Full URL
https://tags.bluekai.com/site/15597?id=119fxh304rxmr016n27iw03vd
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.65.183 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-65-183.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Tue, 06 Dec 2022 20:17:46 GMT
content-length
62
content-type
image/gif
/
p.adsymptotic.com/d/px/ Frame ADA7
Redirect Chain
  • https://idsync.rlcdn.com/403716.gif?partner_uid=119fxh304rxmr016n27iw03vd
  • https://idsync.rlcdn.com/1000.gif?memo=CITSGBIlCiEIARCakQEaGTExOWZ4aDMwNHJ4bXIwMTZuMjdpdzAzdmQQABoNCOrGvpwGEgUI6AcQAEIASgA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=22f29cf82c915c5ead1de3c009e71360b38d3be556355942a865de8342480748791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=22f29cf82c915c5ead1de3c009e71360b38d3be556355942a865de8342480748791426b5417dce21&rand=09535354
  • https://p.adsymptotic.com/d/px/?_pid=10339&_psign=f79776ac7a290c8b1b2a94bd7ad5f0ce&_puuid=22f29cf82c915c5ead1de3c009e71360b38d3be556355942a865de8342480748791426b5417dce21&_pu
43 B
119 B
Image
General
Full URL
https://p.adsymptotic.com/d/px/?_pid=10339&_psign=f79776ac7a290c8b1b2a94bd7ad5f0ce&_puuid=22f29cf82c915c5ead1de3c009e71360b38d3be556355942a865de8342480748791426b5417dce21&_pu
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Server
104.18.99.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Tue, 06 Dec 2022 20:17:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7757b4fcfdab67da-MIA
content-length
43
content-type
image/gif

Redirect headers

date
Tue, 06 Dec 2022 20:17:46 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: EBD51892568A49418AE5B93CEDDDC578 Ref B: MIAEDGE1419 Ref C: 2022-12-06T20:17:46Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://p.adsymptotic.com/d/px/?_pid=10339&_psign=f79776ac7a290c8b1b2a94bd7ad5f0ce&_puuid=22f29cf82c915c5ead1de3c009e71360b38d3be556355942a865de8342480748791426b5417dce21&_pu
x-li-proto
http/2
content-length
0
x-li-uuid
AAXvLn9OsWuaXJ5NfKlUmA==
usermatch.gif
beacon.krxd.net/ Frame ADA7
0
338 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner=undertone&partner_uid=119fxh304rxmr016n27iw03vd
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.95.45.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-95-45-40.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-served-by
beacon-n008-ash-prod.krxd.net
date
Tue, 06 Dec 2022 20:17:46 GMT
cache-control
private, no-cache, no-store
x-request-time
D=27 t=1670357866
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
loadm.exelator.com/load/ Frame ADA7
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=1145&j=0&utid=119fxh304rxmr016n27iw03vd
  • https://loadm.exelator.com/load/?p=204&g=1145&j=0&utid=119fxh304rxmr016n27iw03vd&xl8blockcheck=1
0
767 B
Image
General
Full URL
https://loadm.exelator.com/load/?p=204&g=1145&j=0&utid=119fxh304rxmr016n27iw03vd&xl8blockcheck=1
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Server
34.229.3.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-229-3-43.compute-1.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:46 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Tue, 06 Dec 2022 20:17:46 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadm.exelator.com/load/?p=204&g=1145&j=0&utid=119fxh304rxmr016n27iw03vd&xl8blockcheck=1
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
async_usersync
ib.adnxs.com/ Frame 4CDE
0
742 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.153 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:45 GMT
AN-X-Request-Uuid
6e49eb64-a5d9-42b2-b231-846b5667f2a8
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
38.132.118.73; 38.132.118.73; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 27DF
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mail.notateslaapp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
12053
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 16:56:53 GMT
expires
Wed, 06 Dec 2023 16:56:53 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C2C6
783 B
536 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8cc7d1207cd33d644f43a10d993bbb70dfc285314dc39680ca0fed652abf5630
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QVzujktWP2JIT27t1lEf3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mail.notateslaapp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-QVzujktWP2JIT27t1lEf3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 20:17:46 GMT
expires
Tue, 06 Dec 2022 20:17:46 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
crum
dsum-sec.casalemedia.com/ Frame B6CC
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=630481314781216515
43 B
765 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=630481314781216515
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:46 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:46 GMT
AN-X-Request-Uuid
b7ef685b-f4ea-41fd-8cd3-83c5481513b5
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=630481314781216515
Connection
keep-alive
X-Proxy-Origin
38.132.118.73; 38.132.118.73; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Y4-jW4WwZUQrKydWgaf8DQAAAZUAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame B6CC
43 B
601 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y4-jW4WwZUQrKydWgaf8DQAAAZUAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a05:b0ca:7df6:43a8:f557 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:46 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame B6CC
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d460638f-a35f-4400-9851-98d66543df75
43 B
765 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d460638f-a35f-4400-9851-98d66543df75
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:46 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Tue, 06 Dec 2022 20:17:46 GMT
Server
MT3 180 1fd3e2d master ord-pixel-x54 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d460638f-a35f-4400-9851-98d66543df75
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 06 Dec 2022 20:17:45 GMT
crum
dsum-sec.casalemedia.com/ Frame B6CC
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAA5dE7HH0cAAB-zaSXqQA&expiration=1671567466
43 B
765 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAA5dE7HH0cAAB-zaSXqQA&expiration=1671567466
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:46 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAA5dE7HH0cAAB-zaSXqQA&expiration=1671567466
Date
Tue, 06 Dec 2022 20:17:46 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
ibs:dpid=23728&dpuuid=Y4.jW4WwZUQrKydWgaf8DQAA%26405
dpm.demdex.net/ Frame B6CC
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y4.jW4WwZUQrKydWgaf8DQAA%26405?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.113.230 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-113-230.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v041-0f8c8c501.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
WXHpk/s6SGQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum-sec.casalemedia.com/ Frame B6CC
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=9df05b52-8cb7-4736-91f1-9ff8b580fb5c&expiration=1701893866
43 B
765 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=9df05b52-8cb7-4736-91f1-9ff8b580fb5c&expiration=1701893866
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:46 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=9df05b52-8cb7-4736-91f1-9ff8b580fb5c&expiration=1701893866
Date
Tue, 06 Dec 2022 20:17:46 GMT
Server
Kestrel
Connection
keep-alive
Content-Length
0
rum
dsum.casalemedia.com/ Frame B6CC
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=4ebf40cec42815d8&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAHwrOir2IMyAMOiKFbAAAAAAA&expiration=1670444266&is_secure=true
43 B
873 B
Image
General
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAHwrOir2IMyAMOiKFbAAAAAAA&expiration=1670444266&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MnJ8iwzFXE6czKjXDys%2BbltNI84QtfRDljTWMnMKEeYhvC3A6LlaiTrqFbIGO6%2FFQNIyG3V2L3Jl5asl%2BGF2o07lNrSFm%2BVD7VOXPlbhyxHcPJDDwcay2s8Jk7DlQBgd4GeHclsq"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7757b4fcbca821cd-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:46 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAHwrOir2IMyAMOiKFbAAAAAAA&expiration=1670444266&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame B6CC
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=ayIzNTwiPTJwcm9hbCEmZmx1PWtwdDxqP3STfgaT
43 B
765 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=ayIzNTwiPTJwcm9hbCEmZmx1PWtwdDxqP3STfgaT
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:46 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:46 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=ayIzNTwiPTJwcm9hbCEmZmx1PWtwdDxqP3STfgaT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sync
usr.undertone.com/userPixel/ Frame B6CC
0
349 B
Image
General
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=57&uid=Y4-jW4WwZUQrKydWgaf8DQAAAZUAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.151.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-151-6.iad66.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:46 GMT
via
1.1 d4c915561282ddbdd32f1872279fb546.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
IAD66-C2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
410
content-length
0
x-amz-cf-id
PTfHVonueao79cim4Ha3sCijelX5K9R00mcKcsv2XzFYv4REAOzkCw==
usync.js
eus.rubiconproject.com/ Frame CE0B
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.3.115.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-115-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
646602d51b516d8e5462483f63a38e99d9960d569f04e1b67ed84a0cb748188a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 20:17:46 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Dec 2022 04:10:43 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=28397
Connection
keep-alive
Content-Length
10066
Expires
Wed, 07 Dec 2022 04:11:03 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C2C6
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120101&jk=1113482156589776&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

o1Uwx-LeZy1xXNnqv4YwBo-O3KbbR1TU6AaZC5EN1kw.js
pagead2.googlesyndication.com/bg/ Frame 27DF
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/o1Uwx-LeZy1xXNnqv4YwBo-O3KbbR1TU6AaZC5EN1kw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a35530c7e2de672d715cd9eabf8630068f8edca6db4754d4e806990b910dd64c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 03:34:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
319414
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16040
x-xss-protection
0
last-modified
Mon, 21 Nov 2022 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 03 Dec 2023 03:34:12 GMT
async_usersync
ib.adnxs.com/ Frame 4CDE
0
742 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.153 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:46 GMT
AN-X-Request-Uuid
5412d071-c193-4efa-8bff-4edb894999cd
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
38.132.118.73; 38.132.118.73; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
usr.undertone.com/userPixel/ Frame CE0B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&khaos=LBCNXQNN-11-M5LE
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LBCNXQNN-11-M5LE
0
338 B
Image
General
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LBCNXQNN-11-M5LE
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Server
13.32.151.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-151-6.iad66.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:46 GMT
via
1.1 d4c915561282ddbdd32f1872279fb546.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
IAD66-C2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
138
content-length
0
x-amz-cf-id
qzFyY-crqyyUewaVNTw7puJQJL58Kp6iR8ePkLE0sVwGowizgs0Wew==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LBCNXQNN-11-M5LE
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
2dd9fa24169fa04536d533da131679f8
Expires
0
generate_204
tpc.googlesyndication.com/ Frame 27DF
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?uE8E8w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:47 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120101&jk=1113482156589776&bg=!8POl87fNAAa7eOFIm3g7ACkAdvg8Wv2b7UF7P8cMtWzvizDQjHCWJfCIm39S383na5xm_mnALjIU5AIAAAFSUgAAAARoAQeZAqBEnVAjKmOkrn2UJCQI2KyFRvWan4_48XDppDdcmGUyds_YO-Yw6tkcfXlo1v7upQRMK8jfta6HuzLGZudlEEO1GLRNBQ_h6tt0PqUeRrbkIEAn-O9SCMizY9fFXoIXd4CyXHvuf_hXFKmvsfUk6VWOEafX8g_dX8gUCdgRNmECC7Za-c46xMfGbajoeoGeM6tbzK_9SZHu_o_0AMn7mP2DneBd0ZBJ8wZg_3O-o-lqxaW4YL4JqbrWLAKoK2BI04IbmM7rKiuuLNXxAC92xQHt1-xSaTNJ8zHtX32ecONmgYQLOGhUmNiSp3DNpVwiv2ciHuJ2vB2_gwUg4poKIvsm16u6-vZXlCWhZWRf8Evk7efv9HuoyyVrAq8YuUSWU7Ke_Mrn7ASWEqt8XDy2I0O6L5LfQw4dOdP2qCVx9bIbcdkNg8vJoPUDCSn2QK4CKohQMbQyFD8bt43mXNjsCCnzNhQmpsBXLKcOfiXI9ubA70gmSJzZUunFYm-kuUu7mon4zPPQeGjgVLWUfOss6iq13e4YhvHXMBhppPo7x1e8eBGqPpxVpoj8uq1wi9SWZ7SdQ52P-Pn6rRHZZX7o0wcKP4JrQ4r4VhqctJEbyEPdIcD8wneC2DoPupvsi4mOT62AV47HNnLsNkl_rCdAfHdybSfqijZx_qu16tEWVAgjD7ffAf3PjY8GztjMmoeKzyXJw8rkN-UAP4vM7ERuJpS-2PbV6J6HQOPZCzjym1VU4esLw5VfxZAlp7ly2rljn9Hll0m9t7p5exivjhq6ZQzWv6RJ2G0OFTZvL_FLGbAkljCmWup58VX_xGu2DUHbOaDHQ9TNzt8eRjkY-0ay5IHis28W3fPrTnGO0abhohQhZRaxKKt_FjuBe-F2vciWKyk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

collect
www.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-TK8ZNSHLTK&gtm=2oebu0&_p=1721253892&cid=355545597.1670357848&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1670357848&sct=1&seg=1&dl=https%3A%2F%2Fmail.notateslaapp.com%2F&dt=Tesla%20News%2C%20Latest%20Software%20Updates%2C%20Tesla%20Rumors%20and%20Tips&en=10%25%20Scroll&_et=16813
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TK8ZNSHLTK&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://mail.notateslaapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://mail.notateslaapp.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 06 Dec 2022 20:17:57 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://mail.notateslaapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://mail.notateslaapp.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 06 Dec 2022 20:17:57 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://mail.notateslaapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://mail.notateslaapp.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 06 Dec 2022 20:17:57 GMT
server
ATS/9.1.10.25
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/
105 B
547 B
XHR
General
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fmail.notateslaapp.com%2F&pid=8eQOH0t77KuTn&cb=10&ws=1600x1200&v=22.1107.1609&t=4800&slots=%5B%7B%22sd%22%3A%22AdThrive_Footer_1_desktop%22%2C%22s%22%3A%5B%22728x90%22%2C%22320x50%22%2C%22970x90%22%2C%22300x50%22%2C%22320x100%22%2C%22468x60%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Footer_1%2F6086f736fa0c1f0c8270ab14%22%7D%5D&pj=%7B%22adRefresh%22%3A%221%22%7D&cfgv=1&schain=1.0%2C1!cafemedia.com%2C6086f736fa0c1f0c8270ab14%2C1%2C%2C%2C&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*z-AddlwBkUCPzcOOsW-Z-b7w5Q3KqUASAY1jymCPFowunlHCfIZ8YIZ-4OkqlfnM%22%2C%22pubcommon%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.184.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-184-78.iad89.r.cloudfront.net
Software
Server /
Resource Hash
583e6c2c6f4cd67501a50f0a12c50a90d868fd44ec5bed94c7ef6d99fd0d3cde
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:57 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 ca8d1424de70ce439236d37048e65f54.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD89-C2
x-amz-rid
K79RXY2MCWQQJAJM442D
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
105
x-amz-cf-id
FacoFgPu1l9ORSp-B8FF2xrGwhZFXAzms-272NPkrVz3bJkspLigug==
auction
prebid-server.rubiconproject.com/openrtb2/
0
0

bid-request
a.teads.tv/hb/
414 B
655 B
XHR
General
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.200.33 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-33.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9aa765089a12e213fc757d0bb21f3f20ff0541db6900aa7f585a9e5442a7c381

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:58 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
303
expires
Tue, 06 Dec 2022 20:17:58 GMT
pbjs
htlb.casalemedia.com/openrtb/
38 B
511 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=185770&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%225452b7eeeda6493f%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.notateslaapp.com%2F%3F%23Refresh%3ATrue%23PD%3Adesktop%23HVP%3A80%23Source%3Adirect%23Browser%3AChrome%23Topic%3AAuto%23Topic%3ATech%23MCMP%3Aiabc_1%23Sens%3Aalc%23Sens%3Aast%23Sens%3Acbd%23Sens%3Aconl%23Sens%3Acosm%23Sens%3Adat%23Sens%3Adlu%23Sens%3Adrg%23Sens%3Agamc%23Sens%3Agamv%23Sens%3Agrq%23Sens%3Apol%23Sens%3Arel%23Sens%3Asst%23Sens%3Assr%23Sens%3Asrh%23Sens%3Aske%23Sens%3Atob%23Sens%3Awtl%23vp%3A0%23AFOI_2020%3ATrue%23CNST_2021%3ATrue%23DDIG_21%3ATrue%23DEOI_2021%3ATrue%23DSVR_2021%3ATrue%23EXHFCE_2021%3ATrue%23FBSL_2022%3ATrue%23GCREF%3ATrue%23GLDM_2021%3ATrue%23HRSHW_2022%3ATrue%23MSFTA_2022%3ATrue%23NSTLE_22%3ATrue%23SF_RN_122019%3ATrue%23TGNAF_21%3ATrue%23TRGT_022020%3ATrue%23TYTA_22%3ATrue%23VITFM_21%3ATrue%22%2C%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22cafemedia.com%22%2C%22segment%22%3A%5B%7B%22id%22%3A%221%22%7D%5D%2C%22ext%22%3A%7B%22segtax%22%3A6%7D%7D%5D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A2%2C%22msi%22%3A2%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.18.0%22%2C%22userIds%22%3A%5B%22criteoId%22%5D%2C%22url%22%3A%22https%3A%2F%2Fmail.notateslaapp.com%2F%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A1%2C%22dms%22%3Atrue%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22%2F18190176%2FAdThrive_Footer_1%2F6086f736fa0c1f0c8270ab14%22%2C%22adunitcode%22%3A%22AdThrive_Footer_1_desktop%22%2C%22divId%22%3A%22AdThrive_Footer_1_desktop%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%225461de41ada5a53e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22185770%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22185770%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22185770%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22185770%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22185770%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A468%2C%22h%22%3A60%2C%22ext%22%3A%7B%22siteID%22%3A%22185770%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A1%2C%22h%22%3A1%2C%22ext%22%3A%7B%22siteID%22%3A%22185770%22%2C%22fl%22%3A%22p%22%7D%7D%5D%2C%22pos%22%3A1%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F18190176%2FAdThrive_Footer_1%2F6086f736fa0c1f0c8270ab14%22%2C%22gpid%22%3A%22%2F18190176%2FAdThrive_Footer_1%2F6086f736fa0c1f0c8270ab14%22%2C%22tid%22%3A%22849258b9-be81-4ada-85ec-020ab192444b%22%2C%22sid%22%3A%2212_5%22%7D%2C%22bidfloor%22%3A0.3847%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22cafemedia.com%22%2C%22sid%22%3A%226086f736fa0c1f0c8270ab14%22%2C%22hp%22%3A1%2C%22rid%22%3A%22f8ac33f9-162a-4aa6-85cf-fe6c1befb563%22%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ID5*Y92MYPA8AFYj8FKYHVII7xLNdBtmlNEErbDy3Myyh5ounkKfST3xXSs8HB_9JKiM%22%2C%22ext%22%3A%7B%22linkType%22%3A2%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%7D%5D%7D%2C%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2220b9b72d-4be5-428b-b562-110fee7c8206%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%2C%7B%22source%22%3A%22neustar.biz%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22E1%3AqXdT68zpp3ZEpL3NjfqWSkEK-6fOX9z-HHXblNm7kWhn-0m8yOidSJxEVwpGXuJ_ZPSx42F5FHzaEm1NHQGFUyEuU3qqvlv8pvuWcozUfMc%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22fabrickId%22%7D%7D%5D%7D%5D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
099cfbb5c88c3d6d619a522cf8163fff1f927b1e610c7cbcccf7a1a3adba1905

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V7LnzsAqqXF%2B9RCFz4BCSzlVUAWsVwKxNtsRV%2FmCnKlKAvogEShj3F9V6rVFYRxnDVMQftqRkawb3zl%2FluP27XwtVme%2BQcSmwhWkEwGO%2B170HRyaKDrSWVnTa6GTXVNJGoz1aw0O"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7757b540cb34b3bf-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38
expires
0
bid
krk.kargo.com/api/v2/
2 B
656 B
XHR
General
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%2264aa31a5-eca6-4058-bd8c-7b39543aa4ad%22%2C%22requestCount%22%3A9%2C%22timeout%22%3A5000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1670357877871%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%225526606365c2697c%22%3A%22_lP4vuVhICu%22%7D%2C%22bidSizes%22%3A%7B%225526606365c2697c%22%3A%5B%5B728%2C90%5D%2C%5B320%2C50%5D%2C%5B970%2C90%5D%2C%5B300%2C50%5D%2C%5B320%2C100%5D%2C%5B468%2C60%5D%2C%5B1%2C1%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_lP4vuVhICu%22%7D%2C%22auctionId%22%3A%2248b18738-9450-4cd1-a957-102a8c827c36%22%2C%22floorData%22%3A%7B%22skipped%22%3Afalse%2C%22skipRate%22%3A10%2C%22modelVersion%22%3A%22cw-cafemedia%402022-12-05-20%22%2C%22modelWeight%22%3A70%2C%22modelTimestamp%22%3A1670270400%2C%22location%22%3A%22setConfig%22%2C%22floorProvider%22%3A%22rubicon%22%7D%2C%22userId%22%3A%7B%22criteoId%22%3A%22HrLMFV96Rlk5TnplJTJCdkdVeGZvNWN1eXhBNVJuU3FsQTZwTVMwSnJGcm9aYjR6UzBUaWV1VVVuWFlmSTU5cjdXWnpnMloxZXJPQkhURGdnYmhYT2t3RDhxOERRJTNEJTNE%22%2C%22id5id%22%3A%7B%22uid%22%3A%22ID5*Y92MYPA8AFYj8FKYHVII7xLNdBtmlNEErbDy3Myyh5ounkKfST3xXSs8HB_9JKiM%22%2C%22ext%22%3A%7B%22linkType%22%3A2%7D%7D%2C%22pubcid%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%2C%22tdid%22%3A%2220b9b72d-4be5-428b-b562-110fee7c8206%22%2C%22fabrickId%22%3A%22E1%3AqXdT68zpp3ZEpL3NjfqWSkEK-6fOX9z-HHXblNm7kWhn-0m8yOidSJxEVwpGXuJ_ZPSx42F5FHzaEm1NHQGFUyEuU3qqvlv8pvuWcozUfMc%22%7D%2C%22userIdAsEids%22%3A%5B%7B%22source%22%3A%22criteo.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22HrLMFV96Rlk5TnplJTJCdkdVeGZvNWN1eXhBNVJuU3FsQTZwTVMwSnJGcm9aYjR6UzBUaWV1VVVuWFlmSTU5cjdXWnpnMloxZXJPQkhURGdnYmhYT2t3RDhxOERRJTNEJTNE%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ID5*Y92MYPA8AFYj8FKYHVII7xLNdBtmlNEErbDy3Myyh5ounkKfST3xXSs8HB_9JKiM%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A2%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2220b9b72d-4be5-428b-b562-110fee7c8206%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%2C%7B%22source%22%3A%22neustar.biz%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22E1%3AqXdT68zpp3ZEpL3NjfqWSkEK-6fOX9z-HHXblNm7kWhn-0m8yOidSJxEVwpGXuJ_ZPSx42F5FHzaEm1NHQGFUyEuU3qqvlv8pvuWcozUfMc%22%2C%22atype%22%3A1%7D%5D%7D%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22data%22%3A%7B%22pos%22%3A%22atf%22%2C%22adserver%22%3A%7B%22name%22%3A%22gam%22%2C%22adslot%22%3A%22%2F18190176%2FAdThrive_Footer_1%2F6086f736fa0c1f0c8270ab14%22%7D%2C%22pbadslot%22%3A%22%2F18190176%2FAdThrive_Footer_1%2F6086f736fa0c1f0c8270ab14%22%7D%2C%22tid%22%3A%22849258b9-be81-4ada-85ec-020ab192444b%22%2C%22gpid%22%3A%22%2F18190176%2FAdThrive_Footer_1%2F6086f736fa0c1f0c8270ab14%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B320%2C50%5D%2C%5B970%2C90%5D%2C%5B300%2C50%5D%2C%5B320%2C100%5D%2C%5B468%2C60%5D%2C%5B1%2C1%5D%5D%2C%22pos%22%3A1%7D%7D%2C%22adUnitCode%22%3A%22AdThrive_Footer_1_desktop%22%2C%22transactionId%22%3A%22849258b9-be81-4ada-85ec-020ab192444b%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B320%2C50%5D%2C%5B970%2C90%5D%2C%5B300%2C50%5D%2C%5B320%2C100%5D%2C%5B468%2C60%5D%2C%5B1%2C1%5D%5D%2C%22bidId%22%3A%225526606365c2697c%22%2C%22bidderRequestId%22%3A%22551fe2e192982abc%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22userId.init.gdpr%22%3A%5B0.09999942779541016%5D%2C%22userId.mod.init%22%3A%5B0.6999998092651367%2C1.6000003814697266%2C0.20000076293945312%2C0%2C3.6999998092651367%2C0.09999942779541016%2C0.8000001907348633%5D%2C%22userId.mods.connectId.init%22%3A%5B0.6999998092651367%5D%2C%22userId.mods.criteo.init%22%3A%5B1.6000003814697266%5D%2C%22userId.mods.id5Id.init%22%3A%5B0.20000076293945312%5D%2C%22userId.mods.identityLink.init%22%3A%5B0%5D%2C%22userId.mods.sharedId.init%22%3A%5B3.6999998092651367%5D%2C%22userId.mods.unifiedId.init%22%3A%5B0.09999942779541016%5D%2C%22userId.mods.fabrickId.init%22%3A%5B0.8000001907348633%5D%2C%22userId.init.modules%22%3A%5B9.5%5D%2C%22userId.callbacks.pending%22%3A%5B6269.800000190735%5D%2C%22userId.mod.callback%22%3A%5B86.89999961853027%2C971.8999996185303%2C877.6999998092651%2C1052.6999998092651%2C2539.2999992370605%2C2540.800000190735%5D%2C%22userId.mods.sharedId.callback%22%3A%5B86.89999961853027%5D%2C%22userId.mods.identityLink.callback%22%3A%5B971.8999996185303%5D%2C%22userId.mods.fabrickId.callback%22%3A%5B877.6999998092651%5D%2C%22userId.mods.unifiedId.callback%22%3A%5B1052.6999998092651%5D%2C%22userId.mods.criteo.callback%22%3A%5B2539.2999992370605%5D%2C%22userId.mods.id5Id.callback%22%3A%5B2540.800000190735%5D%2C%22userId.callbacks.total%22%3A%5B2551.199999809265%5D%2C%22userId.total%22%3A%5B9328.400000572205%5D%2C%22requestBids.usp%22%3A0%2C%22requestBids.priceFloors%22%3A1.0999994277954102%2C%22requestBids.userId%22%3A6%2C%22requestBids.validate%22%3A11.09999942779541%2C%22requestBids.makeRequests%22%3A17.5%2C%22adapter.client.validate%22%3A0%2C%22adapters.client.kargo.validate%22%3A0%7D%2C%22bidRequestsCount%22%3A2%2C%22bidderRequestsCount%22%3A2%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22cafemedia.com%22%2C%22segment%22%3A%5B%7B%22id%22%3A%221%22%7D%5D%2C%22ext%22%3A%7B%22segtax%22%3A6%7D%7D%5D%7D%7D%7D%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22cafemedia.com%22%2C%22sid%22%3A%226086f736fa0c1f0c8270ab14%22%2C%22hp%22%3A1%2C%22rid%22%3A%22f8ac33f9-162a-4aa6-85cf-fe6c1befb563%22%7D%5D%7D%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%2C%22usp%22%3A%221---%22%2C%22tdID%22%3A%2220b9b72d-4be5-428b-b562-110fee7c8206%22%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.notateslaapp.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.108.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-108-184.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:57 GMT
Content-Encoding
gzip
X-Accel-Expires
0
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://mail.notateslaapp.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
26
Expires
Thu, 01 Jan 1970 00:00:00 UTC
cdb
bidder.criteo.com/
2 KB
2 KB
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.18.0&cb=89099949646&lsavail=1&bundle=beWxSV9wMmJDTnFPb2ElMkZ1TnNTcGhpejhkOGdNU1h1UzBpTUhGekhQUERZVG1uZEhvVW1QeUw2bmZwbWc4TjIlMkZkMWNweVA3cCUyQlNyTFNZRDFkQ1NWenZHanZYZlZnUSUyQkhFQVhzMzNNWE1FbjVLVDdzUWNuaVRKTzJWMmJaeW5KNkhVVVVQ
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 20:17:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1782
auction
tlx.3lift.com/header/
19 B
741 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.18.0&referrer=https%3A%2F%2Fwww.notateslaapp.com%2F&tmax=5000&us_privacy=1---
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.146.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-146-96.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:57 GMT
accept-ch
sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt
x-auction-status
12
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
arj
cafemedia-d.openx.net/w/1.0/
190 B
200 B
XHR
General
Full URL
https://cafemedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.notateslaapp.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=849258b9-be81-4ada-85ec-020ab192444b&nocache=1670357877907&scsm=cafemedia.com%2F6%3A1&us_privacy=1---&criteoid=HrLMFV96Rlk5TnplJTJCdkdVeGZvNWN1eXhBNVJuU3FsQTZwTVMwSnJGcm9aYjR6UzBUaWV1VVVuWFlmSTU5cjdXWnpnMloxZXJPQkhURGdnYmhYT2t3RDhxOERRJTNEJTNE&id5id=ID5*Y92MYPA8AFYj8FKYHVII7xLNdBtmlNEErbDy3Myyh5ounkKfST3xXSs8HB_9JKiM&pubcid=996b3fe4-cfc2-4673-b5fd-f5099e120d17&ttduuid=20b9b72d-4be5-428b-b562-110fee7c8206&nuestarid=E1%3AqXdT68zpp3ZEpL3NjfqWSkEK-6fOX9z-HHXblNm7kWhn-0m8yOidSJxEVwpGXuJ_ZPSx42F5FHzaEm1NHQGFUyEuU3qqvlv8pvuWcozUfMc&schain=1.0%2C1!cafemedia.com%2C6086f736fa0c1f0c8270ab14%2C1%2Cf8ac33f9-162a-4aa6-85cf-fe6c1befb563%2C%2C&aus=728x90%2C320x50%2C970x90%2C300x50%2C320x100%2C468x60%2C1x1&divids=AdThrive_Footer_1_desktop&aucs=%252F18190176%252FAdThrive_Footer_1%252F6086f736fa0c1f0c8270ab14&auid=538699840&tps=c2Vucz1hbGMsYXN0LGNiZCxjb25sLGNvc20sZGF0LGRsdSxkcmcsZ2FtYyxnYW12LGdycSxwb2wscmVsLHNzdCxzc3Isc3JoLHNrZSx0b2Isd3RsJmJ1Y2tldD1iZXRhMTpvdnJkJmhpX2F1PQ%3D%3D&aumfs=370
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:58 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
177
expires
Mon, 26 Jul 1997 05:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/
62 B
93 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d00177771bcae21c6941d30023&pos=8a9694d00177771bcae21c6a7d880025&cmd=bid&sens=alc%2Cast%2Ccbd%2Cconl%2Ccosm%2Cdat%2Cdlu%2Cdrg%2Cgamc%2Cgamv%2Cgrq%2Cpol%2Crel%2Csst%2Cssr%2Csrh%2Cske%2Ctob%2Cwtl&eidcriteo.com=HrLMFV96Rlk5TnplJTJCdkdVeGZvNWN1eXhBNVJuU3FsQTZwTVMwSnJGcm9aYjR6UzBUaWV1VVVuWFlmSTU5cjdXWnpnMloxZXJPQkhURGdnYmhYT2t3RDhxOERRJTNEJTNE&eidid5-sync.com=ID5*Y92MYPA8AFYj8FKYHVII7xLNdBtmlNEErbDy3Myyh5ounkKfST3xXSs8HB_9JKiM&eidadserver.org=20b9b72d-4be5-428b-b562-110fee7c8206&secure=1&us_privacy=1---
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 20:17:58 GMT
server
ATS/9.1.10.25
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/
62 B
93 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d00177771bcae21c6941d30023&pos=8a969d580177771bc13c2046cd280081&cmd=bid&sens=alc%2Cast%2Ccbd%2Cconl%2Ccosm%2Cdat%2Cdlu%2Cdrg%2Cgamc%2Cgamv%2Cgrq%2Cpol%2Crel%2Csst%2Cssr%2Csrh%2Cske%2Ctob%2Cwtl&eidcriteo.com=HrLMFV96Rlk5TnplJTJCdkdVeGZvNWN1eXhBNVJuU3FsQTZwTVMwSnJGcm9aYjR6UzBUaWV1VVVuWFlmSTU5cjdXWnpnMloxZXJPQkhURGdnYmhYT2t3RDhxOERRJTNEJTNE&eidid5-sync.com=ID5*Y92MYPA8AFYj8FKYHVII7xLNdBtmlNEErbDy3Myyh5ounkKfST3xXSs8HB_9JKiM&eidadserver.org=20b9b72d-4be5-428b-b562-110fee7c8206&secure=1&us_privacy=1---
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
94a369f9f46bd3be9bf56a4f1a983221c24e3e782167fe064c70fe8d87a030b3

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 20:17:58 GMT
server
ATS/9.1.10.25
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/
62 B
285 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d00177771bcae21c6941d30023&pos=8a9694d00177771bcae2204408520056&cmd=bid&sens=alc%2Cast%2Ccbd%2Cconl%2Ccosm%2Cdat%2Cdlu%2Cdrg%2Cgamc%2Cgamv%2Cgrq%2Cpol%2Crel%2Csst%2Cssr%2Csrh%2Cske%2Ctob%2Cwtl&eidcriteo.com=HrLMFV96Rlk5TnplJTJCdkdVeGZvNWN1eXhBNVJuU3FsQTZwTVMwSnJGcm9aYjR6UzBUaWV1VVVuWFlmSTU5cjdXWnpnMloxZXJPQkhURGdnYmhYT2t3RDhxOERRJTNEJTNE&eidid5-sync.com=ID5*Y92MYPA8AFYj8FKYHVII7xLNdBtmlNEErbDy3Myyh5ounkKfST3xXSs8HB_9JKiM&eidadserver.org=20b9b72d-4be5-428b-b562-110fee7c8206&secure=1&us_privacy=1---
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3f90957b0f1469fdcbc1d1f1233abfd7923b2779a0ccf018d1c9e5d0d24e2c1

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 20:17:58 GMT
server
ATS/9.1.10.25
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
content-length
62
translator
hbopenbid.pubmatic.com/
0
63 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mail.notateslaapp.com
date
Tue, 06 Dec 2022 20:17:56 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/
23 KB
10 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9262&site_id=180726&zone_id=881416&size_id=2&alt_size_ids=1%2C43%2C44%2C55%2C117%2C221&p_pos=atf&us_privacy=1---&rp_schain=1.0,1!cafemedia.com,6086f736fa0c1f0c8270ab14,1,f8ac33f9-162a-4aa6-85cf-fe6c1befb563,,&eid_criteo.com=HrLMFV96Rlk5TnplJTJCdkdVeGZvNWN1eXhBNVJuU3FsQTZwTVMwSnJGcm9aYjR6UzBUaWV1VVVuWFlmSTU5cjdXWnpnMloxZXJPQkhURGdnYmhYT2t3RDhxOERRJTNEJTNE%5E1&eid_id5-sync.com=ID5*Y92MYPA8AFYj8FKYHVII7xLNdBtmlNEErbDy3Myyh5ounkKfST3xXSs8HB_9JKiM%5E1%5E2&eid_pubcid.org=996b3fe4-cfc2-4673-b5fd-f5099e120d17%5E1&tpid_tdid=20b9b72d-4be5-428b-b562-110fee7c8206&eid_adserver.org=20b9b72d-4be5-428b-b562-110fee7c8206&eid_neustar.biz=E1%3AqXdT68zpp3ZEpL3NjfqWSkEK-6fOX9z-HHXblNm7kWhn-0m8yOidSJxEVwpGXuJ_ZPSx42F5FHzaEm1NHQGFUyEuU3qqvlv8pvuWcozUfMc%5E1&rf=https%3A%2F%2Fwww.notateslaapp.com%2F&tg_i.iab=1&tg_i.site_code=AFOI_2020%2CCNST_2021%2CDDIG_21%2CDEOI_2021%2CDSVR_2021%2CEXHFCE_2021%2CFBSL_2022%2CGCREF%2CGLDM_2021%2CHRSHW_2022%2CMSFTA_2022%2CNSTLE_22%2CSF_RN_122019%2CTGNAF_21%2CTRGT_022020%2CTYTA_22%2CVITFM_21&tg_i.site_id=6086f736fa0c1f0c8270ab14&tg_i.sens=alc%2Cast%2Ccbd%2Cconl%2Ccosm%2Cdat%2Cdlu%2Cdrg%2Cgamc%2Cgamv%2Cgrq%2Cpol%2Crel%2Csst%2Cssr%2Csrh%2Cske%2Ctob%2Cwtl&tg_i.verticals=Auto%2CTech&tg_i.pmp_elig=true&tg_i.mcmp=iabc_1&tg_i.refresh=true&tg_i.vp=0&tg_i.pos=atf&tg_i.pbadslot=%2F18190176%2FAdThrive_Footer_1%2F6086f736fa0c1f0c8270ab14&tk_flint=pbjs_lite_v7.18.0&x_source.tid=849258b9-be81-4ada-85ec-020ab192444b&l_pb_bid_id=5665e93ff8303c29&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.37&rp_maxbids=1&p_gpid=%2F18190176%2FAdThrive_Footer_1%2F6086f736fa0c1f0c8270ab14&slots=1&rand=0.19804219507395127
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:58 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
bidRequest
c2shb.pubgw.yahoo.com/
66 B
97 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Referer
https://mail.notateslaapp.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 06 Dec 2022 20:17:58 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/
66 B
97 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Referer
https://mail.notateslaapp.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 06 Dec 2022 20:17:58 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/
66 B
97 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Referer
https://mail.notateslaapp.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 06 Dec 2022 20:17:58 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
content-length
66
prebid
ib.adnxs.com/ut/v3/
19 B
869 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.153 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:57 GMT
AN-X-Request-Uuid
ea4f7653-5adc-4b0e-9c2f-e1e5b70b359c
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mail.notateslaapp.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
38.132.118.73; 38.132.118.73; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
btlr.sharethrough.com/universal/
0
263 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.56.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-56-171.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:58 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/
0
263 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.56.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-56-171.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:58 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/
0
263 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.56.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-56-171.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:58 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/
0
263 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.56.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-56-171.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:58 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/
0
263 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.56.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-56-171.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:58 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
cafemedia
direct.adsrvr.org/bid/bidder/
0
405 B
XHR
General
Full URL
https://direct.adsrvr.org/bid/bidder/cafemedia
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.250.166.129 , United States, ASN26459 (TTD-ASN-01, US),
Reverse DNS
Software
Kestrel /
Resource Hash

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 20:17:57 GMT
x-openrtb-version
2.3
server
Kestrel
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
/
colossusssp.com/
2 B
248 B
XHR
General
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.111.123 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:58 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
imp
g2.gumgum.com/hbid/
4 KB
2 KB
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?lt=1670357877931&to=0&aun=AdThrive_Footer_1_desktop&criteoId=HrLMFV96Rlk5TnplJTJCdkdVeGZvNWN1eXhBNVJuU3FsQTZwTVMwSnJGcm9aYjR6UzBUaWV1VVVuWFlmSTU5cjdXWnpnMloxZXJPQkhURGdnYmhYT2t3RDhxOERRJTNEJTNE&id5id=ID5*Y92MYPA8AFYj8FKYHVII7xLNdBtmlNEErbDy3Myyh5ounkKfST3xXSs8HB_9JKiM&pubcid=996b3fe4-cfc2-4673-b5fd-f5099e120d17&tdid=20b9b72d-4be5-428b-b562-110fee7c8206&fabrickId=E1%3AqXdT68zpp3ZEpL3NjfqWSkEK-6fOX9z-HHXblNm7kWhn-0m8yOidSJxEVwpGXuJ_ZPSx42F5FHzaEm1NHQGFUyEuU3qqvlv8pvuWcozUfMc&gpid=%2F18190176%2FAdThrive_Footer_1%2F6086f736fa0c1f0c8270ab14&pv=4bee9c7f-2056-48dc-8574-4e34b82123ab&fp=0.3819&fpc=USD&t=g95nznmj&pi=2&uspConsent=1---&schain=1.0%2C1!cafemedia.com%2C6086f736fa0c1f0c8270ab14%2C1%2C93eb1196-8fc3-4cce-84b4-4be428e6f327%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.notateslaapp.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.18.0%22%7D&ogu=null&ns=10138
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.231.190.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-190-210.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:58 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/
603 B
1 KB
XHR
General
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fmail.notateslaapp.com%2F&pid=8eQOH0t77KuTn&cb=11&ws=1600x1200&v=22.1107.1609&t=4800&slots=%5B%7B%22sd%22%3A%22AdThrive_Header_1_desktop%22%2C%22s%22%3A%5B%22728x90%22%2C%22320x50%22%2C%22970x250%22%2C%22970x90%22%2C%22300x50%22%2C%22320x100%22%2C%22468x60%22%2C%221x1%22%2C%22728x250%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Header_1%2F6086f736fa0c1f0c8270ab14%22%7D%5D&pj=%7B%22adRefresh%22%3A%221%22%7D&cfgv=1&schain=1.0%2C1!cafemedia.com%2C6086f736fa0c1f0c8270ab14%2C1%2C%2C%2C&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*z-AddlwBkUCPzcOOsW-Z-b7w5Q3KqUASAY1jymCPFowunlHCfIZ8YIZ-4OkqlfnM%22%2C%22pubcommon%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.184.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-184-78.iad89.r.cloudfront.net
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:58 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 ca8d1424de70ce439236d37048e65f54.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD89-C2
x-amz-rid
X7ABBHCBRZEMF5Y5M5C2
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
603
x-amz-cf-id
NunDLHMw14PYEl91X-pbpLhzcvOAur6BKmNJM8viIjrOxvyk0hWLGA==
auction
prebid-server.rubiconproject.com/openrtb2/
280 B
472 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.89.34.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-89-34-248.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:58 GMT
content-encoding
gzip
x-prebid
pbs-java/1.105.0
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
234
expires
0
bid-request
a.teads.tv/hb/
16 B
393 B
XHR
General
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.200.33 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-33.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:58 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Tue, 06 Dec 2022 20:17:58 GMT
pbjs
htlb.casalemedia.com/openrtb/
38 B
508 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=404607&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22609781e69019d44f%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.notateslaapp.com%2F%3F%23Refresh%3ATrue%23PD%3Adesktop%23HVP%3A80%23Source%3Adirect%23Browser%3AChrome%23Topic%3AAuto%23Topic%3ATech%23MCMP%3Aiabc_1%23Sens%3Aalc%23Sens%3Aast%23Sens%3Acbd%23Sens%3Aconl%23Sens%3Acosm%23Sens%3Adat%23Sens%3Adlu%23Sens%3Adrg%23Sens%3Agamc%23Sens%3Agamv%23Sens%3Agrq%23Sens%3Apol%23Sens%3Arel%23Sens%3Asst%23Sens%3Assr%23Sens%3Asrh%23Sens%3Aske%23Sens%3Atob%23Sens%3Awtl%23vp%3A0%23AFOI_2020%3ATrue%23CNST_2021%3ATrue%23DDIG_21%3ATrue%23DEOI_2021%3ATrue%23DSVR_2021%3ATrue%23EXHFCE_2021%3ATrue%23FBSL_2022%3ATrue%23GCREF%3ATrue%23GLDM_2021%3ATrue%23HRSHW_2022%3ATrue%23MSFTA_2022%3ATrue%23NSTLE_22%3ATrue%23SF_RN_122019%3ATrue%23TGNAF_21%3ATrue%23TRGT_022020%3ATrue%23TYTA_22%3ATrue%23VITFM_21%3ATrue%22%2C%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22cafemedia.com%22%2C%22segment%22%3A%5B%7B%22id%22%3A%221%22%7D%5D%2C%22ext%22%3A%7B%22segtax%22%3A6%7D%7D%5D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A3%2C%22msi%22%3A3%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.18.0%22%2C%22userIds%22%3A%5B%22criteoId%22%5D%2C%22url%22%3A%22https%3A%2F%2Fmail.notateslaapp.com%2F%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A1%2C%22dms%22%3Atrue%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22%2F18190176%2FAdThrive_Header_1%2F6086f736fa0c1f0c8270ab14%22%2C%22adunitcode%22%3A%22AdThrive_Header_1_desktop%22%2C%22divId%22%3A%22AdThrive_Header_1_desktop%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226103af8b2f3c5ea8%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22404607%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22185774%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22404607%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22185774%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22404607%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22185774%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22404607%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22185774%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22404607%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22185774%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22404607%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22185774%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A468%2C%22h%22%3A60%2C%22ext%22%3A%7B%22siteID%22%3A%22404607%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A1%2C%22h%22%3A1%2C%22ext%22%3A%7B%22siteID%22%3A%22404607%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22404607%22%2C%22fl%22%3A%22p%22%7D%7D%5D%2C%22pos%22%3A1%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F18190176%2FAdThrive_Header_1%2F6086f736fa0c1f0c8270ab14%22%2C%22gpid%22%3A%22%2F18190176%2FAdThrive_Header_1%2F6086f736fa0c1f0c8270ab14%22%2C%22tid%22%3A%222890104d-2a25-40dc-bf71-1edec5323669%22%2C%22sid%22%3A%2215_6%22%7D%2C%22bidfloor%22%3A0.4782%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22cafemedia.com%22%2C%22sid%22%3A%226086f736fa0c1f0c8270ab14%22%2C%22hp%22%3A1%2C%22rid%22%3A%2293eb1196-8fc3-4cce-84b4-4be428e6f327%22%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ID5*Y92MYPA8AFYj8FKYHVII7xLNdBtmlNEErbDy3Myyh5ounkKfST3xXSs8HB_9JKiM%22%2C%22ext%22%3A%7B%22linkType%22%3A2%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%7D%5D%7D%2C%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2220b9b72d-4be5-428b-b562-110fee7c8206%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%2C%7B%22source%22%3A%22neustar.biz%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22E1%3AqXdT68zpp3ZEpL3NjfqWSkEK-6fOX9z-HHXblNm7kWhn-0m8yOidSJxEVwpGXuJ_ZPSx42F5FHzaEm1NHQGFUyEuU3qqvlv8pvuWcozUfMc%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22fabrickId%22%7D%7D%5D%7D%5D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BCmdOhBEAFSckhqWY71mpG%2FnMV4e7imGwt5g5DUKhoUw44Odug8PoG85Rd2NJVC6MIBMAugkR%2BvdPR4xqaS%2FlRwWBlXNo7TPhlqJ0%2FUI916QY5KAcIMzmYY5eVkMNts5WzW1tceO"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7757b5428fa3b3bf-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38
expires
0
bid
krk.kargo.com/api/v2/
2 B
656 B
XHR
General
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%2264aa31a5-eca6-4058-bd8c-7b39543aa4ad%22%2C%22requestCount%22%3A10%2C%22timeout%22%3A5000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1670357878131%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%226235d6f153a16d96%22%3A%22_vzS4k9rMKu%22%7D%2C%22bidSizes%22%3A%7B%226235d6f153a16d96%22%3A%5B%5B728%2C90%5D%2C%5B320%2C50%5D%2C%5B970%2C250%5D%2C%5B970%2C90%5D%2C%5B300%2C50%5D%2C%5B320%2C100%5D%2C%5B468%2C60%5D%2C%5B1%2C1%5D%2C%5B728%2C250%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_vzS4k9rMKu%22%7D%2C%22auctionId%22%3A%22fd52d757-49a5-4704-ac23-16e15bfd9ae7%22%2C%22floorData%22%3A%7B%22skipped%22%3Afalse%2C%22skipRate%22%3A10%2C%22modelVersion%22%3A%22mlcp-2p0-cafemedia%402022-12-05-20%22%2C%22modelWeight%22%3A5%2C%22modelTimestamp%22%3A1670270400%2C%22location%22%3A%22setConfig%22%2C%22floorProvider%22%3A%22rubicon%22%7D%2C%22userId%22%3A%7B%22criteoId%22%3A%22HrLMFV96Rlk5TnplJTJCdkdVeGZvNWN1eXhBNVJuU3FsQTZwTVMwSnJGcm9aYjR6UzBUaWV1VVVuWFlmSTU5cjdXWnpnMloxZXJPQkhURGdnYmhYT2t3RDhxOERRJTNEJTNE%22%2C%22id5id%22%3A%7B%22uid%22%3A%22ID5*Y92MYPA8AFYj8FKYHVII7xLNdBtmlNEErbDy3Myyh5ounkKfST3xXSs8HB_9JKiM%22%2C%22ext%22%3A%7B%22linkType%22%3A2%7D%7D%2C%22pubcid%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%2C%22tdid%22%3A%2220b9b72d-4be5-428b-b562-110fee7c8206%22%2C%22fabrickId%22%3A%22E1%3AqXdT68zpp3ZEpL3NjfqWSkEK-6fOX9z-HHXblNm7kWhn-0m8yOidSJxEVwpGXuJ_ZPSx42F5FHzaEm1NHQGFUyEuU3qqvlv8pvuWcozUfMc%22%7D%2C%22userIdAsEids%22%3A%5B%7B%22source%22%3A%22criteo.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22HrLMFV96Rlk5TnplJTJCdkdVeGZvNWN1eXhBNVJuU3FsQTZwTVMwSnJGcm9aYjR6UzBUaWV1VVVuWFlmSTU5cjdXWnpnMloxZXJPQkhURGdnYmhYT2t3RDhxOERRJTNEJTNE%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ID5*Y92MYPA8AFYj8FKYHVII7xLNdBtmlNEErbDy3Myyh5ounkKfST3xXSs8HB_9JKiM%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A2%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2220b9b72d-4be5-428b-b562-110fee7c8206%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%2C%7B%22source%22%3A%22neustar.biz%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22E1%3AqXdT68zpp3ZEpL3NjfqWSkEK-6fOX9z-HHXblNm7kWhn-0m8yOidSJxEVwpGXuJ_ZPSx42F5FHzaEm1NHQGFUyEuU3qqvlv8pvuWcozUfMc%22%2C%22atype%22%3A1%7D%5D%7D%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22data%22%3A%7B%22pos%22%3A%22atf%22%2C%22adserver%22%3A%7B%22name%22%3A%22gam%22%2C%22adslot%22%3A%22%2F18190176%2FAdThrive_Header_1%2F6086f736fa0c1f0c8270ab14%22%7D%2C%22pbadslot%22%3A%22%2F18190176%2FAdThrive_Header_1%2F6086f736fa0c1f0c8270ab14%22%7D%2C%22tid%22%3A%222890104d-2a25-40dc-bf71-1edec5323669%22%2C%22gpid%22%3A%22%2F18190176%2FAdThrive_Header_1%2F6086f736fa0c1f0c8270ab14%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B320%2C50%5D%2C%5B970%2C250%5D%2C%5B970%2C90%5D%2C%5B300%2C50%5D%2C%5B320%2C100%5D%2C%5B468%2C60%5D%2C%5B1%2C1%5D%2C%5B728%2C250%5D%5D%2C%22pos%22%3A1%7D%7D%2C%22adUnitCode%22%3A%22AdThrive_Header_1_desktop%22%2C%22transactionId%22%3A%222890104d-2a25-40dc-bf71-1edec5323669%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B320%2C50%5D%2C%5B970%2C250%5D%2C%5B970%2C90%5D%2C%5B300%2C50%5D%2C%5B320%2C100%5D%2C%5B468%2C60%5D%2C%5B1%2C1%5D%2C%5B728%2C250%5D%5D%2C%22bidId%22%3A%226235d6f153a16d96%22%2C%22bidderRequestId%22%3A%2262231bddd2958a0a%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22userId.init.gdpr%22%3A%5B0.09999942779541016%5D%2C%22userId.mod.init%22%3A%5B0.6999998092651367%2C1.6000003814697266%2C0.20000076293945312%2C0%2C3.6999998092651367%2C0.09999942779541016%2C0.8000001907348633%5D%2C%22userId.mods.connectId.init%22%3A%5B0.6999998092651367%5D%2C%22userId.mods.criteo.init%22%3A%5B1.6000003814697266%5D%2C%22userId.mods.id5Id.init%22%3A%5B0.20000076293945312%5D%2C%22userId.mods.identityLink.init%22%3A%5B0%5D%2C%22userId.mods.sharedId.init%22%3A%5B3.6999998092651367%5D%2C%22userId.mods.unifiedId.init%22%3A%5B0.09999942779541016%5D%2C%22userId.mods.fabrickId.init%22%3A%5B0.8000001907348633%5D%2C%22userId.init.modules%22%3A%5B9.5%5D%2C%22userId.callbacks.pending%22%3A%5B6269.800000190735%5D%2C%22userId.mod.callback%22%3A%5B86.89999961853027%2C971.8999996185303%2C877.6999998092651%2C1052.6999998092651%2C2539.2999992370605%2C2540.800000190735%5D%2C%22userId.mods.sharedId.callback%22%3A%5B86.89999961853027%5D%2C%22userId.mods.identityLink.callback%22%3A%5B971.8999996185303%5D%2C%22userId.mods.fabrickId.callback%22%3A%5B877.6999998092651%5D%2C%22userId.mods.unifiedId.callback%22%3A%5B1052.6999998092651%5D%2C%22userId.mods.criteo.callback%22%3A%5B2539.2999992370605%5D%2C%22userId.mods.id5Id.callback%22%3A%5B2540.800000190735%5D%2C%22userId.callbacks.total%22%3A%5B2551.199999809265%5D%2C%22userId.total%22%3A%5B9328.400000572205%5D%2C%22requestBids.usp%22%3A0%2C%22requestBids.priceFloors%22%3A2.6999998092651367%2C%22requestBids.userId%22%3A3.1999998092651367%2C%22requestBids.validate%22%3A7%2C%22requestBids.makeRequests%22%3A28.300000190734863%2C%22adapter.client.validate%22%3A0%2C%22adapters.client.kargo.validate%22%3A0%7D%2C%22bidRequestsCount%22%3A2%2C%22bidderRequestsCount%22%3A2%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22cafemedia.com%22%2C%22segment%22%3A%5B%7B%22id%22%3A%221%22%7D%5D%2C%22ext%22%3A%7B%22segtax%22%3A6%7D%7D%5D%7D%7D%7D%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22cafemedia.com%22%2C%22sid%22%3A%226086f736fa0c1f0c8270ab14%22%2C%22hp%22%3A1%2C%22rid%22%3A%2293eb1196-8fc3-4cce-84b4-4be428e6f327%22%7D%5D%7D%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%2C%22usp%22%3A%221---%22%2C%22tdID%22%3A%2220b9b72d-4be5-428b-b562-110fee7c8206%22%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.notateslaapp.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.108.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-108-184.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:58 GMT
Content-Encoding
gzip
X-Accel-Expires
0
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://mail.notateslaapp.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
26
Expires
Thu, 01 Jan 1970 00:00:00 UTC
cdb
bidder.criteo.com/
18 B
318 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.18.0&cb=55447102815&lsavail=1&bundle=beWxSV9wMmJDTnFPb2ElMkZ1TnNTcGhpejhkOGdNU1h1UzBpTUhGekhQUERZVG1uZEhvVW1QeUw2bmZwbWc4TjIlMkZkMWNweVA3cCUyQlNyTFNZRDFkQ1NWenZHanZYZlZnUSUyQkhFQVhzMzNNWE1FbjVLVDdzUWNuaVRKTzJWMmJaeW5KNkhVVVVQ
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 20:17:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
auction
tlx.3lift.com/header/
19 B
741 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.18.0&referrer=https%3A%2F%2Fwww.notateslaapp.com%2F&tmax=5000&us_privacy=1---
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.146.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-146-96.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:58 GMT
accept-ch
sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height
x-auction-status
12
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
arj
cafemedia-d.openx.net/w/1.0/
190 B
199 B
XHR
General
Full URL
https://cafemedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.notateslaapp.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=2890104d-2a25-40dc-bf71-1edec5323669&nocache=1670357878148&scsm=cafemedia.com%2F6%3A1&us_privacy=1---&criteoid=HrLMFV96Rlk5TnplJTJCdkdVeGZvNWN1eXhBNVJuU3FsQTZwTVMwSnJGcm9aYjR6UzBUaWV1VVVuWFlmSTU5cjdXWnpnMloxZXJPQkhURGdnYmhYT2t3RDhxOERRJTNEJTNE&id5id=ID5*Y92MYPA8AFYj8FKYHVII7xLNdBtmlNEErbDy3Myyh5ounkKfST3xXSs8HB_9JKiM&pubcid=996b3fe4-cfc2-4673-b5fd-f5099e120d17&ttduuid=20b9b72d-4be5-428b-b562-110fee7c8206&nuestarid=E1%3AqXdT68zpp3ZEpL3NjfqWSkEK-6fOX9z-HHXblNm7kWhn-0m8yOidSJxEVwpGXuJ_ZPSx42F5FHzaEm1NHQGFUyEuU3qqvlv8pvuWcozUfMc&schain=1.0%2C1!cafemedia.com%2C6086f736fa0c1f0c8270ab14%2C1%2C93eb1196-8fc3-4cce-84b4-4be428e6f327%2C%2C&aus=728x90%2C320x50%2C970x250%2C970x90%2C300x50%2C320x100%2C468x60%2C1x1%2C728x250&divids=AdThrive_Header_1_desktop&aucs=%252F18190176%252FAdThrive_Header_1%252F6086f736fa0c1f0c8270ab14&auid=538699873&tps=c2Vucz1hbGMsYXN0LGNiZCxjb25sLGNvc20sZGF0LGRsdSxkcmcsZ2FtYyxnYW12LGdycSxwb2wscmVsLHNzdCxzc3Isc3JoLHNrZSx0b2Isd3RsJmJ1Y2tldD1iZXRhMTpvdnJkJmhpX2F1PQ%3D%3D&aumfs=460
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:58 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
176
expires
Mon, 26 Jul 1997 05:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/
62 B
93 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d00177771bcae21c6941d30023&pos=8a969d580177771bc13c2045cac4007f&cmd=bid&sens=alc%2Cast%2Ccbd%2Cconl%2Ccosm%2Cdat%2Cdlu%2Cdrg%2Cgamc%2Cgamv%2Cgrq%2Cpol%2Crel%2Csst%2Cssr%2Csrh%2Cske%2Ctob%2Cwtl&eidcriteo.com=HrLMFV96Rlk5TnplJTJCdkdVeGZvNWN1eXhBNVJuU3FsQTZwTVMwSnJGcm9aYjR6UzBUaWV1VVVuWFlmSTU5cjdXWnpnMloxZXJPQkhURGdnYmhYT2t3RDhxOERRJTNEJTNE&eidid5-sync.com=ID5*Y92MYPA8AFYj8FKYHVII7xLNdBtmlNEErbDy3Myyh5ounkKfST3xXSs8HB_9JKiM&eidadserver.org=20b9b72d-4be5-428b-b562-110fee7c8206&secure=1&us_privacy=1---
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 20:17:58 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
content-length
62
translator
hbopenbid.pubmatic.com/
0
0

fastlane.json
fastlane.rubiconproject.com/a/api/
23 KB
10 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9262&site_id=180726&zone_id=881422&size_id=2&alt_size_ids=1%2C43%2C44%2C55%2C57%2C117%2C221&p_pos=atf&us_privacy=1---&rp_schain=1.0,1!cafemedia.com,6086f736fa0c1f0c8270ab14,1,93eb1196-8fc3-4cce-84b4-4be428e6f327,,&eid_criteo.com=HrLMFV96Rlk5TnplJTJCdkdVeGZvNWN1eXhBNVJuU3FsQTZwTVMwSnJGcm9aYjR6UzBUaWV1VVVuWFlmSTU5cjdXWnpnMloxZXJPQkhURGdnYmhYT2t3RDhxOERRJTNEJTNE%5E1&eid_id5-sync.com=ID5*Y92MYPA8AFYj8FKYHVII7xLNdBtmlNEErbDy3Myyh5ounkKfST3xXSs8HB_9JKiM%5E1%5E2&eid_pubcid.org=996b3fe4-cfc2-4673-b5fd-f5099e120d17%5E1&tpid_tdid=20b9b72d-4be5-428b-b562-110fee7c8206&eid_adserver.org=20b9b72d-4be5-428b-b562-110fee7c8206&eid_neustar.biz=E1%3AqXdT68zpp3ZEpL3NjfqWSkEK-6fOX9z-HHXblNm7kWhn-0m8yOidSJxEVwpGXuJ_ZPSx42F5FHzaEm1NHQGFUyEuU3qqvlv8pvuWcozUfMc%5E1&rf=https%3A%2F%2Fwww.notateslaapp.com%2F&tg_i.iab=1&tg_i.site_code=AFOI_2020%2CCNST_2021%2CDDIG_21%2CDEOI_2021%2CDSVR_2021%2CEXHFCE_2021%2CFBSL_2022%2CGCREF%2CGLDM_2021%2CHRSHW_2022%2CMSFTA_2022%2CNSTLE_22%2CSF_RN_122019%2CTGNAF_21%2CTRGT_022020%2CTYTA_22%2CVITFM_21&tg_i.site_id=6086f736fa0c1f0c8270ab14&tg_i.sens=alc%2Cast%2Ccbd%2Cconl%2Ccosm%2Cdat%2Cdlu%2Cdrg%2Cgamc%2Cgamv%2Cgrq%2Cpol%2Crel%2Csst%2Cssr%2Csrh%2Cske%2Ctob%2Cwtl&tg_i.verticals=Auto%2CTech&tg_i.pmp_elig=true&tg_i.mcmp=iabc_1&tg_i.refresh=true&tg_i.vp=0&tg_i.pos=atf&tg_i.pbadslot=%2F18190176%2FAdThrive_Header_1%2F6086f736fa0c1f0c8270ab14&tk_flint=pbjs_lite_v7.18.0&x_source.tid=2890104d-2a25-40dc-bf71-1edec5323669&l_pb_bid_id=635b948fbf0ce2a7&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.46&rp_maxbids=1&p_gpid=%2F18190176%2FAdThrive_Header_1%2F6086f736fa0c1f0c8270ab14&slots=1&rand=0.7920513098986861
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:58 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
bidRequest
c2shb.pubgw.yahoo.com/
66 B
97 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Referer
https://mail.notateslaapp.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 06 Dec 2022 20:17:58 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
content-length
66
prebid
ib.adnxs.com/ut/v3/
19 B
869 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.153 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:58 GMT
AN-X-Request-Uuid
bb8befb2-0e48-4ade-a0c3-c4516529d45e
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mail.notateslaapp.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
38.132.118.73; 38.132.118.73; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
btlr.sharethrough.com/universal/
0
263 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.56.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-56-171.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:58 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/
0
263 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.56.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-56-171.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:58 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/
773 B
982 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.56.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-56-171.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 06 Dec 2022 20:17:58 GMT
content-encoding
gzip
x-openrtb-version
2.5
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://mail.notateslaapp.com
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
436
v1
btlr.sharethrough.com/universal/
0
263 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.56.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-56-171.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:58 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/
0
263 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.56.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-56-171.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:58 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
cafemedia
direct.adsrvr.org/bid/bidder/
0
405 B
XHR
General
Full URL
https://direct.adsrvr.org/bid/bidder/cafemedia
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.250.166.129 , United States, ASN26459 (TTD-ASN-01, US),
Reverse DNS
Software
Kestrel /
Resource Hash

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 20:17:57 GMT
x-openrtb-version
2.3
server
Kestrel
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
/
colossusssp.com/
2 B
248 B
XHR
General
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.111.123 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:58 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
hb
hb.undertone.com/
0
798 B
XHR
General
Full URL
https://hb.undertone.com/hb?pid=2002&domain=notateslaapp.com&ccpa=1---
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.39.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-39-80.iad89.r.cloudfront.net
Software
istio-envoy /
Resource Hash

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:58 GMT
via
1.1 6bc1c280aeef9bbdeb102c7f4e4f773e.cloudfront.net (CloudFront)
server
istio-envoy
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
IAD89-C1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
88
x-amz-cf-id
H09ZBLP1L1-QfX_9pOqCEsyPd6lPR_z9Qqe3-KoaeQVk_OKfUqB6Wg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/
105 B
548 B
XHR
General
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fmail.notateslaapp.com%2F&pid=8eQOH0t77KuTn&cb=12&ws=1600x1200&v=22.1107.1609&t=4800&slots=%5B%7B%22sd%22%3A%22AdThrive_Sidebar_2_desktop%22%2C%22s%22%3A%5B%22300x250%22%2C%22320x50%22%2C%22300x50%22%2C%22320x100%22%2C%22250x250%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Sidebar_2%2F6086f736fa0c1f0c8270ab14%22%7D%5D&pj=%7B%22adRefresh%22%3A%221%22%7D&cfgv=1&schain=1.0%2C1!cafemedia.com%2C6086f736fa0c1f0c8270ab14%2C1%2C%2C%2C&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*z-AddlwBkUCPzcOOsW-Z-b7w5Q3KqUASAY1jymCPFowunlHCfIZ8YIZ-4OkqlfnM%22%2C%22pubcommon%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.184.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-184-78.iad89.r.cloudfront.net
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.notateslaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 20:17:58 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 ca8d1424de70ce439236d37048e65f54.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD89-C2
x-amz-rid
SKMZHHF9WA8NG871KQ9R
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
105
x-amz-cf-id
-Y4bU-OhYByNr7qeOI2BzUts9MvRguACUi2mWT5752NazLNrViMkDg==
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://mail.notateslaapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://mail.notateslaapp.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 06 Dec 2022 20:17:58 GMT
server
ATS/9.1.10.25
auction
prebid-server.rubiconproject.com/openrtb2/
277 B
468 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.89.34.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-89-34-248.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:58 GMT
content-encoding
gzip
x-prebid
pbs-java/1.105.0
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
230
expires
0
bid-request
a.teads.tv/hb/
16 B
393 B
XHR
General
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.200.33 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-33.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:58 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Tue, 06 Dec 2022 20:17:58 GMT
pbjs
htlb.casalemedia.com/openrtb/
38 B
510 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=185788&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%226777a64bd91b136a%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.notateslaapp.com%2F%3F%23Refresh%3ATrue%23PD%3Adesktop%23HVP%3A80%23Source%3Adirect%23Browser%3AChrome%23Topic%3AAuto%23Topic%3ATech%23MCMP%3Aiabc_1%23Sens%3Aalc%23Sens%3Aast%23Sens%3Acbd%23Sens%3Aconl%23Sens%3Acosm%23Sens%3Adat%23Sens%3Adlu%23Sens%3Adrg%23Sens%3Agamc%23Sens%3Agamv%23Sens%3Agrq%23Sens%3Apol%23Sens%3Arel%23Sens%3Asst%23Sens%3Assr%23Sens%3Asrh%23Sens%3Aske%23Sens%3Atob%23Sens%3Awtl%23vp%3A0%23AFOI_2020%3ATrue%23CNST_2021%3ATrue%23DDIG_21%3ATrue%23DEOI_2021%3ATrue%23DSVR_2021%3ATrue%23EXHFCE_2021%3ATrue%23FBSL_2022%3ATrue%23GCREF%3ATrue%23GLDM_2021%3ATrue%23HRSHW_2022%3ATrue%23MSFTA_2022%3ATrue%23NSTLE_22%3ATrue%23SF_RN_122019%3ATrue%23TGNAF_21%3ATrue%23TRGT_022020%3ATrue%23TYTA_22%3ATrue%23VITFM_21%3ATrue%22%2C%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22cafemedia.com%22%2C%22segment%22%3A%5B%7B%22id%22%3A%221%22%7D%5D%2C%22ext%22%3A%7B%22segtax%22%3A6%7D%7D%5D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A4%2C%22msi%22%3A4%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.18.0%22%2C%22userIds%22%3A%5B%22criteoId%22%5D%2C%22url%22%3A%22https%3A%2F%2Fmail.notateslaapp.com%2F%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A1%2C%22dms%22%3Atrue%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22%2F18190176%2FAdThrive_Sidebar_2%2F6086f736fa0c1f0c8270ab14%22%2C%22adunitcode%22%3A%22AdThrive_Sidebar_2_desktop%22%2C%22divId%22%3A%22AdThrive_Sidebar_2_desktop%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22678c8e19ff136558%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22185788%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22185788%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22185788%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22185788%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22185788%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A1%2C%22h%22%3A1%2C%22ext%22%3A%7B%22siteID%22%3A%22185788%22%2C%22fl%22%3A%22p%22%7D%7D%5D%2C%22pos%22%3A1%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F18190176%2FAdThrive_Sidebar_2%2F6086f736fa0c1f0c8270ab14%22%2C%22gpid%22%3A%22%2F18190176%2FAdThrive_Sidebar_2%2F6086f736fa0c1f0c8270ab14%22%2C%22tid%22%3A%2253ae6d58-c4ae-4fbd-bb1d-19460df03e2d%22%2C%22sid%22%3A%2228_4%22%7D%2C%22bidfloor%22%3A0.603%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22cafemedia.com%22%2C%22sid%22%3A%226086f736fa0c1f0c8270ab14%22%2C%22hp%22%3A1%2C%22rid%22%3A%222de95346-4797-49cd-80e9-3c9d201eb5cc%22%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ID5*Y92MYPA8AFYj8FKYHVII7xLNdBtmlNEErbDy3Myyh5ounkKfST3xXSs8HB_9JKiM%22%2C%22ext%22%3A%7B%22linkType%22%3A2%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%7D%5D%7D%2C%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2220b9b72d-4be5-428b-b562-110fee7c8206%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%2C%7B%22source%22%3A%22neustar.biz%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22E1%3AqXdT68zpp3ZEpL3NjfqWSkEK-6fOX9z-HHXblNm7kWhn-0m8yOidSJxEVwpGXuJ_ZPSx42F5FHzaEm1NHQGFUyEuU3qqvlv8pvuWcozUfMc%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22fabrickId%22%7D%7D%5D%7D%5D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Et3Qt3XCrw%2FWT3XOYM34Ln6YCbQAoRRE9BFyHcQ8wGU6Fuw9RTdv5ZYkhooiHTjXEB2SkIPzZbCqdBaZfydsg3trujGpV5ok8fiut4Xj%2FnkzWUMZ7DFGjAseQDofyXIJcH%2FImnzY"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7757b545e84bb3bf-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38
expires
0
bid
krk.kargo.com/api/v2/
2 B
656 B
XHR
General
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%2264aa31a5-eca6-4058-bd8c-7b39543aa4ad%22%2C%22requestCount%22%3A11%2C%22timeout%22%3A5000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1670357878689%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%226817050934f4d078%22%3A%22_mfu14jCkaN%22%7D%2C%22bidSizes%22%3A%7B%226817050934f4d078%22%3A%5B%5B300%2C250%5D%2C%5B320%2C50%5D%2C%5B300%2C50%5D%2C%5B320%2C100%5D%2C%5B250%2C250%5D%2C%5B1%2C1%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_mfu14jCkaN%22%7D%2C%22auctionId%22%3A%222dc04563-10ef-41fe-bdca-682d9e48a13c%22%2C%22floorData%22%3A%7B%22skipped%22%3Afalse%2C%22skipRate%22%3A10%2C%22modelVersion%22%3A%22bp-v1-cafemedia%402022-12-05-20%22%2C%22modelWeight%22%3A5%2C%22modelTimestamp%22%3A1670270400%2C%22location%22%3A%22setConfig%22%2C%22floorProvider%22%3A%22rubicon%22%7D%2C%22userId%22%3A%7B%22criteoId%22%3A%22HrLMFV96Rlk5TnplJTJCdkdVeGZvNWN1eXhBNVJuU3FsQTZwTVMwSnJGcm9aYjR6UzBUaWV1VVVuWFlmSTU5cjdXWnpnMloxZXJPQkhURGdnYmhYT2t3RDhxOERRJTNEJTNE%22%2C%22id5id%22%3A%7B%22uid%22%3A%22ID5*Y92MYPA8AFYj8FKYHVII7xLNdBtmlNEErbDy3Myyh5ounkKfST3xXSs8HB_9JKiM%22%2C%22ext%22%3A%7B%22linkType%22%3A2%7D%7D%2C%22pubcid%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%2C%22tdid%22%3A%2220b9b72d-4be5-428b-b562-110fee7c8206%22%2C%22fabrickId%22%3A%22E1%3AqXdT68zpp3ZEpL3NjfqWSkEK-6fOX9z-HHXblNm7kWhn-0m8yOidSJxEVwpGXuJ_ZPSx42F5FHzaEm1NHQGFUyEuU3qqvlv8pvuWcozUfMc%22%7D%2C%22userIdAsEids%22%3A%5B%7B%22source%22%3A%22criteo.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22HrLMFV96Rlk5TnplJTJCdkdVeGZvNWN1eXhBNVJuU3FsQTZwTVMwSnJGcm9aYjR6UzBUaWV1VVVuWFlmSTU5cjdXWnpnMloxZXJPQkhURGdnYmhYT2t3RDhxOERRJTNEJTNE%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ID5*Y92MYPA8AFYj8FKYHVII7xLNdBtmlNEErbDy3Myyh5ounkKfST3xXSs8HB_9JKiM%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A2%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2220b9b72d-4be5-428b-b562-110fee7c8206%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%2C%7B%22source%22%3A%22neustar.biz%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22E1%3AqXdT68zpp3ZEpL3NjfqWSkEK-6fOX9z-HHXblNm7kWhn-0m8yOidSJxEVwpGXuJ_ZPSx42F5FHzaEm1NHQGFUyEuU3qqvlv8pvuWcozUfMc%22%2C%22atype%22%3A1%7D%5D%7D%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22data%22%3A%7B%22pos%22%3A%22atf%22%2C%22adserver%22%3A%7B%22name%22%3A%22gam%22%2C%22adslot%22%3A%22%2F18190176%2FAdThrive_Sidebar_2%2F6086f736fa0c1f0c8270ab14%22%7D%2C%22pbadslot%22%3A%22%2F18190176%2FAdThrive_Sidebar_2%2F6086f736fa0c1f0c8270ab14%22%7D%2C%22tid%22%3A%2253ae6d58-c4ae-4fbd-bb1d-19460df03e2d%22%2C%22gpid%22%3A%22%2F18190176%2FAdThrive_Sidebar_2%2F6086f736fa0c1f0c8270ab14%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B320%2C50%5D%2C%5B300%2C50%5D%2C%5B320%2C100%5D%2C%5B250%2C250%5D%2C%5B1%2C1%5D%5D%2C%22pos%22%3A1%7D%7D%2C%22adUnitCode%22%3A%22AdThrive_Sidebar_2_desktop%22%2C%22transactionId%22%3A%2253ae6d58-c4ae-4fbd-bb1d-19460df03e2d%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B320%2C50%5D%2C%5B300%2C50%5D%2C%5B320%2C100%5D%2C%5B250%2C250%5D%2C%5B1%2C1%5D%5D%2C%22bidId%22%3A%226817050934f4d078%22%2C%22bidderRequestId%22%3A%22680da27063e2f0c5%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22userId.init.gdpr%22%3A%5B0.09999942779541016%5D%2C%22userId.mod.init%22%3A%5B0.6999998092651367%2C1.6000003814697266%2C0.20000076293945312%2C0%2C3.6999998092651367%2C0.09999942779541016%2C0.8000001907348633%5D%2C%22userId.mods.connectId.init%22%3A%5B0.6999998092651367%5D%2C%22userId.mods.criteo.init%22%3A%5B1.6000003814697266%5D%2C%22userId.mods.id5Id.init%22%3A%5B0.20000076293945312%5D%2C%22userId.mods.identityLink.init%22%3A%5B0%5D%2C%22userId.mods.sharedId.init%22%3A%5B3.6999998092651367%5D%2C%22userId.mods.unifiedId.init%22%3A%5B0.09999942779541016%5D%2C%22userId.mods.fabrickId.init%22%3A%5B0.8000001907348633%5D%2C%22userId.init.modules%22%3A%5B9.5%5D%2C%22userId.callbacks.pending%22%3A%5B6269.800000190735%5D%2C%22userId.mod.callback%22%3A%5B86.89999961853027%2C971.8999996185303%2C877.6999998092651%2C1052.6999998092651%2C2539.2999992370605%2C2540.800000190735%5D%2C%22userId.mods.sharedId.callback%22%3A%5B86.89999961853027%5D%2C%22userId.mods.identityLink.callback%22%3A%5B971.8999996185303%5D%2C%22userId.mods.fabrickId.callback%22%3A%5B877.6999998092651%5D%2C%22userId.mods.unifiedId.callback%22%3A%5B1052.6999998092651%5D%2C%22userId.mods.criteo.callback%22%3A%5B2539.2999992370605%5D%2C%22userId.mods.id5Id.callback%22%3A%5B2540.800000190735%5D%2C%22userId.callbacks.total%22%3A%5B2551.199999809265%5D%2C%22userId.total%22%3A%5B9328.400000572205%5D%2C%22requestBids.usp%22%3A0%2C%22requestBids.priceFloors%22%3A0.6999998092651367%2C%22requestBids.userId%22%3A1.6000003814697266%2C%22requestBids.validate%22%3A17.799999237060547%2C%22requestBids.makeRequests%22%3A7.100000381469727%2C%22adapter.client.validate%22%3A0%2C%22adapters.client.kargo.validate%22%3A0%7D%2C%22bidRequestsCount%22%3A2%2C%22bidderRequestsCount%22%3A2%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22cafemedia.com%22%2C%22segment%22%3A%5B%7B%22id%22%3A%221%22%7D%5D%2C%22ext%22%3A%7B%22segtax%22%3A6%7D%7D%5D%7D%7D%7D%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22cafemedia.com%22%2C%22sid%22%3A%226086f736fa0c1f0c8270ab14%22%2C%22hp%22%3A1%2C%22rid%22%3A%222de95346-4797-49cd-80e9-3c9d201eb5cc%22%7D%5D%7D%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%2C%22usp%22%3A%221---%22%2C%22tdID%22%3A%2220b9b72d-4be5-428b-b562-110fee7c8206%22%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.notateslaapp.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.108.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-108-184.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:58 GMT
Content-Encoding
gzip
X-Accel-Expires
0
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://mail.notateslaapp.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
26
Expires
Thu, 01 Jan 1970 00:00:00 UTC
cdb
bidder.criteo.com/
18 B
318 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.18.0&cb=97872261398&lsavail=1&bundle=beWxSV9wMmJDTnFPb2ElMkZ1TnNTcGhpejhkOGdNU1h1UzBpTUhGekhQUERZVG1uZEhvVW1QeUw2bmZwbWc4TjIlMkZkMWNweVA3cCUyQlNyTFNZRDFkQ1NWenZHanZYZlZnUSUyQkhFQVhzMzNNWE1FbjVLVDdzUWNuaVRKTzJWMmJaeW5KNkhVVVVQ
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 20:17:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://mail.notateslaapp.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
auction
tlx.3lift.com/header/
19 B
741 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.18.0&referrer=https%3A%2F%2Fwww.notateslaapp.com%2F&tmax=5000&us_privacy=1---
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.146.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-146-96.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:58 GMT
accept-ch
sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness
x-auction-status
12
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
arj
cafemedia-d.openx.net/w/1.0/
190 B
198 B
XHR
General
Full URL
https://cafemedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.notateslaapp.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=53ae6d58-c4ae-4fbd-bb1d-19460df03e2d&nocache=1670357878701&scsm=cafemedia.com%2F6%3A1&us_privacy=1---&criteoid=HrLMFV96Rlk5TnplJTJCdkdVeGZvNWN1eXhBNVJuU3FsQTZwTVMwSnJGcm9aYjR6UzBUaWV1VVVuWFlmSTU5cjdXWnpnMloxZXJPQkhURGdnYmhYT2t3RDhxOERRJTNEJTNE&id5id=ID5*Y92MYPA8AFYj8FKYHVII7xLNdBtmlNEErbDy3Myyh5ounkKfST3xXSs8HB_9JKiM&pubcid=996b3fe4-cfc2-4673-b5fd-f5099e120d17&ttduuid=20b9b72d-4be5-428b-b562-110fee7c8206&nuestarid=E1%3AqXdT68zpp3ZEpL3NjfqWSkEK-6fOX9z-HHXblNm7kWhn-0m8yOidSJxEVwpGXuJ_ZPSx42F5FHzaEm1NHQGFUyEuU3qqvlv8pvuWcozUfMc&schain=1.0%2C1!cafemedia.com%2C6086f736fa0c1f0c8270ab14%2C1%2C2de95346-4797-49cd-80e9-3c9d201eb5cc%2C%2C&aus=300x250%2C320x50%2C300x50%2C320x100%2C250x250%2C1x1&divids=AdThrive_Sidebar_2_desktop&aucs=%252F18190176%252FAdThrive_Sidebar_2%252F6086f736fa0c1f0c8270ab14&auid=538699854&tps=c2Vucz1hbGMsYXN0LGNiZCxjb25sLGNvc20sZGF0LGRsdSxkcmcsZ2FtYyxnYW12LGdycSxwb2wscmVsLHNzdCxzc3Isc3JoLHNrZSx0b2Isd3RsJmJ1Y2tldD1iZXRhMTpvdnJkJmhpX2F1PQ%3D%3D&aumfs=580
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:58 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
175
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/
0
63 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mail.notateslaapp.com
date
Tue, 06 Dec 2022 20:17:57 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/
23 KB
10 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9262&site_id=180726&zone_id=881454&size_id=15&alt_size_ids=14%2C43%2C44%2C117%2C221&p_pos=atf&us_privacy=1---&rp_schain=1.0,1!cafemedia.com,6086f736fa0c1f0c8270ab14,1,2de95346-4797-49cd-80e9-3c9d201eb5cc,,&eid_criteo.com=HrLMFV96Rlk5TnplJTJCdkdVeGZvNWN1eXhBNVJuU3FsQTZwTVMwSnJGcm9aYjR6UzBUaWV1VVVuWFlmSTU5cjdXWnpnMloxZXJPQkhURGdnYmhYT2t3RDhxOERRJTNEJTNE%5E1&eid_id5-sync.com=ID5*Y92MYPA8AFYj8FKYHVII7xLNdBtmlNEErbDy3Myyh5ounkKfST3xXSs8HB_9JKiM%5E1%5E2&eid_pubcid.org=996b3fe4-cfc2-4673-b5fd-f5099e120d17%5E1&tpid_tdid=20b9b72d-4be5-428b-b562-110fee7c8206&eid_adserver.org=20b9b72d-4be5-428b-b562-110fee7c8206&eid_neustar.biz=E1%3AqXdT68zpp3ZEpL3NjfqWSkEK-6fOX9z-HHXblNm7kWhn-0m8yOidSJxEVwpGXuJ_ZPSx42F5FHzaEm1NHQGFUyEuU3qqvlv8pvuWcozUfMc%5E1&rf=https%3A%2F%2Fwww.notateslaapp.com%2F&tg_i.iab=1&tg_i.site_code=AFOI_2020%2CCNST_2021%2CDDIG_21%2CDEOI_2021%2CDSVR_2021%2CEXHFCE_2021%2CFBSL_2022%2CGCREF%2CGLDM_2021%2CHRSHW_2022%2CMSFTA_2022%2CNSTLE_22%2CSF_RN_122019%2CTGNAF_21%2CTRGT_022020%2CTYTA_22%2CVITFM_21&tg_i.site_id=6086f736fa0c1f0c8270ab14&tg_i.sens=alc%2Cast%2Ccbd%2Cconl%2Ccosm%2Cdat%2Cdlu%2Cdrg%2Cgamc%2Cgamv%2Cgrq%2Cpol%2Crel%2Csst%2Cssr%2Csrh%2Cske%2Ctob%2Cwtl&tg_i.verticals=Auto%2CTech&tg_i.pmp_elig=true&tg_i.mcmp=iabc_1&tg_i.refresh=true&tg_i.vp=0&tg_i.pos=atf&tg_i.pbadslot=%2F18190176%2FAdThrive_Sidebar_2%2F6086f736fa0c1f0c8270ab14&tk_flint=pbjs_lite_v7.18.0&x_source.tid=53ae6d58-c4ae-4fbd-bb1d-19460df03e2d&l_pb_bid_id=6910e7776262a55e&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.58&rp_maxbids=1&p_gpid=%2F18190176%2FAdThrive_Sidebar_2%2F6086f736fa0c1f0c8270ab14&slots=1&rand=0.048762653956493374
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 20:17:58 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/
19 B
869 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.153 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 20:17:58 GMT
AN-X-Request-Uuid
2ba2e64b-ab65-4efa-93cb-b3bfda19bf00
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mail.notateslaapp.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
38.132.118.73; 38.132.118.73; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
btlr.sharethrough.com/universal/
0
263 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.56.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-56-171.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:58 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/
0
263 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.56.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-56-171.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:58 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/
0
263 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.56.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-56-171.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:58 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
cafemedia
direct.adsrvr.org/bid/bidder/
0
405 B
XHR
General
Full URL
https://direct.adsrvr.org/bid/bidder/cafemedia
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.250.166.129 , United States, ASN26459 (TTD-ASN-01, US),
Reverse DNS
Software
Kestrel /
Resource Hash

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 20:17:58 GMT
x-openrtb-version
2.3
server
Kestrel
content-type
application/json
access-control-allow-origin
https://mail.notateslaapp.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
/
colossusssp.com/
2 B
248 B
XHR
General
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b1d93de/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.111.123 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://mail.notateslaapp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mail.notateslaapp.com
Date
Tue, 06 Dec 2022 20:17:58 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/
0
0

auction
prebid-server.rubiconproject.com/openrtb2/
0
0

bid-request
a.teads.tv/hb/
0
0

cdb
bidder.criteo.com/
0
0

auction
tlx.3lift.com/header/
0
0

arj
cafemedia-d.openx.net/w/1.0/
0
0

translator
hbopenbid.pubmatic.com/
0
0

prebid
ib.adnxs.com/ut/v3/
0
0

cafemedia
direct.adsrvr.org/bid/bidder/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
prebid-server.rubiconproject.com
URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Domain
prebid-server.rubiconproject.com
URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
aax-dtb-cf.amazon-adsystem.com
URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fmail.notateslaapp.com%2F&pid=8eQOH0t77KuTn&cb=13&ws=1600x1200&v=22.1107.1609&t=4800&slots=%5B%7B%22sd%22%3A%22AdThrive_Sidebar_1_desktop%22%2C%22s%22%3A%5B%22120x240%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Sidebar_1%2F6086f736fa0c1f0c8270ab14%22%7D%5D&pj=%7B%22adRefresh%22%3A%221%22%7D&cfgv=1&schain=1.0%2C1!cafemedia.com%2C6086f736fa0c1f0c8270ab14%2C1%2C%2C%2C&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*z-AddlwBkUCPzcOOsW-Z-b7w5Q3KqUASAY1jymCPFowunlHCfIZ8YIZ-4OkqlfnM%22%2C%22pubcommon%22%3A%22996b3fe4-cfc2-4673-b5fd-f5099e120d17%22%7D%7D
Domain
prebid-server.rubiconproject.com
URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Domain
a.teads.tv
URL
https://a.teads.tv/hb/bid-request
Domain
bidder.criteo.com
URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.18.0&cb=36173387618&lsavail=1&bundle=beWxSV9wMmJDTnFPb2ElMkZ1TnNTcGhpejhkOGdNU1h1UzBpTUhGekhQUERZVG1uZEhvVW1QeUw2bmZwbWc4TjIlMkZkMWNweVA3cCUyQlNyTFNZRDFkQ1NWenZHanZYZlZnUSUyQkhFQVhzMzNNWE1FbjVLVDdzUWNuaVRKTzJWMmJaeW5KNkhVVVVQ
Domain
tlx.3lift.com
URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.18.0&referrer=https%3A%2F%2Fwww.notateslaapp.com%2F&tmax=5000&us_privacy=1---
Domain
cafemedia-d.openx.net
URL
https://cafemedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.notateslaapp.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=5a8eb4cc-fe31-48f9-ac18-2bf9065ece62&nocache=1670357879278&scsm=cafemedia.com%2F6%3A1&us_privacy=1---&criteoid=HrLMFV96Rlk5TnplJTJCdkdVeGZvNWN1eXhBNVJuU3FsQTZwTVMwSnJGcm9aYjR6UzBUaWV1VVVuWFlmSTU5cjdXWnpnMloxZXJPQkhURGdnYmhYT2t3RDhxOERRJTNEJTNE&id5id=ID5*Y92MYPA8AFYj8FKYHVII7xLNdBtmlNEErbDy3Myyh5ounkKfST3xXSs8HB_9JKiM&pubcid=996b3fe4-cfc2-4673-b5fd-f5099e120d17&ttduuid=20b9b72d-4be5-428b-b562-110fee7c8206&nuestarid=E1%3AqXdT68zpp3ZEpL3NjfqWSkEK-6fOX9z-HHXblNm7kWhn-0m8yOidSJxEVwpGXuJ_ZPSx42F5FHzaEm1NHQGFUyEuU3qqvlv8pvuWcozUfMc&schain=1.0%2C1!cafemedia.com%2C6086f736fa0c1f0c8270ab14%2C1%2C2de95346-4797-49cd-80e9-3c9d201eb5cc%2C%2C&aus=120x240&divids=AdThrive_Sidebar_1_desktop&aucs=%252F18190176%252FAdThrive_Sidebar_1%252F6086f736fa0c1f0c8270ab14&auid=538699853&tps=c2Vucz1hbGMsYXN0LGNiZCxjb25sLGNvc20sZGF0LGRsdSxkcmcsZ2FtYyxnYW12LGdycSxwb2wscmVsLHNzdCxzc3Isc3JoLHNrZSx0b2Isd3RsJmJ1Y2tldD1iZXRhMTpvdnJkJmhpX2F1PQ%3D%3D&aumfs=460
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
direct.adsrvr.org
URL
https://direct.adsrvr.org/bid/bidder/cafemedia

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| oncontentvisibilityautostatechange function| gtag object| dataLayer object| adthrive function| deleteCookie function| getCookie function| setCookie function| debounce object| tesla function| setColorSchemeLight function| setColorSchemeDark function| randomIntFromInterval object| colorSchemeButton function| cruptnjcbrex function| atuwyqfleiajs object| __cfBeacon object| adthriveCLS object| apstag object| googletag object| pbjs object| BlockAdBlock object| blockAdBlock object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| _pbjsGlobals function| onYouTubeIframeAPIReady object| gaGlobal object| ggeac object| google_js_reporting_queue object| gaplugins object| gaData boolean| apstagLOADED object| webVitals function| __uspapi object| _comscore object| confiant object| COMSCORE function| udm_ object| ns_p undefined| google_measure_js_timing function| setImmediate function| clearImmediate object| ID5 object| brandmetrics function| __assign object| _brandmetrics function| __spreadArrays object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id function| confiantDfpWrap function| Tapad object| ats object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| GoogleGcLKhOms object| google_image_requests

167 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQrMfYyM4wCgoIgQIQrMfYyM4wCgoI4gEQrMfYyM4wCgoI5gEQrMfYyM4wCgoIhwIQrMfYyM4wCgoI5wEQnqPZyM4wCgkICRCsx9jIzjAKCQhJEJ6j2cjOMAoJCAsQnqPZyM4wCgoIjAIQrMfYyM4wCgoIjgEQnqPZyM4wCgoIkQIQnqPZyM4wCgoIkgIQnqPZyM4wCgoIlAIQnqPZyM4wCgkIORCeo9nIzjAKCQg6EKzH2MjOMAoJCBsQnqPZyM4wCgoI3gEQnqPZyM4wCgkIXxCsx9jIzjAKCQgfEKzH2MjOMA==
mail.notateslaapp.com/ Name: __adblocker
Value: false
.notateslaapp.com/ Name: _ga
Value: GA1.2.355545597.1670357848
.notateslaapp.com/ Name: _gid
Value: GA1.2.1002999196.1670357848
.notateslaapp.com/ Name: _gat_gtag_UA_145811549_1
Value: 1
mail.notateslaapp.com/ Name: usprivacy
Value: 1---
mail.notateslaapp.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.scorecardresearch.com/ Name: UID
Value: 1C76c9ad8295a18c012029c1670357848
.kargo.com/ Name: ktcid
Value: e037d87b-99ae-0af7-1e18-5f7a684082ed
.openx.net/ Name: i
Value: 996b3fe4-cfc2-4673-b5fd-f5099e120d17|1670357849
.yahoo.com/ Name: A3
Value: d=AQABBFmjj2MCEIfxPJC3U-SGX1on9rLDhMEFEgEBAQH0kGOZYwAAAAAA_eMAAA&S=AQAAApu8TFRBuWom1Zgzw80Hu_4
.sharethrough.com/ Name: stx_user_id
Value: 2713539e-0a1b-4190-9dfd-efdcecb5be29
.teads.tv/ Name: tt_viewer
Value: 7a935f4a-7d22-4ee0-aa98-bb651d4d095a
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: loc
Value: jgFQ1i7taklKhSNj6gDbrWb_HrBQvV12nadpA6d4peuJyH8N9hpuUsmaWvdNwz3gSI7KtvwJbuxoIbMdJZZibxLdlV6JbvFw-PJHL0EWglxyrpDalL1a_rdRipBZ-W2aBGgQ9fxGg0WarX5rJXoHpg
.gumgum.com/ Name: vst
Value: u_db53a96b-9455-4d40-85d9-23765280425c
.amazon-adsystem.com/ Name: ad-id
Value: A0XuJe8Bkkdjm5pbN_4vkGQ
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.bidswitch.net/ Name: tuuid
Value: b1d435b5-77d4-4214-8692-93c49c8f540c
.bidswitch.net/ Name: c
Value: 1670357851
.bidswitch.net/ Name: tuuid_lu
Value: 1670357851
.rubiconproject.com/ Name: khaos
Value: LBCNXQNN-11-M5LE
.undertone.com/ Name: UTID_ENC
Value: 119fxh304rxmr016n27iw03vd
.undertone.com/ Name: UTID
Value: 117bc498e1524209a47a03c49fc8ab99
.adnxs.com/ Name: uuid2
Value: 630481314781216515
.casalemedia.com/ Name: CMID
Value: Y4.jW4WwZUQrKydWgaf8DQAA
.casalemedia.com/ Name: CMPS
Value: 405
.casalemedia.com/ Name: CMPRO
Value: 405
.doubleclick.net/ Name: IDE
Value: AHWqTUkG-4FgyVPej-53HihpPWY-KeOYHQTiCzbLFdduj_JC5C6r_D7kWwbnS55em00
.3lift.com/ Name: tluid
Value: 3483547462859989278829
.yieldmo.com/ Name: yieldmo_id
Value: gc5be86089e62789db8b%7C1670357853080%7C0%7C
.mid.rkdms.com/ Name: sessionid
Value: h-87f0d66696aed9b725cbceaf60653188_t-1670357853
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y4_jXQAB-6N2IwAo
.adsrvr.org/ Name: TDID
Value: 20b9b72d-4be5-428b-b562-110fee7c8206
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-824a6a55-1bc0-46ba-7fd6-a2b1740cbd21.aPYFCQwIRArf9rlvj%2BnvW0G8VxdN%2FrUcaJoc3Ll0bi0
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AgkpqVRvARrp_1qKxdAy9ISaEdkk.%2Be0AOIDtTeq1DbBUcZhrh5M3EczTBfzxuZ74AgX7kXY
.eqads.com/ Name: EQUser
Value: UID=316bc75a-6356-4d28-90e2-26d46825b1d2
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.adform.net/ Name: C
Value: 1
.zemanta.com/ Name: zuid
Value: MHbgFxllIZAxE2VBBjzy
.notateslaapp.com/ Name: __gads
Value: ID=e62bfd75286d4a2b:T=1670357852:S=ALNI_MbSa04HuTLtbY88nOYthFcT--Ucmw
.notateslaapp.com/ Name: __gpi
Value: UID=00000577a16016cd:T=1670357852:RT=1670357852:S=ALNI_Mbd4xPtJQ67_8GMrAXmZnHbaXvf7Q
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 85DC2051-57CB-4AF5-8B38-9847A0099E99
.bing.com/ Name: MUID
Value: 14078A89AC926932306F98FBAD02689B
.c.bing.com/ Name: MR
Value: 0
.adform.net/ Name: uid
Value: 188842751989571768
.linkedin.com/ Name: li_sugr
Value: 9a60fe37-b838-4441-8d01-6498245af41e
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&fc8a7c21-c1c8-4b49-8d44-5e744b7309e3"
.linkedin.com/ Name: lidc
Value: "b=TGST01:s=T:r=T:a=T:p=T:g=2963:u=1:x=1:i=1670357854:t=1670444254:v=2:sig=AQHbf6SI0wxJVysbEAx4-TOYHJngHn9N"
.openx.net/ Name: univ_id
Value: 537072971|20b9b72d-4be5-428b-b562-110fee7c8206|1670357854503755
.adotmob.com/ Name: uid
Value: 0875220407bc04a94302b9e5
.adotmob.com/ Name: uuid
Value: 0875220407bc04a94302b9e5
.adotmob.com/ Name: partners
Value: IX%3A1670357854645
mail.notateslaapp.com/ Name: _lr_retry_request
Value: true
mail.notateslaapp.com/ Name: _lr_env_src_ats
Value: false
.ads.yieldmo.com/ Name: ptradfm
Value: 188842751989571768
.ads.yieldmo.com/ Name: ptrstk
Value: gkpqVRvARrp_1qKxdAy9ISaEdkk
.ads.yieldmo.com/ Name: ptrrc
Value: LBCNXQNN-11-M5LE
.ads.yieldmo.com/ Name: ptran
Value: 630481314781216515
.emxdgt.com/ Name: uid
Value: 53491670357855485780b3
ads.avct.cloud/ Name: uuid
Value: 67cb9b99-3a57-4146-9a8a-a2de4dfc0a31
.33across.com/ Name: 33x_ps
Value: u%3D212050011722259%3As1%3D1670357855485%3Ats%3D1670357855485
.technoratimedia.com/ Name: tads_uid
Value: D7B9D9F680BC46E187FAFC0A2559F152
.technoratimedia.com/ Name: tads_uid_cd
Value: 20221206201735+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.mathtag.com/ Name: uuid
Value: d460638f-a35f-4400-9851-98d66543df75
.admixer.net/ Name: am-uid
Value: bc4452818b984146a3f3af99e6f4260a
.contextweb.com/ Name: V
Value: acZWaNvTdeQY
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1hn3|7bq.0.1
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: e448eded388650c2
.ipredictive.com/ Name: cu
Value: b3e62e8c-aadf-47bc-b1b5-84d2640b9384|1670357855512
.agkn.com/ Name: ab
Value: 0001%3A66u4mk7PqxDfxlcYUzQkDnFUK9aAuyW1
.outbrain.com/ Name: obuid
Value: 91e75661-df3d-4dcb-82a4-263d7a87f7e4
.bluekai.com/ Name: bku
Value: ikG99aIMMtBMDHyu
.socdm.com/ Name: SOC
Value: Y4.jX8Co5sIAAG38AX8AAAAA
.tapad.com/ Name: TapAd_TS
Value: 1670357855670
.tapad.com/ Name: TapAd_DID
Value: bf73b27f-b0e3-4b52-be1d-6c53fcb39798
.adsymptotic.com/ Name: U
Value: da9d7f5aac5b6c524d4a378fe3d406b6
.id5-sync.com/ Name: callback
Value:
.emxdgt.com/ Name: apn_id
Value: 630481314781216515
.360yield.com/ Name: tuuid
Value: 106821f5-3053-473b-bce8-72435f5b3091
.360yield.com/ Name: tuuid_lu
Value: 1670357855
.deepintent.com/ Name: CDIUSER
Value: di_3d25ad4adb764446ab954
.creativecdn.com/ Name: u
Value: SLlbXMgQTt2RTMWCN2sl
.creativecdn.com/ Name: ts
Value: 1670357855
mail.notateslaapp.com/ Name: _lr_geo_location
Value: US
.smartadserver.com/ Name: pid
Value: 761917122711880150
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-a2d0274a-909f-4f09-a395-d674db312b81-005%22%7D
.ads.yieldmo.com/ Name: ptrpub
Value: 85DC2051-57CB-4AF5-8B38-9847A0099E99
.notateslaapp.com/ Name: cto_bundle
Value: beWxSV9wMmJDTnFPb2ElMkZ1TnNTcGhpejhkOGdNU1h1UzBpTUhGekhQUERZVG1uZEhvVW1QeUw2bmZwbWc4TjIlMkZkMWNweVA3cCUyQlNyTFNZRDFkQ1NWenZHanZYZlZnUSUyQkhFQVhzMzNNWE1FbjVLVDdzUWNuaVRKTzJWMmJaeW5KNkhVVVVQ
.notateslaapp.com/ Name: cto_bidid
Value: HrLMFV96Rlk5TnplJTJCdkdVeGZvNWN1eXhBNVJuU3FsQTZwTVMwSnJGcm9aYjR6UzBUaWV1VVVuWFlmSTU5cjdXWnpnMloxZXJPQkhURGdnYmhYT2t3RDhxOERRJTNEJTNE
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-a2d0274a-909f-4f09-a395-d674db312b81-005%22%7D
.doubleclick.net/ Name: DSID
Value: NO_DATA
.colossusssp.com/ Name: gtm_usr
Value: a3c13017-cb17-45dc-8875-a1ad2eb2b6aa
.colossusssp.com/ Name: lmg_r
Value: 11
.prebid-server.rubiconproject.com/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsidW5ydWx5Ijp7InVpZCI6IlJYLWEyZDAyNzRhLTkwOWYtNGYwOS1hMzk1LWQ2NzRkYjMxMmI4MS0wMDUiLCJleHBpcmVzIjoiMjAyMi0xMi0yMFQyMDoxNzo0My4wNTI1MjYxODdaIn0sImJyaWdodHJvbGwiOnsidWlkIjoieS1JTUJhZFI1RTJvSzYwSk5VMktNTlFoOVRNTW95Qy5JY0huV1F2aDZoUlBDUTlGc0RqVlY3ZFEtLX5BIiwiZXhwaXJlcyI6IjIwMjItMTItMjBUMjA6MTc6NDMuNDE2NzQyNjQ2WiJ9LCJncmlkIjp7InVpZCI6ImIxZDQzNWI1LTc3ZDQtNDIxNC04NjkyLTkzYzQ5YzhmNTQwYyIsImV4cGlyZXMiOiIyMDIyLTEyLTIwVDIwOjE3OjMxLjM3NDM1NTY1NloifSwiY29sb3NzdXMiOnsidWlkIjoiW1VJRF0iLCJleHBpcmVzIjoiMjAyMi0xMi0yMFQyMDoxNzo0Mi42OTE2MjA3NDFaIn0sInRyaXBsZWxpZnQiOnsidWlkIjoiMzQ4MzU0NzQ2Mjg1OTk4OTI3ODgyOSIsImV4cGlyZXMiOiIyMDIyLTEyLTIwVDIwOjE3OjM0LjE1MzE1Njc1NFoifSwicnViaWNvbiI6eyJ1aWQiOiJMQkNOWFFOTi0xMS1NNUxFIiwiZXhwaXJlcyI6IjIwMjItMTItMjBUMjA6MTc6MzQuMTUxNDAzMDc2WiJ9LCJjb252ZXJzYW50Ijp7InVpZCI6IkFBQUJ4UDdGMncxUkN3TjQtSWduQUFBQUFBQSIsImV4cGlyZXMiOiIyMDIyLTEyLTIwVDIwOjE3OjQ0LjUwNzk0NjA0OVoifSwieWllbGRtbyI6eyJ1aWQiOiJnYzViZTg2MDg5ZTYyNzg5ZGI4YiIsImV4cGlyZXMiOiIyMDIyLTEyLTIwVDIwOjE3OjQ0LjY1MTY2MTY1WiJ9fSwiYmRheSI6IjIwMjItMTItMDZUMjA6MTc6MzEuMzczNzA0MDA1WiJ9
.criteo.com/ Name: uid
Value: 978fb9bb-8505-4b8e-83fb-878977f26f9c
.openx.net/ Name: pd
Value: v2|1670357851.13|iKvMgakWgy.bwuYvPhEgKg2
.notateslaapp.com/ Name: _gat_UA-145811549-1
Value: 1
.notateslaapp.com/ Name: _ga_TK8ZNSHLTK
Value: GS1.1.1670357848.1.1.1670357865.0.0.0
.id5-sync.com/ Name: id5
Value: 6c6388a8-7bbe-75c8-980c-9ff3b001f9db#1670357851469#4
.adnxs.com/ Name: anj
Value: dTM7k!M40]D>6NRF']wIg2E?!u`<W8!@wnf-Te9(SNOfY2^u31Et*ugGmiIxDZ31_G5'FoFp5-nD>YmZt'>_>GdDoo@N7Cj3nXm/!<rQnT8pVd
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0X25hdGl2ZSI6eyJ1aWQiOiIzNDgzNTQ3NDYyODU5OTg5Mjc4ODI5IiwiZXhwaXJlcyI6IjIwMjMtMDMtMDZUMjA6MTc6NDVaIn0sInRyaXBsZWxpZnQiOnsidWlkIjoiMzQ4MzU0NzQ2Mjg1OTk4OTI3ODgyOSIsImV4cGlyZXMiOiIyMDIzLTAzLTA2VDIwOjE3OjQ1WiJ9fSwiYmlydGhkYXkiOiIyMDIyLTEyLTA2VDIwOjE3OjQ1WiJ9
.sitescout.com/ Name: ssi
Value: 5083f967-d1e7-4042-bde6-612d6aebdf91#1670357865482
.w55c.net/ Name: wfivefivec
Value: GolBg5zi1P2EnT5
.pubmatic.com/ Name: pi
Value: 160318:3
.sitescout.com/ Name: _ssuma
Value: eyIyNiI6MTY3MDM1Nzg2NTY3NSwiMzkiOjE2NzAzNTc4NjU1OTksIjciOjE2NzAzNTc4NjU1OTl9
.advertising.com/ Name: A3
Value: d=AQABBGmjj2MCEJrUxZyHfmsEKAi3u_iUTT4FEgEBAQH0kGOZYwAAAAAA_eMAAA&S=AQAAAjXsJL8Y2-vCuGtFFAnrDOI
.w55c.net/ Name: matchtriplelift
Value: 5
.bidr.io/ Name: bitoIsSecure
Value: ok
.bidr.io/ Name: bito
Value: AAA5dE7HH0cAAB-zaSXqQA
mail.notateslaapp.com/ Name: cto_bundle
Value: EL7rk19HOFNJdTMlMkJCZVF1OUxVbkhJWFBSME13SFY4WjZOS0hwS0NsUzIlMkJPcW1JQ1lZanZWVVJFUFhjWm5ON3dNcnFYQmFnUUdkV0ZlMUtuRlVaalBmY2JVWEFMTnkxU3paVjNHM1ZzUUY4dG1od2lOR2slMkJ3VzlSNW5OSjR6TUdNUnZ2dk1rMHlNJTJGSmUxdXZWY0c4M1ljMXElMkZ4dHolMkJzM3oyT1dSdGRmZGFaa3RyWmMlM0Q
.analytics.yahoo.com/ Name: IDSYNC
Value: "18y3~28p8:18za~28p8:18z9~28p8"
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEBE48uPn9gdwyEyL-cd3UEE&KRTB&22987-CAESEBE48uPn9gdwyEyL-cd3UEE&KRTB&23025-CAESEBE48uPn9gdwyEyL-cd3UEE&KRTB&23386-CAESEBE48uPn9gdwyEyL-cd3UEE
.pubmatic.com/ Name: SyncRTB3
Value: 1671494400%3A220_21_13
.dpm.demdex.net/ Name: dpm
Value: 18207550370296800423514429689171019531
.demdex.net/ Name: demdex
Value: 18207550370296800423514429689171019531
.bluekai.com/ Name: bkdc
Value: phx
.krxd.net/ Name: _kuid_
Value: PPf8P_B8
.turn.com/ Name: uid
Value: 8494657214754093260
.exelator.com/ Name: EE
Value: "f2363de882b6887b95df131041c76b94"
.undertone.com/ Name: UID_EXT_39
Value: 01aa679a-66ea-45e7-85ae-22260d991eb8
.undertone.com/ Name: UID_EXT_46
Value: 20b9b72d-4be5-428b-b562-110fee7c8206
.undertone.com/ Name: UID_EXT_47
Value: LBCNXQNN-11-M5LE
.undertone.com/ Name: UID_EXT_56
Value: y-YnyEjuRE2uGNVr39QPMXwoHzPuk7JIvFaiKrHO4-~A
.simpli.fi/ Name: suid
Value: AEE418221A054D9EAD31DEEC64DB2D92
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSHNyNjMOCXVwsIoyczCwjzJ0jQlzdDY0MDEMNncLMnSZHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDAYkl%252BUWb6otDgxUUpaQyLSopPBR8q6QYAerYp9w%253D%253D"
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 1230fbbbd94b398ae6ce5c906b059828
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMDQyNkhLSkpKsTRJMra0SEw1S041TbY0MEsyMLW0MLJgAILk%2FsVZIBoKAF3kCuY%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBI7l%2BcBaSgAAAY8QIA"
.rlcdn.com/ Name: pxrc
Value: COrGvpwGEgUI6AcQABIFCOhHEAA=
.rlcdn.com/ Name: rlas3
Value: rpxhDkNYvl6VUP294sxB2GC6rqDemwcNy9my4JAUwYA=
.dotomi.com/ Name: DotomiTest
Value: 4ebf40cec42815d8
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:AEE418221A054D9EAD31DEEC64DB2D92
.pubmatic.com/ Name: PugT
Value: 1670357865
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 9df05b52-8cb7-4736-91f1-9ff8b580fb5c
beacon.lynx.cognitivlabs.com/ Name: ss
Value: eL1RUsZ0Yd3AHUROagvl26G5kG78FZbbt4UheCL86ea1GAWNJdeyeIBgDcxWIWFlXimEsFElqNk%2B9ZyORVcEAQ%3D%3D
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 5
.rubiconproject.com/ Name: audit
Value: 1|mFVHqHkj5bEAP2zra3mDSqS5Bv7H1ouoxdnNVF8ci158Scv0hcrlrWXC71RpvVILa/Os/+DVD1o6SU1RcAzs5Nkrs3tp8zmIFRvmjPJuJREK32IkvIf3jQ==
.quantserve.com/ Name: d
Value: EAMBDQHfJ7jvsQA
.quantserve.com/ Name: mc
Value: 638fa36a-cd210-51d68-e79be
.pippio.com/ Name: didts
Value: 1670357866
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: COrGvpwGEgYIgr0rEAA=
.pippio.com/ Name: did
Value: EEXzobgZMsUWPFOA
.addthis.com/ Name: ouid
Value: 638fa36a000153dbb14344d39697a97c49baa497d50ab4871d9e
.addthis.com/ Name: uid
Value: 638fa36aaeb5f4dd
.addthis.com/ Name: na_id
Value: 2022120620174666700295478861
.pubmatic.com/ Name: SPugT
Value: 1670357865
.undertone.com/ Name: UID_EXT_54
Value: 5083f967-d1e7-4042-bde6-612d6aebdf91-638fa369-5553
.undertone.com/ Name: UID_EXT_57
Value: Y4-jW4WwZUQrKydWgaf8DQAAAZUAAAAB
.undertone.com/ Name: UID_EXT_53
Value: 85DC2051-57CB-4AF5-8B38-9847A0099E99
.casalemedia.com/ Name: CMTS
Value: 935
.go.sonobi.com/ Name: __uis
Value: 8205d9cc-310c-4610-a63c-359c41781615
.360yield.com/ Name: um
Value: !79,QDBzIGF8zmVCxhI7wES06LbMAjGldC84NsDYv86vCfDLfH2aPtJoXDYwFgRVyUt8Cq5jzShq05sWp3oZ,1678133868
.360yield.com/ Name: umeh
Value: !79,0,1732565868,-1
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGY2FzYWxlEgsIzrP1kJ70qzsQBRIbCgxzaGFyZXRocm91Z2gSCwiU2ougnvSrOxAFEhYKB3J1Ymljb24SCwjKgc-lnvSrOxAFEhQKBXRhcGFkEgsI0My2rJ70qzsQBRISCgNhYW0SCwiivLmIn_SrOxAFGAEgASgCMgsIgr3_zLX0qzsQBTgBWgc4aDl1MTFoYAI.
.id5-sync.com/ Name: 3pi
Value: 434#1670357867934#-200853358|2#1670357870124#-681918026#630481314781216515|3#1670357869517#965097542#d460638f-a35f-4400-9851-98d66543df75|264#1670357868630#-1037528199#20b9b72d-4be5-428b-b562-110fee7c8206|441#1670357865290#-1013872438#u_db53a96b-9455-4d40-85d9-23765280425c|203#1670357869283#1672858891#978fb9bb-8505-4b8e-83fb-878977f26f9c|155#1670357870340#1804155829#AAA5dE7HH0cAAB-zaSXqQA|108#1670357868144#1725935630|124#1670357868364#1274607711|429#1670357869884#328548136#85DC2051-57CB-4AF5-8B38-9847A0099E99
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:

4 Console Messages

Source Level URL
Text
other warning URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Message:
Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
ads.adthrive.com
ads.avct.cloud
ads.pubmatic.com
ads.yieldmo.com
adservice.google.com
api.rlcdn.com
ats.rlcdn.com
b1sync.zemanta.com
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
c2shb.pubgw.yahoo.com
c2shb.ssp.yahoo.com
cafemedia-d.openx.net
casale-match.dotomi.com
cdn.ampproject.org
cdn.brandmetrics.com
cdn.confiant-integrations.net
cdn.id5-sync.com
cdn.jwplayer.com
cdn.undertone.com
cloudflareinsights.com
cm.g.doubleclick.net
cms.quantserve.com
collector.brandmetrics.com
colossusssp.com
creativecdn.com
cs.emxdgt.com
cw.addthis.com
d3div1mtym39ic.cloudfront.net
db254acb33f678ba851d2ed2560cd682.safeframe.googlesyndication.com
direct.adsrvr.org
dis.eu.criteo.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
encrypted-tbn3.gstatic.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fid.agkn.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
geo.privacymanager.io
googleads.g.doubleclick.net
gum.criteo.com
hb.undertone.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
ice.360yield.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
insight.adsrvr.org
inv-nets.admixer.net
js-sec.indexww.com
krk.kargo.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
loadm.exelator.com
logger.adthrive.com
mail.notateslaapp.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
mid.rkdms.com
mug.criteo.com
p.adsymptotic.com
pagead2.googlesyndication.com
pandg.tapad.com
pghub.io
pippio.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
prebid-match.dotomi.com
prebid-server.rubiconproject.com
px.ads.linkedin.com
rtb.gumgum.com
s.amazon-adsystem.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.cloudflareinsights.com
stx-match.dotomi.com
sync-adform.ads.yieldmo.com
sync-amz.ads.yieldmo.com
sync-pm.ads.yieldmo.com
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.colossusssp.com
sync.crwdcntrl.net
sync.extend.tv
sync.go.sonobi.com
sync.inmobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tags.bluekai.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
um.simpli.fi
um2.eqads.com
unpkg.com
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
usr.undertone.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.notateslaapp.com
www.npttech.com
x.bidswitch.net
a.teads.tv
aax-dtb-cf.amazon-adsystem.com
bidder.criteo.com
cafemedia-d.openx.net
direct.adsrvr.org
hbopenbid.pubmatic.com
ib.adnxs.com
prebid-server.rubiconproject.com
tlx.3lift.com
104.18.33.19
104.18.36.94
104.18.99.194
104.36.115.111
104.36.115.113
107.178.246.49
107.178.254.65
129.158.42.199
13.249.37.223
13.249.39.67
13.249.39.80
13.32.151.21
13.32.151.45
13.32.151.6
13.32.208.62
13.32.208.89
142.251.32.98
151.101.194.49
162.19.138.117
162.19.138.118
162.248.18.37
172.64.154.237
178.250.0.163
185.167.164.39
185.184.8.90
192.40.39.223
198.148.27.140
199.127.204.171
199.187.193.182
199.250.166.129
20.127.253.7
20.40.202.2
2001:41d0:701:1000::31d2
202.241.208.54
204.62.13.72
207.198.113.93
216.200.232.249
23.221.200.33
23.221.202.212
23.221.203.12
23.3.115.102
23.78.168.242
2600:1f18:4e9:5a05:b0ca:7df6:43a8:f557
2600:9000:20aa:6800:11:1ed0:3900:21
2600:9000:20aa:8600:1:a3fa:7cc0:93a1
2600:9000:2191:fc00:1f:2473:9080:93a1
2602:803:c002:200::32
2606:4700:10::6816:3556
2606:4700:20::681a:79b
2606:4700:20::ac43:442f
2606:4700::6810:3865
2606:4700::6810:7caf
2606:4700::6812:116b
2606:4700:e6::ac40:c60b
2606:ae80:1471:19::1080
2607:f8b0:4006:80b::200e
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80c::200e
2607:f8b0:4006:80d::2001
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80e::2002
2607:f8b0:4006:816::2004
2607:f8b0:4006:817::2001
2607:f8b0:4006:817::2003
2607:f8b0:4006:821::200a
2607:f8b0:4006:822::2001
2607:f8b0:4006:823::2002
2607:f8b0:4006:824::2008
2620:100:a001::18
2620:100:a001::c
2620:112:f002:bbbb::21
2620:116:800b:21:b08a:1dc5:659b:4055
2620:1ec:21::14
2620:1ec:c11::200
3.13.195.187
3.224.200.106
3.230.146.96
3.231.190.210
3.231.99.187
3.33.220.150
3.89.34.248
3.92.113.255
3.92.156.8
3.95.45.40
34.102.243.38
34.120.155.137
34.171.234.26
34.205.97.218
34.229.3.43
34.98.64.218
35.171.241.248
35.172.99.217
35.190.60.146
35.211.178.172
35.241.45.217
35.71.131.137
38.91.45.7
44.197.49.190
44.201.217.92
44.209.207.157
52.1.62.93
52.20.56.171
52.223.22.214
52.33.139.122
52.4.33.45
52.45.33.138
52.46.130.91
52.71.247.220
52.94.222.140
54.146.141.63
54.149.113.230
54.152.229.173
54.163.73.10
54.196.39.164
54.198.41.119
54.243.215.75
54.82.108.184
54.85.151.23
64.202.112.63
67.202.105.24
68.67.160.114
68.67.179.153
70.42.32.31
72.247.65.183
72.34.250.75
74.119.119.139
74.81.93.82
8.2.111.121
8.2.111.123
8.28.7.82
8.28.7.84
8.43.72.98
96.16.28.127
99.84.184.78
012deec03fbfd6c92c075b502ee777e094cd1a0cedb202a84cde1218b3b60fb4
02a6f7da76faf52a90feea9f610183f8ca7bd7b20a74d41ad27283d945eacc1a
03a87e15b20c77d97e00f0142587faf28a941a1f9ef10f15296aef7689812616
03b6c2614512cf2c9e211603695dfd3934688b42d44563ea116b34263aafa81a
04a298d28880bc4516f2b3ef8116b41828d8ccfe778863c20f82a27e6ad0b0e1
052c9f85a31270fda1d91498bc43786bbf7f4727745df2832543a3e111d75b80
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06afbe95f7fe4c40349749b304ff11518d63881145b4c57eca68cb44b562de79
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0733a93cc1a710f3da6ae1a8608ae13a6b3cdd375ae1ee495d8cdc68884995c7
099cfbb5c88c3d6d619a522cf8163fff1f927b1e610c7cbcccf7a1a3adba1905
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d232bf370ad37e90f5c08dc82e1f1ec0c50f604a5cfd9235608178a350c69de
0dfb677bfef2f3b6b9bd5c029f9895a4a0f68a380f7d2412b38802fa8a01a522
0ed9f50ebd146a91e79142b120d8cff70ac1ebae98533cadc434b164dbb24684
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
0ffa54315d2b04ea0d18c835aadaa9bdc8721782c4e62c6c33ab3221745612e8
11b2a9f4f6c6d82d7ae0cac2a5204c93e85f8d2573a13bf8173075f57405ab44
132fa7d064d1993dd8c6e04569b3cafd75facc71cab6ee8ab866fd5d3fce9127
13758fdece627c8f82163b617a1048e72c6393c7a34754f33342cb30cd4888f6
1627605b7f342fd2db444aa3a64e98e47ddfebf2e21e3d42ede13853029e5491
19793f437b7f46c152b6a93410a36862b31ee37fb227ac1f3c550df7b0b78aef
1997452496d7eea9fc1ca0c935788f469dfb4a99d494b17af0f0d88792ec3a27
1a1fb6db1c9f1590294cb8190cfa160f888dc1bbf486d0b1c34640606d190b0c
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
1b8a1e0af4fa9dc8e308f3a9be19421aea123736b829d7427893bfd93f4dd8e4
1d53d874ff0037788b1b33b17b9886a3d9e78af4c885560a5271b3d7b9abf177
1e8a423450fb3946e93b6dbd2e3c57989f321975c94183e1951e7d746de78465
1f388e527f3c8a1030ab89bfdba9df23abd1b93f7070089d22968db8fdf8c6b8
2007ae6d477f93f9e68194fcd9290851eadc66952a2f1f4502418dbf85586f8c
24605a615fda7af9470b768813803fa1c321e30ed8d69fc96b0ae2aa11e0484d
24f01a0e8e5c01058e2bbc279fcd2b3fd359e4f32a25da65f0f264f83f639fbc
25644b5ce98e0f80a270264717298e512470e4355f8ca099d1e0754e4a51d169
25c63e8a39aa7cb92376296daea574876c8eb7c48755d2759d69376482e56c8a
2606bb5c3dc19714fe9aae7aab1b6cf10452c4e5eedd30d6a5a8b75892f733af
2618ddd431518fca8ae077fe954bf6e98aa4e3e1e9dc59efa360fb57a4697b01
26cdf415d828499005a5db9764380141283134a280ef3a78a65d3c2f6ac16807
27257680e58829bb8a0efc80c3d078a9896f472dbea21df5b599f6bac085eeb7
27af37e8eb64d3543696753181b83f0867cf2f9ddc3f51a7c4b3c03237c36dfb
2ecd64bf37603bb64f51992b53fb4291f31fff619c7e16021ab2e5a89b174e9b
2f6098ed38a8b32237d8136b5c58a475c9a8c3fe76913f1c32fe8f466106e419
2fe09af5cea02994b7a6ced4a78a7a171580e960222ec42ab84f12ad4e52d710
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
324cb371edc9405f2a2c55d89248ada90510a42bf3d1b24abe575614b0bc7ac5
3281124c975cc6ac17bda547deb94cc58e7a520f06745bd4e9d7c8c7fd5576e2
331960c478cb980624cdd4781e1cd57d8b4d1590034153d0c9b223a5299ed8b0
34e76594fcd8cad9f9ecb3e024cef6b2c29aae9af3c9184bf6a0c786e54e1713
35e29252dafb90e3154c19f560ddc1727f0f85b518cf864138e140fb42a155b1
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
39fae3dc476aaaa594e2c963401633dd5d02eccb3c175eda03912cfe0f91c92e
3ab504252bd43e2d4e7e46f8803b78730844a06811d8310ccf5c4a1f6a632bc2
3b5fe159716b488574c118fa03368bdfec6051190df3de6bb454fb457baf38fc
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40e5ca69053fafd83e941d5e32ea0c6b326ac6ea0106dc223ed01c03a561a469
415e9c01447088181ce86f7c294179c92cf8abba5a26723f7aec64e7f9a1b439
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45d87635b90a2f1451cc137f84467b55f4e16fecccd0789ac14021e80f625a82
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c1aee9e3d46dfe7acd78b5a549cda6060dcd511d78964eb27bd61b6aa6e2543
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ec55cf8e82a0128ed039b4ec981c7e962dac55cd41e1728d844d406fcb7bb38
4ed815035bc0200ca756112779c6a550e6d01333b84e25d7c517fc21479ab2fa
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fab6095d8a191a1a72d0ea006c236c32aa8bf38350e49d4d2b2f521e3597ba4
5208049b95006ae7341b880ce9c336675b0e6c6f8f819b12b6713a26f290abab
53ed6bfc84a715fae3d5f6b0f8f8b4745d014e62e073dc650311ba66733a3529
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54bec5c7338f72786777e2f819ded550993870ca982f719c1737baa10a5bb1fe
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566c4e04c98a4dda7a170a1212ea1bed5efa8b778181f0733798fcf12b62380c
583e6c2c6f4cd67501a50f0a12c50a90d868fd44ec5bed94c7ef6d99fd0d3cde
594cbc046eaf6d1d29db0cc3643a459ac77b6a2b8bb424519b9b6bfe0587b25d
5a649d454517d4df892198f2a476c2e012b056ad4cb5c64135a755c19e240909
5ad86a767ba6d81e8e7c3939394623daabee6ea5416eae8cee9590ead2953626
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1
5b9fd0ac1a8e557b0d6a4bbc6503a288db334fac333d29012c5e3d55302a0b65
5beea097104dc4c1b27c46946b322b05023b042bc0c89e3016c9dd12232af7b5
5ce88b0880adb4e5fff34fe4b3708c8b82991f343f95ce34c483666a8d11f076
5cf34af461fc092e689872d8478010c5cf0c6cf74ada86888ac6298e69863191
5d4297f01b263a00e5bc7810ffc0db0b0258e22628084be636c5c6282bf8eb02
5e8683f4e4185008ddc87fc82f4c7a74a8b7b334e8d5d16e61e74fc6c94fd476
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6102575cd8e8cbd2045f9724a09f80f682ec8e8427fc87ddb0e636816a577628
61b9f5b9742919378d508f715482b14a3f224e2e57f171685cd39399df95a4a6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
621f9bde5de53516c1b477bc98f0f66596562045673ade3a1544760f0ada0ef8
6222e776c65a28ac9a76ae249b606d68f8ebd9208770096d6a96424940779b56
629d62adfad8d2674fb6b83a8ba85e3d76dd9f0e63a7a51b5753d0ea223af396
635127efc3432b97b13e89fdc3d86de186bb7ca7e3d71da1ee17d33af68ad62e
63c09fdceddb600e6fbc240eafc1270be6e1735ec87086af1a643b4f6d4adcb4
646602d51b516d8e5462483f63a38e99d9960d569f04e1b67ed84a0cb748188a
64e1f9a13eb2d40d8090065b054877ebb0261312ad9410b4d02cbfdf5e1ee175
6679dacee12b82125421209763f795ddf21d8acbf5cb9094e01e3efa0c821d8d
68daf5bd9470eba988e289b6d1124d8ba50acb46d6e3b8810bf404fbec0f1afb
68f673bc235adaf2ec82cb034c15c0cf4cddb7bd5427c9ba9a1724a6ae9cb9dc
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6a8853431096e07712f289b84fe13b98ed2bba0b31f6b1a925f99b7dc66a0db7
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e581fee1c8a40386d3a13e85778db6642224d309a2d874ddfe163b066d13ee2
6e9a84878126cc4ab35940902c40584d48c819b3e097cdf8add764600bc07fa3
6f1c61b6de3184d65406f0c14cdc677634057a33f6f63c73db1a90de10452fcd
6fa599a5cb872729a9d1a6adc3dbad43ef54806e6ea4881ba799b300174fb956
6ffea0183b834d347c79b3412d50d324905390597ef446f2ffe5a8bee4771771
702fe0aa745cb73668e86594a701e271e79f4a9bfafb472915ba400751df76b2
7179d659049d922bc40c68542957a93bc3f87a4c5405f9e0f55a5b30ae12071f
718b64a56a1347a3e26ad729b15c32130635ced9c6363c71fb82ede6c5469a25
72fa64c36ef0a408d1dec7be4cbba69a47d1ea84c0f0f1183f68147f2c9aaaf7
73e48e53d689e0c0d37caf36eb739e95b47eba3e35779eff298bf8e008b4f4ca
740234740a7d05578201539bf27c43734d8d7923a93c3322b7bdaaf9fce6f2bf
7476ed66b92beb7ba971c5f81a2b5ddd8941b2251acbf69926fe3e21c9765791
750c2ae6c0bf1ddc92ecbaffc384e130eaaf2d9644afb1ea23e591e435fd124a
7667c6afa0557de2c13835cfed91554cfa9e4b54c4ba1fcd1319ef185996e434
76ca2dc0dbb8c6e53c1cc799427fec7581c7d3a0276d19782da2ce12196482ba
7905e13c18e491cc9b48acde1cf12995b5c22fe26f5e7528a0d54c9960c91bc4
79da237116c29209e76b80ebaeb4c688abd1f9b513e2f1a68c06fa06419c42e4
7a1d708a763a13c02895ace61129b114acc93f5602c36557f9b41b1129200212
7aa16eac704fce3c8f9b201760894130868594faad7d789424685679335dced7
7ae1e02a3f8189e21f649e730c48b30909bc0717e01dfab58685b0d3b816bc88
7c223edc3992be2228ac26b845ad904ea5c3dcce8dde45e7c4039d43e31dffe2
7ecc43c58663f0215c7ed6419a0229898134712d2c6abcccc7f7155e897bcd30
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8194abbf5e7474a91716c57fa1249c78ca5c7abf9563c2a5ed476ba1b6465dba
825bf822d401d31d40ba24b8691fa28e26917ad6c8b17c0835de8d4a334a628f
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
836b82e5763aefa91a59e10a6463cb73d8c5b451c43a7f4afcbfe88855b93c0a
83e7e1b9a3e40e3e23facc9dc63bd6fe9dfdbd8bc65ce528c7de32492e20f121
8544ab9e3c909a407543379380a7730f4f0d48df828d07cf6757f72f61670370
86648e3d719ec4241881ad3288ea66ded0941e14d3c3c6f0cb3b33f80186c888
86d4d67d380d6ebb2d819aacd90477c2fc6d43aa1a26482b78d1c9bcf2158545
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
87b746d43f5e28bbb73946f9289d74f6fa5c98b07e1688ae6c38993352084e82
88c238eb527c695f90f0a3033141eb25fa47361335c4c33fb71aefb668e4a947
8cc7d1207cd33d644f43a10d993bbb70dfc285314dc39680ca0fed652abf5630
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
8efe12be22edf21c5bc20df9f3a7d3ac035efd730aeeafcbc8f2ef927bb8ee00
90398d274e093821b066f9bc367d1ddb8e2fa9d18d7660c10cc3704c4d9f519f
9114affd6fd3a142b6305f368e4fe63b8bc7fc980f421e6b1916523588c0e26c
91e96c9a4a33660bc34f7720d20255c237192f1d299e873cd17619e15001a98b
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
93cc8dfe71bbdc66e2e4a3c017e7b33ed3e3ee7457db1e41f1f80f9471e93cb8
94a369f9f46bd3be9bf56a4f1a983221c24e3e782167fe064c70fe8d87a030b3
98902d7ab19b23572a22a8c8d6bc11621959c5aae6b531af933cc6f437c8a01f
9979221eec47d0b70c673f5275778141179378f9dc54c317b74d4a32a042638d
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99f10729c15cf2cd689721db494021f8535a772dfc7916d189cee89abddc31ee
9a14b700bc2581383cfae352c91f00fc65439392344a2f823a9645e8546a3bde
9aa765089a12e213fc757d0bb21f3f20ff0541db6900aa7f585a9e5442a7c381
9ddfcef0d0f263f0224c19423604a3389cd807e51b3179ccf306001f2627a0b2
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a086129b23a47d77d675cfe90d865fbd722424b7ef546fadbbc21f62924f465a
a0c2a3eadd94cb5e0e82c37568b2587f5fadcd1e0c161ef8769a38eea4787d0e
a2e9089d4560e7ece4ae0bb6c6dfcc5a760aa50729da005b1eabcf2ed67f3cce
a35530c7e2de672d715cd9eabf8630068f8edca6db4754d4e806990b910dd64c
a49397e0fa8a773e383a4eb11dce7c71ba3a6e537a257c465fda3dbba4273a9e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a63506fb420990f57b718352691d603bd8c4574bd1182dd2f274fe276b83493d
a6baaf2ed0cf38621a11accc672354b46749f170d2f86ec68a7755f5e4a541bc
a744d98d4cf90a8f6a6c30d9a18fe487b988ebe20a63c604beccecb96e59bb05
a7dd9ba96a2574057d279cfde1cad0214bd7f951ab6ad9809ed7524b0be5238d
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
ac0b1c6b0149f9c0a7aa1ffed5cbfa820b55fc53877602a63eb194f0a05ed876
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
aebc9e41a275f16f51c1539be841bcd8ce2d4a3da1206c84220fdb02e5623541
b13ee23847c33658eede97d4b3cde752af5f976251b3c7e63ae68d18652b0505
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b24935b56b62e594113332bf1438a3df3641e006ffd02454d3faeb0f98b8f8b0
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b48c93e9d4d70a823da50bb4374a41fa4dcb503f7b25f001f87d1618186d8fc8
b64ec02c3d13558e9f2a4cb7815997cf1ebc3a7cd5c09010ae49ad333f4ec83f
b6630a5fc4a7966c6db002b3f419b3a80d8d1002c794f27b03a1b9b092c1c880
b94047a885ec91143818ebb76251e206a303a492429f67defc1c2e46c10c41c9
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb8c1c5aa9ce463b8db81ee99af430c2445f7333a6a3e4d48c5609d864cae41b
bc6c4ce419560989deb88ec1d96d318d24ae50f301f1836ad5e9cf348e65910e
bca908071ba629f3bccb9c09c55e524561113fe41be5be8a274c489e4bcd6285
bccdb3a5c7cee62fcf847cf429062e56d43d87bb9ff51b47ac356814a98b1891
bd80356efd749b6f368d6d4d51b80576dda7ef0affe8f1d325929e301ae57d7b
be18976d038b1e00f25afeecabf058c70ea559738f950d2cf11b390bc583cac2
be5aeaceef0ff6cadd7bbd776cbadc5f308b40fbcf4d94539f75b9d7ffea7842
bf3a35c2458d2465a9335a47473a03eac834a3174cec379847d0ec80b3146cc0
c05a21c8dcf050e0e94eebd5d61ec89f42d6f18963f8c5f5e88a85c446c49be0
c0b59c362ae740c391e742fa4517d90b9461b416b9bec855d14c04603dbaf71c
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
c453051f5681e2252a535518950ed9ee47a6bc42b0419bbbeda51f4fbf8b0f00
c4e32c5372861f11185b57c491aacac964b320c83a7c3831cb2c638daa8ab81f
c623a5624d528c050d94068cf2ff88a1fbf6c02afad76eaab848f2027441b97c
c77c73031f12ad805be49f065989e35ee84cdeaba71e1b64c650732c921409df
c7d8253f6f58346b39bd0d7cc84577d7d161e0d399958d7d8330c21503c8f659
c7f832fcc05ffce1d756792e4890a569170ca02a9a67d1d6c3cb4381ce4a48a0
ca936bede032e6142754d7011cbcb69c61a773d8ed6808b69e48e8966eaf08dd
cb260fbfa3add6553864bf1c8dd753a45d7a1504b159c8aa6cbec89f9223a89d
cd32ac808b323ce6c8560cba52ebba764864c69205de549821a41e1c21cbe51d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d155e5830e7e9913048d1612a000a7912e9498fd735faa5f0dd8e4fe39268506
d183dfc33d76d9c16a322cd4f10acb538c4c82859c0ba9aa072497283cd46771
d25e9a5d3ea0ed39f13fd80e5cd68879bdd36f5d291a7679f43e4318d2341721
d39d3a01366249aca6ac4d2fe983cb75740baf639b367ca1e34e998bc9e3942f
d495b605d874fff6c44230b7a0fcea83f8939d7b8c852a68e1673d9569ef9100
d510f69a0ebf254a395d4e331d242ac398497babb08413db0a2f8d1b95cceef2
d544031079132960f7b2f8f3f039672fa4e3eb7e7df1947689fe5b08829f6ec2
d5a28404ee25c535f69828bb4e2e7454ed96d579e0cb85ed7429b631f0ac69b6
d5eacfbef6e883869dcd7bed5e4891901909e463e88fca88ce67e9c90018666f
d698ead8474efc4ae550bb6f6cfb3c92825271d161071995b4824d14a8873d81
d6a218c62d93bca75cc9bfc9c27554e7d0abb82aa40f685ed386b392ab483f1a
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
da53c29d865773a7d8c593a900c28867aecc14ed65788ed544867b2442a4dc08
daff819f035e671416029f0710b25ccf7cbf5b82361ebaa9a6eed34e1fe14b6e
dc63c0251c229d9875924c94e7f83b32ee77aa2551b485c9e4898475cc1f743d
df59d32b011719d3717d95781f58fd07f14f01770f4ba8d05589148dd37da66a
df5fbf95da767cd69bf67c2b02a53061e20b6c28589f61431769ae684a3ff9ff
e0a6cf58dd80c6f6c2cbac9c0cbe4055b6ed672a8dffe0c31ffbc05eff95a2fd
e37c031766281241c1659b1de4a3f03063e9f18813da28020ce4cb366662c332
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f90957b0f1469fdcbc1d1f1233abfd7923b2779a0ccf018d1c9e5d0d24e2c1
e4d76bd55629f3de04f3754cec7b90e4301d2d7718b16016dfff28c5c850e591
e566dd499b8194e3e62ae8d1ee04cea7be0fb5d1cfb09c30ed22e9fde1a728b6
e6ba55ab927f6d4a909ab2b23117028fb5215e47875b1d06a25e957ca313a1f9
e85eb299ab524fe79fa27ae644cf8e50c840719e968c77ff35b9b22d7c4ae7dc
e90ac55ec00d8912f79ccad5b0441f1bb4a87162b9b5b149098c8250e62071be
e9a7941d6c42e6714514a93d70898ad8bce77e94b0ca8e4e4660a7f632da15bb
ea3a1376f6a49d6eeb315545bad4d52ff7cb3b46135879d221e48f2eb54fd257
eb1d5fc3b8af87301d2ba5085dd4d700adaa30e8d32f5e5026d0150d773e2426
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ed3ac098b3062d8146bb87e4d9926d4e1ff9cb6266da66b9878f55eeebd558db
ed3f733ee5f1ba624aa0c053a88a0b56a3c2933b40a7ae35dfe2febe545a1d33
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef0cfe86bb48e434fae6ea677fca71bb60d6d7f50a8746d7ae0982d7ba9f2114
ef0e3544088abb1a74d7fa41110081eae53d5cabb0f57d5cc8b9184aa8e24e20
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d
f098f180db08d59ee2029f821403108c082447af23564ebf07aeec1d2ed4c59a
f3e0ac5e86b8e6aece7d2809b39e01f320f87319271f9d4405fefc6bfc7751ed
f648e51a4e7c84e4bccec40b87eade9ff8fdd6e4e9975263ea5dfde9c19b1b52
f824ef0ce7a02baeb3e27e2eea5e3940d6616cb477db67e4514f6cc66d01d656
f9f85a44a1f63d0eba65f1f0030e46b0324b9909227093716782590c24d9ca54
fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce
fdc4047ec4e20637064789f6849ccd09e2ce1c27bbf63ae07e3cfd5f936467c8
fdd496ace92a8ca730e931577955f0767e769e7f56b5027dda30e7448552381e
fdde6efffb59a03e908934a7b20bc633cf96fcba65e7311a07cfb0407167aed7